CVE-2022-34667 MEDIUM

CVE-2022-34667

Vendor Nvidia
Product NVIDIA CUDA Toolkit
Weakness CWE-121
Published November 18, 2022
Last update April 25, 2025

CVSS base score

4.4/10
Attack vector Local
Attack complexity Low
Privileges required None
User interaction Required
Confidentiality None
Integrity Low

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L

What the vulnerability does

01Description

NVIDIA CUDA Toolkit SDK contains a stack-based buffer overflow vulnerability in cuobjdump, where an unprivileged remote attacker could exploit this buffer overflow condition by persuading a local user to download a specially crafted corrupted file and execute cuobjdump against it locally, which may lead to a limited denial of service and some loss of data integrity for the local user.

Key dates

02Disclosure timeline

November 18, 2022 CVE published
April 25, 2025 Record updated

Related vulnerabilities

04Related CVE