Vulnerability Description
NVIDIA CUDA Toolkit SDK contains an integer overflow vulnerability in cuobjdump.To exploit this vulnerability, a remote attacker would require a local user to download a specially crafted, corrupted file and locally execute cuobjdump against the file. Such an attack may lead to remote code execution that causes complete denial of service and an impact on data confidentiality and integrity.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Nvidia | Cuda Toolkit | < 11.6.2 |
| Linux | Linux Kernel | - |
| Microsoft | Windows | - |
Related Weaknesses (CWE)
References
- https://nvidia.custhelp.com/app/answers/detail/a_id/5334MitigationVendor Advisory
- https://nvidia.custhelp.com/app/answers/detail/a_id/5334MitigationVendor Advisory
FAQ
What is CVE-2022-21821?
CVE-2022-21821 is a vulnerability with a CVSS score of 7.8 (HIGH). NVIDIA CUDA Toolkit SDK contains an integer overflow vulnerability in cuobjdump.To exploit this vulnerability, a remote attacker would require a local user to download a specially crafted, corrupted f...
How severe is CVE-2022-21821?
CVE-2022-21821 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-21821?
Check the references section above for vendor advisories and patch information. Affected products include: Nvidia Cuda Toolkit, Linux Linux Kernel, Microsoft Windows.