Detections
Analytics
NVIDIA CUDA Toolkit < 12.4.1 Multiple Vulnerabilities
low Nessus Plugin ID 193145
Language:
Synopsis
The version of NVIDIA CUDA Toolkit installed on the remote host is affected by multiple vulnerabilities.Description
The version of NVIDIA CUDA Toolkit installed on the remote host is prior to 12.4.1. It is, therefore affected by multiple vulnerabilities.- NVIDIA CUDA toolkit for all platforms contains a vulnerability in cuobjdump and nvdisasm where an attacker may cause a crash by tricking a user into reading a malformed ELF file. A successful exploit of this vulnerability may lead to a partial denial of service. (CVE-2024-0072)
- NVIDIA CUDA toolkit for all platforms contains a vulnerability in cuobjdump and nvdisasm where an attacker may cause a crash by tricking a user into reading a malformed ELF file. A successful exploit of this vulnerability may lead to a partial denial of service. (CVE-2024-0076)
Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
Solution
Upgrade to NVIDIA CUDA Toolkit 12.4.1 or later.See Also
Plugin Details
Severity: Low
ID: 193145
File Name: nvidia_cuda_toolkit_12_4_1.nasl
Version: 1.3
Type: local
Agent: windows
Family: Misc.
Published: 4/10/2024
Updated: 7/19/2024
Supported Sensors: Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: Low
Score: 1.4
CVSS v2
Risk Factor: Low
Base Score: 2.1
Temporal Score: 1.6
Vector: CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:P
CVSS Score Source: CVE-2024-0072
CVSS v3
Risk Factor: Low
Base Score: 3.3
Temporal Score: 2.9
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C
CVSS Score Source: CVE-2024-0076
Vulnerability Information
CPE: cpe:/a:nvidia:cuda_toolkit
Required KB Items: installed_sw/NVIDIA CUDA Toolkit
Exploit Ease: No known exploits are available
Patch Publication Date: 4/3/2024
Vulnerability Publication Date: 4/3/2024
Reference Information
CVE: CVE-2024-0072, CVE-2024-0076
IAVB: 2024-B-0036-S