CVE-2024-0123

NVIDIA CUDA toolkit for Windows and Linux contains a vulnerability in the nvdisasm command line tool where an attacker may cause an improper validation in input issue by tricking the user into running nvdisasm on a malicious ELF file. A successful exploit of this vulnerability may lead to denial of service.

CVSS v3 3.3 LOW

3.3^/10

CVSS v3 : LOW

Vector :

Exploitability : 1.8 / Impact : 1.4

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact LOW

Scope UNCHANGED

References

Link	Resource
https://nvidia.custhelp.com/app/answers/detail/a_id/5577	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:a:nvidia:cuda_toolkit:*:*:*:*:*:*:*:*

OR	cpe:2.3:o:linux:linux_kernel:-:::::::*
	cpe:2.3:o:microsoft:windows:-:::::::*

History

18 Sep 2025, 18:10

Type	Values Removed	Values Added
CPE	cpe:2.3:a:nvidia:cuda_toolkit:12.6.0:update1:::::: cpe:2.3:a:nvidia:cuda_toolkit:12.6.0:-::::::

18 Sep 2025, 17:56

Type	Values Removed	Values Added
References	~~() https://nvidia.custhelp.com/app/answers/detail/a_id/5577 -~~	() https://nvidia.custhelp.com/app/answers/detail/a_id/5577 - Vendor Advisory
First Time		Nvidia Linux Nvidia cuda Toolkit Microsoft Microsoft windows Linux linux Kernel
CPE		cpe:2.3:a:nvidia:cuda_toolkit:12.6.0:update1:::::: cpe:2.3:a:nvidia:cuda_toolkit:::::::: cpe:2.3:o:linux:linux_kernel:-:::::::* cpe:2.3:o:microsoft:windows:-:::::::* cpe:2.3:a:nvidia:cuda_toolkit:12.6.0:-::::::

Information

Published : 2024-10-03 17:15

Updated : 2025-09-18 18:10

NVD link : CVE-2024-0123

Mitre link : CVE-2024-0123

CVE.ORG link : CVE-2024-0123

JSON object : View

Products Affected

microsoft

windows

linux

linux_kernel

nvidia

cuda_toolkit

CWE

CWE-1285

Improper Validation of Specified Index, Position, or Offset in Input

{"id": "CVE-2024-0123", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "psirt@nvidia.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 3.3, "attackVector": "LOCAL", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 1.8}]}, "published": "2024-10-03T17:15:14.030", "references": [{"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5577", "tags": ["Vendor Advisory"], "source": "psirt@nvidia.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "psirt@nvidia.com", "description": [{"lang": "en", "value": "CWE-1285"}]}], "descriptions": [{"lang": "en", "value": "NVIDIA CUDA toolkit for Windows and Linux contains a vulnerability in the nvdisasm command line tool where an attacker may cause an improper validation in input issue by tricking the user into running nvdisasm on a malicious ELF file. A successful exploit of this vulnerability may lead to denial of service."}, {"lang": "es", "value": "El kit de herramientas NVIDIA CUDA para Windows y Linux contiene una vulnerabilidad en la herramienta de l\u00ednea de comandos nvdisasm, que permite a un atacante provocar una validaci\u00f3n incorrecta en la entrada de datos enga\u00f1ando al usuario para que ejecute nvdisasm en un archivo ELF malicioso. Una explotaci\u00f3n exitosa de esta vulnerabilidad puede provocar una denegaci\u00f3n de servicio."}], "lastModified": "2025-09-18T18:10:58.990", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:nvidia:cuda_toolkit:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "312DD4D2-92F9-491D-AB3C-A6213E662B4F", "versionEndIncluding": "12.6.2"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"}, {"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "psirt@nvidia.com"}