nvidia-cuda-toolkit - Debian Package Tracker

general

source: nvidia-cuda-toolkit (non-free)
version: 12.2.2-2
maintainer: Debian NVIDIA Maintainers (archive) (DMD)
uploaders: Graham Inggs [DMD] – Andreas Beckmann [DMD]
arch: all amd64 arm64 ppc64el
std-ver: 4.7.2
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 9.2.148-7+deb10u1
oldstable: 11.2.2-3+deb11u3
stable: 11.8.0-5~deb12u1
testing: 12.2.2-2
unstable: 12.2.2-2
exp: 12.3.0-1

versioned links

9.2.148-7+deb10u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
11.2.2-3+deb11u3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
11.8.0-5~deb12u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
12.2.2-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
12.3.0-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

gds-tools
libaccinj64-12.2
libcublas12
libcublaslt12
libcudart12
libcufft11
libcufftw11
libcufile-dev
libcufile-rdma1
libcufile0
libcuinj64-12.2
libcupti-dev
libcupti-doc
libcupti12
libcurand10
libcusolver11
libcusolvermg11
libcusparse12
libnppc12
libnppial12
libnppicc12
libnppidei12
libnppif12
libnppig12
libnppim12
libnppist12
libnppisu12
libnppitc12
libnpps12
libnvblas12
libnvidia-ml-dev
libnvjitlink12
libnvjpeg12
libnvrtc-builtins12.2
libnvrtc12
libnvtoolsext1
libnvvm4
nsight-compute (1 bugs: 0, 0, 1, 0)
nsight-compute-target
nsight-systems
nsight-systems-target
nvidia-cuda-dev
nvidia-cuda-gdb
nvidia-cuda-toolkit (3 bugs: 0, 1, 2, 0)
nvidia-cuda-toolkit-doc
nvidia-cuda-toolkit-gcc (1 bugs: 1, 0, 0, 0)
nvidia-fs-dkms
nvidia-opencl-dev
nvidia-openjdk-8-jre
nvidia-profiler
nvidia-visual-profiler

action needed

Marked for autoremoval on 20 May due to nvidia-graphics-drivers: #1092673, #1103862 high

Version 12.2.2-2 of nvidia-cuda-toolkit is marked for autoremoval from testing on Tue 20 May 2025. It is affected by #1092673. The removal of nvidia-cuda-toolkit will also cause the removal of (transitive) reverse dependencies: astra-toolbox, eztrace-contrib, gloo-cuda, gpu-burn, hwloc-contrib, magma, mumax3, nvidia-cudnn, nvidia-cudnn-frontend, nvidia-nccl, pycuda, python-pycudwt, python-scikit-cuda, pytorch-cuda, pyvkfft-cuda, slurm-wlm-contrib, starpu-contrib, stdgpu-contrib, tabnet, tensorpipe-cuda, tomopy. It depends (transitively) on nvidia-graphics-drivers, affected by #1103862. You should try to prevent the removal by fixing these RC bugs.

Created: 2025-04-20 Last update: 2025-05-01 01:33

A new upstream version is available: 12.8.1 high

A new upstream version 12.8.1 is available, you should consider packaging it.

Created: 2023-10-07 Last update: 2025-04-30 22:00

8 security issues in trixie high

There are 8 open security issues in trixie.

8 important issues:

