CVE-2024-53872

{"id": "CVE-2024-53872", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "psirt@nvidia.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 3.3, "attackVector": "LOCAL", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 1.8}]}, "published": "2025-02-25T21:15:16.240", "references": [{"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5594", "tags": ["Vendor Advisory"], "source": "psirt@nvidia.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "psirt@nvidia.com", "description": [{"lang": "en", "value": "CWE-125"}]}], "descriptions": [{"lang": "en", "value": "NVIDIA CUDA toolkit for all platforms contains a vulnerability in the cuobjdump binary, where a user could cause an out-of-bounds read by passing a malformed ELF file to cuobjdump. A successful exploit of this vulnerability might lead to a partial denial of service."}, {"lang": "es", "value": "El kit de herramientas NVIDIA CUDA para todas las plataformas contiene una vulnerabilidad en el binario cuobjdump, donde un usuario podr\u00eda provocar una lectura fuera de los l\u00edmites al pasar un archivo ELF mal formado a cuobjdump. Una explotaci\u00f3n exitosa de esta vulnerabilidad podr\u00eda provocar una denegaci\u00f3n parcial del servicio."}], "lastModified": "2025-09-18T17:54:57.290", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:nvidia:cuda_toolkit:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5A19B5E5-CA6E-4744-B72F-E805816FED75", "versionEndExcluding": "12.8.0"}], "operator": "OR"}]}], "sourceIdentifier": "psirt@nvidia.com"}