nvidia-cuda-toolkit - Debian Package Tracker

general

source: nvidia-cuda-toolkit (non-free)
version: 12.4.1-4
maintainer: Debian NVIDIA Maintainers (archive) (DMD)
uploaders: Andreas Beckmann [DMD] – Graham Inggs [DMD]
arch: all amd64 arm64 ppc64el
std-ver: 4.7.2
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 11.2.2-3+deb11u3
oldstable: 11.8.0-5~deb12u1
stable: 12.4.1-2
testing: 12.4.1-3
unstable: 12.4.1-4
exp: 12.5.0-1

versioned links

11.2.2-3+deb11u3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
11.8.0-5~deb12u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
12.4.1-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
12.4.1-3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
12.4.1-4: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
12.5.0-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

gds-tools
libaccinj64-12.4
libarrow500
libcublas12
libcublaslt12
libcudart12
libcufft11
libcufftw11
libcufile-dev
libcufile-rdma1
libcufile0
libcuinj64-12.4
libcupti-dev
libcupti-doc
libcupti12
libcurand10
libcusolver11
libcusolvermg11
libcusparse12
libnppc12
libnppial12
libnppicc12
libnppidei12
libnppif12
libnppig12
libnppim12
libnppist12
libnppisu12
libnppitc12
libnpps12
libnvblas12
libnvfatbin12
libnvidia-ml-dev
libnvjitlink12
libnvjpeg12
libnvrtc-builtins12.4
libnvrtc12
libnvtoolsext1
libnvvm4
libparquet500
nsight-compute (1 bugs: 0, 0, 1, 0)
nsight-compute-target
nsight-systems
nsight-systems-target
nvidia-cuda-dev
nvidia-cuda-gdb
nvidia-cuda-toolkit (3 bugs: 0, 1, 2, 0)
nvidia-cuda-toolkit-doc
nvidia-cuda-toolkit-gcc
nvidia-fs-dkms
nvidia-opencl-dev
nvidia-openjdk-8-jre (1 bugs: 0, 1, 0, 0)
nvidia-profiler
nvidia-visual-profiler

action needed

Marked for autoremoval on 19 October: #1114235 high

Version 12.4.1-3 of nvidia-cuda-toolkit is marked for autoremoval from testing on Sun 19 Oct 2025. It is affected by #1114235. The removal of nvidia-cuda-toolkit will also cause the removal of (transitive) reverse dependencies: astra-toolbox, eztrace-contrib, ggml, gloo-cuda, gpu-burn, hwloc-contrib, llama.cpp, magma, mumax3, nvidia-cudnn, nvidia-cudnn-frontend, nvidia-nccl, pycuda, python-pycudwt, python-scikit-cuda, pytorch-cuda, pyvkfft-cuda, slurm-wlm-contrib, starpu-contrib, stdgpu-contrib, tabnet, tensorpipe-cuda, tomopy. You should try to prevent the removal by fixing these RC bugs.

Created: 2025-09-12 Last update: 2025-09-18 06:02

A new upstream version is available: 13.0.1 high

A new upstream version 13.0.1 is available, you should consider packaging it.

Created: 2023-10-07 Last update: 2025-09-18 01:32

The VCS repository is not up to date, push the missing commits. high

vcswatch reports that the current version of the package is not in its VCS.
Either you need to push your commits and/or your tags, or the information about the package's VCS are out of date. A common cause of the latter issue when using the Git VCS is not specifying the correct branch when the packaging is not in the default one (remote HEAD branch), which is usually "master" but can be modified in salsa.debian.org in the project's general settings with the "Default Branch" field). Alternatively the Vcs-Git field in debian/control can contain a "-b <branch-name>" suffix to indicate what branch is used for the Debian packaging.

Created: 2025-09-12 Last update: 2025-09-17 09:05

7 security issues in sid high

There are 7 open security issues in sid.

7 important issues:

CVE-2024-0102: NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvdisasm, where an attacker can cause an out-of-bounds read issue by deceiving a user into reading a malformed ELF file. A successful exploit of this vulnerability might lead to denial of service.
CVE-2024-0109: NVIDIA CUDA Toolkit contains a vulnerability in command `cuobjdump` where a user may cause a crash by passing in a malformed ELF file. A successful exploit of this vulnerability may cause an out of bounds read in the unprivileged process memory which could lead to a limited denial of service.
CVE-2024-0110: NVIDIA CUDA Toolkit contains a vulnerability in command `cuobjdump` where a user may cause an out-of-bound write by passing in a malformed ELF file. A successful exploit of this vulnerability may lead to code execution or denial of service.
CVE-2024-0111: NVIDIA CUDA Toolkit contains a vulnerability in command 'cuobjdump' where a user may cause a crash or produce incorrect output by passing a malformed ELF file. A successful exploit of this vulnerability may lead to a limited denial of service or data tampering.
CVE-2024-0123: NVIDIA CUDA toolkit for Windows and Linux contains a vulnerability in the nvdisasm command line tool where an attacker may cause an improper validation in input issue by tricking the user into running nvdisasm on a malicious ELF file. A successful exploit of this vulnerability may lead to denial of service.
CVE-2024-0124: NVIDIA CUDA Toolkit for Windows and Linux contains a vulnerability in the nvdisam command line tool, where a user can cause nvdisasm to read freed memory by running it on a malformed ELF file. A successful exploit of this vulnerability might lead to a limited denial of service.
CVE-2025-23247: NVIDIA CUDA Toolkit for all platforms contains a vulnerability in the cuobjdump binary, where a failure to check the length of a buffer could allow a user to cause the tool to crash or execute arbitrary code by passing in a malformed ELF file. A successful exploit of this vulnerability might lead to arbitrary code execution.

