CVE-2022-21821
HIGHNVIDIA CUDA Toolkit < 11.6.2 - Integer Overflow in cuobjdump
Title source: llmDescription
NVIDIA CUDA Toolkit SDK contains an integer overflow vulnerability in cuobjdump.To exploit this vulnerability, a remote attacker would require a local user to download a specially crafted, corrupted file and locally execute cuobjdump against the file. Such an attack may lead to remote code execution that causes complete denial of service and an impact on data confidentiality and integrity.
References (1)
Core 1
Core References
Mitigation, Vendor Advisory x_refsource_misc
https://nvidia.custhelp.com/app/answers/detail/a_id/5334
Scores
CVSS v3
7.8
EPSS
0.0201
EPSS Percentile
78.3%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Details
CWE
CWE-190
CWE-1285
Status
published
Products (1)
nvidia/cuda_toolkit
< 11.6.2
Published
Mar 29, 2022
Tracked Since
Feb 18, 2026