CVE-2024-0072: NVIDIA CUDA toolkit for all platforms contains a vulnerability in cuobjdump and nvdisasm where an attacker may cause a crash by tricking a user into reading a malformed ELF file. A successful exploit of this vulnerability may lead to a partial denial of service.
CVE-2024-0076: NVIDIA CUDA toolkit for all platforms contains a vulnerability in cuobjdump and nvdisasm where an attacker may cause a crash by tricking a user into reading a malformed ELF file. A successful exploit of this vulnerability may lead to a partial denial of service.
CVE-2024-0102: NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvdisasm, where an attacker can cause an out-of-bounds read issue by deceiving a user into reading a malformed ELF file. A successful exploit of this vulnerability might lead to denial of service.
CVE-2024-0109: NVIDIA CUDA Toolkit contains a vulnerability in command `cuobjdump` where a user may cause a crash by passing in a malformed ELF file. A successful exploit of this vulnerability may cause an out of bounds read in the unprivileged process memory which could lead to a limited denial of service.
CVE-2024-0110: NVIDIA CUDA Toolkit contains a vulnerability in command `cuobjdump` where a user may cause an out-of-bound write by passing in a malformed ELF file. A successful exploit of this vulnerability may lead to code execution or denial of service.
CVE-2024-0111: NVIDIA CUDA Toolkit contains a vulnerability in command 'cuobjdump' where a user may cause a crash or produce incorrect output by passing a malformed ELF file. A successful exploit of this vulnerability may lead to a limited denial of service or data tampering.
CVE-2024-0123: NVIDIA CUDA toolkit for Windows and Linux contains a vulnerability in the nvdisasm command line tool where an attacker may cause an improper validation in input issue by tricking the user into running nvdisasm on a malicious ELF file. A successful exploit of this vulnerability may lead to denial of service.
CVE-2024-0124: NVIDIA CUDA Toolkit for Windows and Linux contains a vulnerability in the nvdisam command line tool, where a user can cause nvdisasm to read freed memory by running it on a malformed ELF file. A successful exploit of this vulnerability might lead to a limited denial of service.

Created: 2024-04-06 Last update: 2025-04-30 18:04

8 security issues in sid high

There are 8 open security issues in sid.

8 important issues:

CVE-2024-0072: NVIDIA CUDA toolkit for all platforms contains a vulnerability in cuobjdump and nvdisasm where an attacker may cause a crash by tricking a user into reading a malformed ELF file. A successful exploit of this vulnerability may lead to a partial denial of service.
CVE-2024-0076: NVIDIA CUDA toolkit for all platforms contains a vulnerability in cuobjdump and nvdisasm where an attacker may cause a crash by tricking a user into reading a malformed ELF file. A successful exploit of this vulnerability may lead to a partial denial of service.
CVE-2024-0102: NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvdisasm, where an attacker can cause an out-of-bounds read issue by deceiving a user into reading a malformed ELF file. A successful exploit of this vulnerability might lead to denial of service.
CVE-2024-0109: NVIDIA CUDA Toolkit contains a vulnerability in command `cuobjdump` where a user may cause a crash by passing in a malformed ELF file. A successful exploit of this vulnerability may cause an out of bounds read in the unprivileged process memory which could lead to a limited denial of service.
CVE-2024-0110: NVIDIA CUDA Toolkit contains a vulnerability in command `cuobjdump` where a user may cause an out-of-bound write by passing in a malformed ELF file. A successful exploit of this vulnerability may lead to code execution or denial of service.
CVE-2024-0111: NVIDIA CUDA Toolkit contains a vulnerability in command 'cuobjdump' where a user may cause a crash or produce incorrect output by passing a malformed ELF file. A successful exploit of this vulnerability may lead to a limited denial of service or data tampering.
CVE-2024-0123: NVIDIA CUDA toolkit for Windows and Linux contains a vulnerability in the nvdisasm command line tool where an attacker may cause an improper validation in input issue by tricking the user into running nvdisasm on a malicious ELF file. A successful exploit of this vulnerability may lead to denial of service.
CVE-2024-0124: NVIDIA CUDA Toolkit for Windows and Linux contains a vulnerability in the nvdisam command line tool, where a user can cause nvdisasm to read freed memory by running it on a malformed ELF file. A successful exploit of this vulnerability might lead to a limited denial of service.

Created: 2024-04-06 Last update: 2025-04-30 18:04

10 security issues in bullseye high

There are 10 open security issues in bullseye.

