CVE-2024-0125

CVSS 3.1 Score 3.3 of 10 (low)

Details

Published Oct 3, 2024
Updated: Oct 4, 2024
CWE ID 476

Summary

CVE-2024-0125 affects the NVIDIA CUDA Toolkit for both Windows and Linux, specifically the nvdisasm command line tool. This vulnerability allows a user to trigger a NULL pointer dereference by executing nvdisasm on a malformed ELF file, potentially leading to a limited denial of service. The exploitability score is rated at 1.8, with a base severity classified as low, indicating that no special privileges are required for exploitation and user interaction is necessary. Remediation involves ensuring that users avoid processing malformed ELF files with nvdisasm to mitigate the risk. Organizations should be aware of this vulnerability as it poses a minimal threat but could still disrupt services if exploited locally.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share