Bug#1008695: nvidia-cuda-toolkit: CVE-2022-21821
Andreas Beckmann
anbe at debian.org
Wed Mar 30 20:35:16 BST 2022
Package: nvidia-cuda-toolkit
Version: 4.0.13-1
Severity: serious
Tags: security
https://nvidia.custhelp.com/app/answers/detail/a_id/5334
CVE-2022-21821 NVIDIA CUDA Toolkit SDK contains an integer overflow
vulnerability in cuobjdump.To exploit this vulnerability, a remote attacker
would require a local user to download a specially crafted, corrupted file
and locally execute cuobjdump against the file. Such an attack may lead to
remote code execution that causes complete denial of service and an impact
on data confidentiality and integrity.
Affected Versions
All versions prior to CUDA Toolkit 11.6 Update 2
Andreas
More information about the pkg-nvidia-devel
mailing list