Multiple NVIDIA CUDA Toolkit Vulnerabilities Let Attackers Trigger DoS
- С сайта: Vulnerability(cybersecuritynews.com)
- Вернуться к списку новостей
С сайта: Vulnerability(cybersecuritynews.com)
Researchers uncovered nine critical vulnerabilities in NVIDIA’s CUDA Toolkit, a cornerstone software suite for GPU-accelerated computing.
These vulnerabilities, spanning the cuobjdump and nvdisasm utilities, expose developers to denial-of-service (DoS) attacks and information disclosure risks when analyzing maliciously crafted cubin files.
With NVIDIA GPUs powering everything from AI research to scientific simulations, these flaws highlight systemic security challenges in foundational GPU development tools.
.webp)
Results of running the file command on a cubin file (Source – Palo Alto Networks)
CUDA binaries (.cubin) use the standardized ELF (Executable and Linkable Format) to encapsulate GPU-specific instructions alongside CPU-executable code.
While the researchers at Unit42 noted that the developers rely on two command-line tools to inspect these files:-
# Example cuobjdump command cuobjdump --dump-elf malicious.cubin
; Sample nvdisasm output nvdisasm --print-raw malicious.cubin /*0000*/ MOV R1, c [0x0][0x28] /*0008*/ MOV R2, c [0x0][0x2c]
Here below we have mentioned the all the nine vulnerabilities:-
Vulnerability Breakdown
A month-long fuzzing campaign revealed six flaws in cuobjdump and three in nvdisasm (Tables 1-2):-
ToolCVE RangeVulnerability TypeMax CVSScuobjdump2024-53870 to 53878Integer overflow, OOB reads3.3nvdisasm2024-53871, 53876-77OOB reads3.3
.webp)
Viewing the cubin file with the ELF template in 010 Editor (Source – Palo Alto Networks)
The most severe vulnerability (CVE-2024-53873) enables heap buffer overflow via integer overflow during cubin parsing.
Attackers could crash analysis tools or leak memory contents by distributing weaponized cubin files – a critical risk for AI development teams sharing pre-trained models.
NVIDIA’s February 2025 security update patches all nine CVEs. Developers must immediately upgrade to CUDA Toolkit versions 12.5.1 (Windows) or 11.9.2 (Linux).
Palo Alto Networks’ NGFW solutions (signatures 95847−95856) block exploitation attempts targeting unpatched systems.
Partial list of cuobjdump vulnerabilities (CVE-2024-53870, CVE-2024-53872, CVE-2024-53873, CVE-2024-53874, CVE-2024-53875, CVE-2024-53878).
Vulnerability Disclosure Timeline:-
This incident shows the security risks in GPU software supply chains. As CUDA dominates AI/ML development, hardening binary analysis tools becomes imperative to prevent cascading failures in GPU-dependent infrastructures.
// Hypothetical vulnerable code pattern uint32_t read_elf_section(uint8_t *data) { uint32_t size = *((uint32_t*)data); // CVE: No bounds check return size * sizeof(uint64_t); // Integer overflow possible }
Organizations should audit legacy CUDA projects and implement runtime monitoring for cubin analysis workflows.
The era of trusting GPU binaries as inert data files has ended – these vulnerabilities prove that even development utilities require memory-safe coding practices.
#Cyber_Security_News #Vulnerability #cyber_security_news #vulnerability
Оригинальная версия на сайте:
Multiple NVIDIA CUDA Toolkit Vulnerabilities Let Attackers Trigger DoS
Author: Tushar Subhra DuttaResearchers uncovered nine critical vulnerabilities in NVIDIA’s CUDA Toolkit, a cornerstone software suite for GPU-accelerated computing.
These vulnerabilities, spanning the cuobjdump and nvdisasm utilities, expose developers to denial-of-service (DoS) attacks and information disclosure risks when analyzing maliciously crafted cubin files.
With NVIDIA GPUs powering everything from AI research to scientific simulations, these flaws highlight systemic security challenges in foundational GPU development tools.
Results of running the file command on a cubin file (Source – Palo Alto Networks)CUDA binaries (.cubin) use the standardized ELF (Executable and Linkable Format) to encapsulate GPU-specific instructions alongside CPU-executable code.
While the researchers at Unit42 noted that the developers rely on two command-line tools to inspect these files:-
- cuobjdump (--dump-elf): Provides metadata about ELF sections
- nvdisasm (--print-raw): Disassembles GPU machine code
# Example cuobjdump command cuobjdump --dump-elf malicious.cubin
; Sample nvdisasm output nvdisasm --print-raw malicious.cubin /*0000*/ MOV R1, c [0x0][0x28] /*0008*/ MOV R2, c [0x0][0x2c]
Here below we have mentioned the all the nine vulnerabilities:-
- CVE-2024-53870
- CVE-2024-53872
- CVE-2024-53873
- CVE-2024-53874
- CVE-2024-53875
- CVE-2024-53878
- CVE-2024-53871
- CVE-2024-53876
- CVE-2024-53877
Vulnerability Breakdown
A month-long fuzzing campaign revealed six flaws in cuobjdump and three in nvdisasm (Tables 1-2):-
ToolCVE RangeVulnerability TypeMax CVSScuobjdump2024-53870 to 53878Integer overflow, OOB reads3.3nvdisasm2024-53871, 53876-77OOB reads3.3
Viewing the cubin file with the ELF template in 010 Editor (Source – Palo Alto Networks)The most severe vulnerability (CVE-2024-53873) enables heap buffer overflow via integer overflow during cubin parsing.
Attackers could crash analysis tools or leak memory contents by distributing weaponized cubin files – a critical risk for AI development teams sharing pre-trained models.
NVIDIA’s February 2025 security update patches all nine CVEs. Developers must immediately upgrade to CUDA Toolkit versions 12.5.1 (Windows) or 11.9.2 (Linux).
Palo Alto Networks’ NGFW solutions (signatures 95847−95856) block exploitation attempts targeting unpatched systems.
Partial list of cuobjdump vulnerabilities (CVE-2024-53870, CVE-2024-53872, CVE-2024-53873, CVE-2024-53874, CVE-2024-53875, CVE-2024-53878).
Vulnerability Disclosure Timeline:-
- Oct 2024: Initial discovery
- 18 Feb 2025: Patch release
- Active exploits: None confirmed
This incident shows the security risks in GPU software supply chains. As CUDA dominates AI/ML development, hardening binary analysis tools becomes imperative to prevent cascading failures in GPU-dependent infrastructures.
// Hypothetical vulnerable code pattern uint32_t read_elf_section(uint8_t *data) { uint32_t size = *((uint32_t*)data); // CVE: No bounds check return size * sizeof(uint64_t); // Integer overflow possible }
Organizations should audit legacy CUDA projects and implement runtime monitoring for cubin analysis workflows.
The era of trusting GPU binaries as inert data files has ended – these vulnerabilities prove that even development utilities require memory-safe coding practices.
#Cyber_Security_News #Vulnerability #cyber_security_news #vulnerability
Оригинальная версия на сайте:
