Source: nvidia-cuda-toolkit Version: 4.0.13-1 Severity: important Tags: security upstream X-Debbugs-Cc: Debian Security Team <[email protected]>
https://nvidia.custhelp.com/app/answers/detail/a_id/5594 CVE-2024-53870 NVIDIA CUDA toolkit for all platforms contains a vulnerability in the cuobjdump binary, where a user could cause an out-of-bounds read by passing a malformed ELF file to cuobjdump. A successful exploit of this vulnerability might lead to a partial denial of service. CVE-2024-53871 NVIDIA CUDA toolkit for all platforms contains a vulnerability in the nvdisasm binary, where a user could cause an out-of-bounds read by passing a malformed ELF file to nvdisasm. A successful exploit of this vulnerability might lead to a partial denial of service. CVE-2024-53872 NVIDIA CUDA toolkit for all platforms contains a vulnerability in the cuobjdump binary, where a user could cause an out-of-bounds read by passing a malformed ELF file to cuobjdump. A successful exploit of this vulnerability might lead to a partial denial of service. CVE-2024-53874 NVIDIA CUDA toolkit for all platforms contains a vulnerability in the cuobjdump binary, where a user could cause an out-of-bounds read by passing a malformed ELF file to cuobjdump. A successful exploit of this vulnerability might lead to a partial denial of service. CVE-2024-53875 NVIDIA CUDA toolkit for all platforms contains a vulnerability in the cuobjdump binary, where a user could cause an out-of-bounds read by passing a malformed ELF file to cuobjdump. A successful exploit of this vulnerability might lead to a partial denial of service. CVE-2024-53876 NVIDIA CUDA toolkit for all platforms contains a vulnerability in the nvdisasm binary, where a user could cause an out-of-bounds read by passing a malformed ELF file to nvdisasm. A successful exploit of this vulnerability might lead to a partial denial of service. CVE-2024-53877 NVIDIA CUDA toolkit for all platforms contains a vulnerability in the nvdisasm binary, where a user could cause a NULL pointer exception by passing a malformed ELF file to nvdisasm. A successful exploit of this vulnerability might lead to a partial denial of service. CVE-2024-53878 NVIDIA CUDA toolkit for Linux and Windows contains a vulnerability in the cuobjdump binary, where a user could cause a crash by passing a malformed ELF file to cuobjdump. A successful exploit of this vulnerability might lead to a partial denial of service. CVE-2024-53879 NVIDIA CUDA toolkit for Linux and Windows contains a vulnerability in the cuobjdump binary, where a user could cause a crash by passing a malformed ELF file to cuobjdump. A successful exploit of this vulnerability might lead to a partial denial of service. CVE IDs Addressed Affected Products Platform or OS Affected Versions Updated Version CVE-2024-53870 NVIDIA CUDA Toolkit Windows, Linux All versions up to CUDA Toolkit 12.8 CUDA Toolkit 12.8 CVE-2024-53871 CVE-2024-53872 CVE-2024-53873 CVE-2024-53874 CVE-2024-53875 CVE-2024-53876 CVE-2024-53877 CVE-2024-53878 CVE-2024-53879 Andreas

