Source: nvidia-cuda-toolkit Version: 4.0.13-1 Severity: important Tags: security upstream X-Debbugs-Cc: Debian Security Team <t...@security.debian.org>
https://nvidia.custhelp.com/app/answers/detail/a_id/5517 CVE-2024-0072 NVIDIA CUDA toolkit for all platforms contains a vulnerability in cuobjdump and nvdisasm where an attacker may cause a crash by tricking a user into reading a malformed ELF file. A successful exploit of this vulnerability may lead to a partial denial of service. CVE-2024-0076 NVIDIA CUDA toolkit for all platforms contains a vulnerability in cuobjdump and nvdisasm where an attacker may cause a crash by tricking a user into reading a malformed ELF file. A successful exploit of this vulnerability may lead to a partial denial of service. CVE-2023-31028 NVIDIA nvJPEG2000 Library for Windows and Linux contains a vulnerability where improper input validation might enable an attacker to use a specially crafted input file. A successful exploit of this vulnerability might lead to a partial denial of service. CVE-2024-0080 NVIDIA nvTIFF Library for Windows and Linux contains a vulnerability where improper input validation might enable an attacker to use a specially crafted input file. A successful exploit of this vulnerability might lead to a partial denial of service. CVE IDs Addressed Affected Products Affected Versions Updated Version CVE-2024-0072 CVE-2024-0076 NVIDIA CUDA Toolkit All versions prior to CUDA Toolkit v12.4 CUDA Toolkit v12.4U1 CVE-2023-31028 nvJPEG2000 Library All versions prior to nvJPEG2000 v0.7.x nvJPEG2000 v0.7.x CVE-2024-0080 nvTIFF Library All versions prior to nvTIFF v0.3.0 nvTIFF v0.3.0 nvJPEG2000 and nvTIFF are not part of the CUDA Toolkit and are not packaged in Debian. Andreas