CVE-2023-25523

Public on 2023-07-04
Modified on 2024-06-21
Description
NVIDIA CUDA toolkit for Linux and Windows contains a vulnerability in the nvdisasm binary file, where an attacker may cause a NULL pointer dereference by providing a user with a malformed ELF file. A successful exploit of this vulnerability may lead to a partial denial of service.
Severity
Low severity
Low
CVSS v3 Base Score
3.3
See breakdown

Affected Packages

Platform Package Release Date Advisory Status
Amazon Linux 1 cuda Pending Fix
Amazon Linux 2 - Graphics Extra cuda Pending Fix

CVSS Scores

Score Type Score Vector
Amazon Linux CVSSv3 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
NVD CVSSv3 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L