Bug#1104137: nvidia-cuda-toolkit: CVE-2024-53870 CVE-2024-53871 CVE-2024-53872 CVE-2024-53874 CVE-2024-53875 CVE-2024-53876 CVE-2024-53877 CVE-2024-53878 CVE-2024-53879
Andreas Beckmann
anbe at debian.org
Fri Apr 25 22:20:30 BST 2025
Source: nvidia-cuda-toolkit
Version: 4.0.13-1
Severity: important
Tags: security upstream
X-Debbugs-Cc: Debian Security Team <team at security.debian.org>
https://nvidia.custhelp.com/app/answers/detail/a_id/5594
CVE-2024-53870 NVIDIA CUDA toolkit for all platforms contains a
vulnerability in the cuobjdump binary, where a user could cause an
out-of-bounds read by passing a malformed ELF file to cuobjdump. A
successful exploit of this vulnerability might lead to a partial denial
of service.
CVE-2024-53871 NVIDIA CUDA toolkit for all platforms contains a
vulnerability in the nvdisasm binary, where a user could cause an
out-of-bounds read by passing a malformed ELF file to nvdisasm. A
successful exploit of this vulnerability might lead to a partial denial
of service.
CVE-2024-53872 NVIDIA CUDA toolkit for all platforms contains a
vulnerability in the cuobjdump binary, where a user could cause an
out-of-bounds read by passing a malformed ELF file to cuobjdump. A
successful exploit of this vulnerability might lead to a partial denial
of service.
CVE-2024-53874 NVIDIA CUDA toolkit for all platforms contains a
vulnerability in the cuobjdump binary, where a user could cause an
out-of-bounds read by passing a malformed ELF file to cuobjdump. A
successful exploit of this vulnerability might lead to a partial denial
of service.
CVE-2024-53875 NVIDIA CUDA toolkit for all platforms contains a
vulnerability in the cuobjdump binary, where a user could cause an
out-of-bounds read by passing a malformed ELF file to cuobjdump. A
successful exploit of this vulnerability might lead to a partial denial
of service.
CVE-2024-53876 NVIDIA CUDA toolkit for all platforms contains a
vulnerability in the nvdisasm binary, where a user could cause an
out-of-bounds read by passing a malformed ELF file to nvdisasm. A
successful exploit of this vulnerability might lead to a partial denial
of service.
CVE-2024-53877 NVIDIA CUDA toolkit for all platforms contains a
vulnerability in the nvdisasm binary, where a user could cause a NULL
pointer exception by passing a malformed ELF file to nvdisasm. A
successful exploit of this vulnerability might lead to a partial denial
of service.
CVE-2024-53878 NVIDIA CUDA toolkit for Linux and Windows contains a
vulnerability in the cuobjdump binary, where a user could cause a crash
by passing a malformed ELF file to cuobjdump. A successful exploit of
this vulnerability might lead to a partial denial of service.
CVE-2024-53879 NVIDIA CUDA toolkit for Linux and Windows contains a
vulnerability in the cuobjdump binary, where a user could cause a crash
by passing a malformed ELF file to cuobjdump. A successful exploit of
this vulnerability might lead to a partial denial of service.
CVE IDs Addressed Affected Products Platform or OS Affected Versions Updated Version
CVE-2024-53870 NVIDIA CUDA Toolkit Windows, Linux All versions up to CUDA Toolkit 12.8 CUDA Toolkit 12.8
CVE-2024-53871
CVE-2024-53872
CVE-2024-53873
CVE-2024-53874
CVE-2024-53875
CVE-2024-53876
CVE-2024-53877
CVE-2024-53878
CVE-2024-53879
Andreas
More information about the pkg-nvidia-devel
mailing list