2 important issues:

CVE-2024-0123: NVIDIA CUDA toolkit for Windows and Linux contains a vulnerability in the nvdisasm command line tool where an attacker may cause an improper validation in input issue by tricking the user into running nvdisasm on a malicious ELF file. A successful exploit of this vulnerability may lead to denial of service.
CVE-2024-0124: NVIDIA CUDA Toolkit for Windows and Linux contains a vulnerability in the nvdisam command line tool, where a user can cause nvdisasm to read freed memory by running it on a malformed ELF file. A successful exploit of this vulnerability might lead to a limited denial of service.

5 issues postponed or untriaged:

CVE-2024-0072: (needs triaging) NVIDIA CUDA toolkit for all platforms contains a vulnerability in cuobjdump and nvdisasm where an attacker may cause a crash by tricking a user into reading a malformed ELF file. A successful exploit of this vulnerability may lead to a partial denial of service.
CVE-2024-0076: (needs triaging) NVIDIA CUDA toolkit for all platforms contains a vulnerability in cuobjdump and nvdisasm where an attacker may cause a crash by tricking a user into reading a malformed ELF file. A successful exploit of this vulnerability may lead to a partial denial of service.
CVE-2024-0102: (needs triaging) NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvdisasm, where an attacker can cause an out-of-bounds read issue by deceiving a user into reading a malformed ELF file. A successful exploit of this vulnerability might lead to denial of service.
CVE-2022-21821: (needs triaging) NVIDIA CUDA Toolkit SDK contains an integer overflow vulnerability in cuobjdump.To exploit this vulnerability, a remote attacker would require a local user to download a specially crafted, corrupted file and locally execute cuobjdump against the file. Such an attack may lead to remote code execution that causes complete denial of service and an impact on data confidentiality and integrity.
CVE-2022-34667: (needs triaging) NVIDIA CUDA Toolkit SDK contains a stack-based buffer overflow vulnerability in cuobjdump, where an unprivileged remote attacker could exploit this buffer overflow condition by persuading a local user to download a specially crafted corrupted file and execute cuobjdump against it locally, which may lead to a limited denial of service and some loss of data integrity for the local user.

3 ignored issues:

CVE-2024-0109: NVIDIA CUDA Toolkit contains a vulnerability in command `cuobjdump` where a user may cause a crash by passing in a malformed ELF file. A successful exploit of this vulnerability may cause an out of bounds read in the unprivileged process memory which could lead to a limited denial of service.
CVE-2024-0110: NVIDIA CUDA Toolkit contains a vulnerability in command `cuobjdump` where a user may cause an out-of-bound write by passing in a malformed ELF file. A successful exploit of this vulnerability may lead to code execution or denial of service.
CVE-2024-0111: NVIDIA CUDA Toolkit contains a vulnerability in command 'cuobjdump' where a user may cause a crash or produce incorrect output by passing a malformed ELF file. A successful exploit of this vulnerability may lead to a limited denial of service or data tampering.

Created: 2024-10-03 Last update: 2025-04-30 18:04

The VCS repository is not up to date, push the missing commits. high

vcswatch reports that the current version of the package is not in its VCS.
Either you need to push your commits and/or your tags, or the information about the package's VCS are out of date. A common cause of the latter issue when using the Git VCS is not specifying the correct branch when the packaging is not in the default one (remote HEAD branch), which is usually "master" but can be modified in salsa.debian.org in the project's general settings with the "Default Branch" field). Alternatively the Vcs-Git field in debian/control can contain a "-b <branch-name>" suffix to indicate what branch is used for the Debian packaging.

Created: 2025-04-29 Last update: 2025-04-29 22:58

5 security issues in buster high

There are 5 open security issues in buster.

2 important issues:

CVE-2024-0072: NVIDIA CUDA toolkit for all platforms contains a vulnerability in cuobjdump and nvdisasm where an attacker may cause a crash by tricking a user into reading a malformed ELF file. A successful exploit of this vulnerability may lead to a partial denial of service.
CVE-2024-0076: NVIDIA CUDA toolkit for all platforms contains a vulnerability in cuobjdump and nvdisasm where an attacker may cause a crash by tricking a user into reading a malformed ELF file. A successful exploit of this vulnerability may lead to a partial denial of service.

