CVE-2023-25510

NVD

https://nvd.nist.gov/vuln/detail/CVE-2023-25510

CWE

https://cwe.mitre.org/data/definitions/476.html

NVIDIA CUDA Toolkit SDK for Linux and Windows contains a NULL pointer dereference in cuobjdump, where a local user running the tool against a malformed binary may cause a limited denial of service.

Weakness

The product dereferences a pointer that it expects to be valid but is NULL.

Affected Software

Name	Vendor	Start Version	End Version
Cuda_toolkit	Nvidia	*	12.1.1 (excluding)
Nvidia-cuda-toolkit	Ubuntu	bionic	*
Nvidia-cuda-toolkit	Ubuntu	focal	*
Nvidia-cuda-toolkit	Ubuntu	kinetic	*
Nvidia-cuda-toolkit	Ubuntu	lunar	*
Nvidia-cuda-toolkit	Ubuntu	mantic	*
Nvidia-cuda-toolkit	Ubuntu	oracular	*
Nvidia-cuda-toolkit	Ubuntu	plucky	*
Nvidia-cuda-toolkit	Ubuntu	trusty	*
Nvidia-cuda-toolkit	Ubuntu	xenial	*

Potential Mitigations

References

https://nvidia.custhelp.com/app/answers/detail/a_id/5456
https://nvidia.custhelp.com/app/answers/detail/a_id/5456

NULL Pointer Dereference

Weakness

Affected Software

Potential Mitigations

References