CVE Vulnerabilities

CVE-2023-25523

NULL Pointer Dereference

Published: Jul 04, 2023 | Modified: Nov 21, 2024
CVSS 3.x
3.3
LOW
Source:
NVD
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu
MEDIUM

NVIDIA CUDA toolkit for Linux and Windows contains a vulnerability in the nvdisasm binary file, where an attacker may cause a NULL pointer dereference by providing a user with a malformed ELF file. A successful exploit of this vulnerability may lead to a partial denial of service.

Weakness

A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit.

Affected Software

Name Vendor Start Version End Version
Cuda_toolkit Nvidia * 12.2 (excluding)
Nvidia-cuda-toolkit Ubuntu bionic *
Nvidia-cuda-toolkit Ubuntu kinetic *
Nvidia-cuda-toolkit Ubuntu lunar *
Nvidia-cuda-toolkit Ubuntu mantic *
Nvidia-cuda-toolkit Ubuntu trusty *
Nvidia-cuda-toolkit Ubuntu xenial *

Potential Mitigations

References