2 issues postponed or untriaged:

CVE-2022-21821: (needs triaging) NVIDIA CUDA Toolkit SDK contains an integer overflow vulnerability in cuobjdump.To exploit this vulnerability, a remote attacker would require a local user to download a specially crafted, corrupted file and locally execute cuobjdump against the file. Such an attack may lead to remote code execution that causes complete denial of service and an impact on data confidentiality and integrity.
CVE-2022-34667: (needs triaging) NVIDIA CUDA Toolkit SDK contains a stack-based buffer overflow vulnerability in cuobjdump, where an unprivileged remote attacker could exploit this buffer overflow condition by persuading a local user to download a specially crafted corrupted file and execute cuobjdump against it locally, which may lead to a limited denial of service and some loss of data integrity for the local user.

1 ignored issue:

CVE-2020-5991: NVIDIA CUDA Toolkit, all versions prior to 11.1.1, contains a vulnerability in the NVJPEG library in which an out-of-bounds read or write operation may lead to code execution, denial of service, or information disclosure.

Created: 2024-04-06 Last update: 2024-05-18 04:38

8 low-priority security issues in bookworm low

There are 8 open security issues in bookworm.

8 issues left for the package maintainer to handle:

CVE-2024-0072: (needs triaging) NVIDIA CUDA toolkit for all platforms contains a vulnerability in cuobjdump and nvdisasm where an attacker may cause a crash by tricking a user into reading a malformed ELF file. A successful exploit of this vulnerability may lead to a partial denial of service.
CVE-2024-0076: (needs triaging) NVIDIA CUDA toolkit for all platforms contains a vulnerability in cuobjdump and nvdisasm where an attacker may cause a crash by tricking a user into reading a malformed ELF file. A successful exploit of this vulnerability may lead to a partial denial of service.
CVE-2024-0102: (needs triaging) NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvdisasm, where an attacker can cause an out-of-bounds read issue by deceiving a user into reading a malformed ELF file. A successful exploit of this vulnerability might lead to denial of service.
CVE-2024-0109: (needs triaging) NVIDIA CUDA Toolkit contains a vulnerability in command `cuobjdump` where a user may cause a crash by passing in a malformed ELF file. A successful exploit of this vulnerability may cause an out of bounds read in the unprivileged process memory which could lead to a limited denial of service.
CVE-2024-0110: (needs triaging) NVIDIA CUDA Toolkit contains a vulnerability in command `cuobjdump` where a user may cause an out-of-bound write by passing in a malformed ELF file. A successful exploit of this vulnerability may lead to code execution or denial of service.
CVE-2024-0111: (needs triaging) NVIDIA CUDA Toolkit contains a vulnerability in command 'cuobjdump' where a user may cause a crash or produce incorrect output by passing a malformed ELF file. A successful exploit of this vulnerability may lead to a limited denial of service or data tampering.
CVE-2024-0123: (needs triaging) NVIDIA CUDA toolkit for Windows and Linux contains a vulnerability in the nvdisasm command line tool where an attacker may cause an improper validation in input issue by tricking the user into running nvdisasm on a malicious ELF file. A successful exploit of this vulnerability may lead to denial of service.
CVE-2024-0124: (needs triaging) NVIDIA CUDA Toolkit for Windows and Linux contains a vulnerability in the nvdisam command line tool, where a user can cause nvdisasm to read freed memory by running it on a malformed ELF file. A successful exploit of this vulnerability might lead to a limited denial of service.

You can find information about how to handle these issues in the security team's documentation.

