Source: nvidia-cuda-toolkit Version: 4.0.13-1 Severity: important Tags: security
https://nvidia.custhelp.com/app/answers/detail/a_id/5456 CVE-2023-25512 NVIDIA CUDA toolkit for Linux and Windows contains a vulnerability in cuobjdump, where an attacker may cause an out-of-bounds memory read by running cuobjdump on a malformed input file. A successful exploit of this vulnerability may lead to limited denial of service, code execution, and limited information disclosure. CVE-2023-25513 NVIDIA CUDA toolkit for Linux and Windows contains a vulnerability in cuobjdump, where an attacker may cause an out-of-bounds read by tricking a user into running cuobjdump on a malformed input file. A successful exploit of this vulnerability may lead to limited denial of service, code execution, and limited information disclosure. CVE-2023-25514 NVIDIA CUDA toolkit for Linux and Windows contains a vulnerability in cuobjdump, where an attacker may cause an out-of-bounds read by tricking a user into running cuobjdump on a malformed input file. A successful exploit of this vulnerability may lead to limited denial of service, code execution, and limited information disclosure. CVE-2023-25510 NVIDIA CUDA Toolkit SDK for Linux and Windows contains a NULL pointer dereference in cuobjdump, where a local user running the tool against a malformed binary may cause a limited denial of service. CVE-2023-25511 NVIDIA CUDA Toolkit for Linux and Windows contains a vulnerability in cuobjdump, where a division-by-zero error may enable a user to cause a crash, which may lead to a limited denial of service. CVEs Addressed Affected Versions Updated Version CVE-2023-25510 CVE-2023-25511 CVE-2023-25514 All versions prior to 12.1 Update 1 12.1 Update 1 CVE-2023-25512 All versions prior to 12.1 12.1 CVE-2023-25513 All versions prior to 12.0 Update 1 12.0 Update 1 Andreas