ALASNVIDIA-2025-056

Amazon Linux 2023 Security Advisory: ALASNVIDIA-2025-056
Advisory Released Date: 2025-04-16
Advisory Updated Date: 2025-04-16
Severity: Low
Issue Overview:

NVIDIA CUDA toolkit for all platforms contains a vulnerability in the cuobjdump binary, where a user could cause an out-of-bounds read by passing a malformed ELF file to cuobjdump. A successful exploit of this vulnerability might lead to a partial denial of service. (CVE-2024-53870)

NVIDIA CUDA toolkit for all platforms contains a vulnerability in the nvdisasm binary, where a user could cause an out-of-bounds read by passing a malformed ELF file to nvdisasm. A successful exploit of this vulnerability might lead to a partial denial of service. (CVE-2024-53871)

NVIDIA CUDA toolkit for all platforms contains a vulnerability in the cuobjdump binary, where a user could cause an out-of-bounds read by passing a malformed ELF file to cuobjdump. A successful exploit of this vulnerability might lead to a partial denial of service. (CVE-2024-53875)


Affected Packages:

nsight-compute-2025.1.0


Issue Correction:
Run dnf update nsight-compute-2025.1.0 --releasever 2023.6.20250331 to update your system.

New Packages:
x86_64:
    nsight-compute-2025.1.0-2025.1.0.14-1.x86_64

Additional References

Release Notes:  Amazon Linux 2023 Release Notes

Red Hat: CVE-2024-53870, CVE-2024-53871, CVE-2024-53875

Mitre: CVE-2024-53870, CVE-2024-53871, CVE-2024-53875