Created: 2024-04-06 Last update: 2025-04-30 18:04

Build log checks report 1 warning low

Build log checks report 1 warning

Created: 2025-01-10 Last update: 2025-01-10 00:32

news

[rss feed]

[2025-04-29] Accepted nvidia-cuda-toolkit 12.3.0-1 (source amd64 all) into experimental (Debian FTP Masters) (signed by: Andreas Beckmann)
[2025-03-18] nvidia-cuda-toolkit 12.2.2-2 MIGRATED to testing (Debian testing watch)
[2025-03-13] Accepted nvidia-cuda-toolkit 12.2.2-2 (source) into unstable (Andreas Beckmann)
[2025-02-19] Accepted nvidia-cuda-toolkit 12.2.2-1 (source) into unstable (Andreas Beckmann)
[2025-01-21] nvidia-cuda-toolkit 12.2.1-3 MIGRATED to testing (Debian testing watch)
[2025-01-15] Accepted nvidia-cuda-toolkit 12.2.1-3 (source) into unstable (Andreas Beckmann)
[2025-01-07] Accepted nvidia-cuda-toolkit 12.2.1-2 (source) into unstable (Andreas Beckmann)
[2025-01-05] Accepted nvidia-cuda-toolkit 12.2.1-1 (source) into unstable (Andreas Beckmann)
[2024-10-31] nvidia-cuda-toolkit 12.2.0-3 MIGRATED to testing (Debian testing watch)
[2024-10-25] Accepted nvidia-cuda-toolkit 12.2.0-3 (source) into unstable (Andreas Beckmann)
[2024-10-16] Accepted nvidia-cuda-toolkit 12.2.0-2 (source) into experimental (Andreas Beckmann)
[2024-10-11] nvidia-cuda-toolkit 12.1.1-4 MIGRATED to testing (Debian testing watch)
[2024-10-05] Accepted nvidia-cuda-toolkit 12.1.1-4 (source) into unstable (Andreas Beckmann)
[2024-10-05] nvidia-cuda-toolkit 12.1.1-3 MIGRATED to testing (Debian testing watch)
[2024-09-30] Accepted nvidia-cuda-toolkit 12.1.1-3 (source) into unstable (Andreas Beckmann)
[2024-07-23] nvidia-cuda-toolkit 12.1.1-2 MIGRATED to testing (Debian testing watch)
[2024-07-17] Accepted nvidia-cuda-toolkit 12.1.1-2 (source) into unstable (Graham Inggs)
[2024-06-21] Accepted nvidia-cuda-toolkit 12.2.0-1 (source amd64 all) into experimental (Debian FTP Masters) (signed by: Andreas Beckmann)
[2024-05-18] nvidia-cuda-toolkit 12.1.1-1 MIGRATED to testing (Debian testing watch)
[2024-05-12] Accepted nvidia-cuda-toolkit 12.1.1-1 (source) into unstable (Andreas Beckmann)
[2024-05-11] nvidia-cuda-toolkit 12.1.0-2 MIGRATED to testing (Debian testing watch)
[2024-05-06] Accepted nvidia-cuda-toolkit 12.1.0-2 (source) into unstable (Andreas Beckmann)
[2024-05-06] nvidia-cuda-toolkit 12.0.1-6 MIGRATED to testing (Debian testing watch)
[2024-05-01] Accepted nvidia-cuda-toolkit 12.0.1-6 (source) into unstable (Andreas Beckmann)
[2024-04-30] nvidia-cuda-toolkit 12.0.1-5 MIGRATED to testing (Debian testing watch)
[2024-03-10] Accepted nvidia-cuda-toolkit 12.0.1-5 (source) into unstable (Andreas Beckmann)
[2024-01-14] nvidia-cuda-toolkit 12.0.1-4 MIGRATED to testing (Debian testing watch)
[2024-01-08] Accepted nvidia-cuda-toolkit 12.0.1-4 (source) into unstable (Andreas Beckmann)
[2023-10-12] nvidia-cuda-toolkit 12.0.1-3 MIGRATED to testing (Debian testing watch)
[2023-10-12] nvidia-cuda-toolkit 12.0.1-3 MIGRATED to testing (Debian testing watch)

bugs [bug history graph]

all: 14
RC: 1
I&N: 9
M&W: 4
F&P: 0
patch: 0

links

homepage
buildd: logs, exp, checks, cross
popcon
browse source code
edit tags
other distros
security tracker
screenshots
debci

ubuntu

[Information about Ubuntu for Debian Developers]

version: 12.2.2-2build1
7 bugs