Created: 2024-04-06 Last update: 2025-09-14 05:30

7 security issues in forky high

There are 7 open security issues in forky.

7 important issues:

CVE-2024-0102: NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvdisasm, where an attacker can cause an out-of-bounds read issue by deceiving a user into reading a malformed ELF file. A successful exploit of this vulnerability might lead to denial of service.
CVE-2024-0109: NVIDIA CUDA Toolkit contains a vulnerability in command `cuobjdump` where a user may cause a crash by passing in a malformed ELF file. A successful exploit of this vulnerability may cause an out of bounds read in the unprivileged process memory which could lead to a limited denial of service.
CVE-2024-0110: NVIDIA CUDA Toolkit contains a vulnerability in command `cuobjdump` where a user may cause an out-of-bound write by passing in a malformed ELF file. A successful exploit of this vulnerability may lead to code execution or denial of service.
CVE-2024-0111: NVIDIA CUDA Toolkit contains a vulnerability in command 'cuobjdump' where a user may cause a crash or produce incorrect output by passing a malformed ELF file. A successful exploit of this vulnerability may lead to a limited denial of service or data tampering.
CVE-2024-0123: NVIDIA CUDA toolkit for Windows and Linux contains a vulnerability in the nvdisasm command line tool where an attacker may cause an improper validation in input issue by tricking the user into running nvdisasm on a malicious ELF file. A successful exploit of this vulnerability may lead to denial of service.
CVE-2024-0124: NVIDIA CUDA Toolkit for Windows and Linux contains a vulnerability in the nvdisam command line tool, where a user can cause nvdisasm to read freed memory by running it on a malformed ELF file. A successful exploit of this vulnerability might lead to a limited denial of service.
CVE-2025-23247: NVIDIA CUDA Toolkit for all platforms contains a vulnerability in the cuobjdump binary, where a failure to check the length of a buffer could allow a user to cause the tool to crash or execute arbitrary code by passing in a malformed ELF file. A successful exploit of this vulnerability might lead to arbitrary code execution.

Created: 2025-08-09 Last update: 2025-09-14 05:30

11 security issues in bullseye high

There are 11 open security issues in bullseye.

3 important issues:

CVE-2024-0123: NVIDIA CUDA toolkit for Windows and Linux contains a vulnerability in the nvdisasm command line tool where an attacker may cause an improper validation in input issue by tricking the user into running nvdisasm on a malicious ELF file. A successful exploit of this vulnerability may lead to denial of service.
CVE-2024-0124: NVIDIA CUDA Toolkit for Windows and Linux contains a vulnerability in the nvdisam command line tool, where a user can cause nvdisasm to read freed memory by running it on a malformed ELF file. A successful exploit of this vulnerability might lead to a limited denial of service.
CVE-2025-23247: NVIDIA CUDA Toolkit for all platforms contains a vulnerability in the cuobjdump binary, where a failure to check the length of a buffer could allow a user to cause the tool to crash or execute arbitrary code by passing in a malformed ELF file. A successful exploit of this vulnerability might lead to arbitrary code execution.

5 issues postponed or untriaged:

CVE-2024-0072: (needs triaging) NVIDIA CUDA toolkit for all platforms contains a vulnerability in cuobjdump and nvdisasm where an attacker may cause a crash by tricking a user into reading a malformed ELF file. A successful exploit of this vulnerability may lead to a partial denial of service.
CVE-2024-0076: (needs triaging) NVIDIA CUDA toolkit for all platforms contains a vulnerability in cuobjdump and nvdisasm where an attacker may cause a crash by tricking a user into reading a malformed ELF file. A successful exploit of this vulnerability may lead to a partial denial of service.
CVE-2024-0102: (needs triaging) NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvdisasm, where an attacker can cause an out-of-bounds read issue by deceiving a user into reading a malformed ELF file. A successful exploit of this vulnerability might lead to denial of service.
CVE-2022-21821: (needs triaging) NVIDIA CUDA Toolkit SDK contains an integer overflow vulnerability in cuobjdump.To exploit this vulnerability, a remote attacker would require a local user to download a specially crafted, corrupted file and locally execute cuobjdump against the file. Such an attack may lead to remote code execution that causes complete denial of service and an impact on data confidentiality and integrity.
CVE-2022-34667: (needs triaging) NVIDIA CUDA Toolkit SDK contains a stack-based buffer overflow vulnerability in cuobjdump, where an unprivileged remote attacker could exploit this buffer overflow condition by persuading a local user to download a specially crafted corrupted file and execute cuobjdump against it locally, which may lead to a limited denial of service and some loss of data integrity for the local user.

3 ignored issues:

CVE-2024-0109: NVIDIA CUDA Toolkit contains a vulnerability in command `cuobjdump` where a user may cause a crash by passing in a malformed ELF file. A successful exploit of this vulnerability may cause an out of bounds read in the unprivileged process memory which could lead to a limited denial of service.
CVE-2024-0110: NVIDIA CUDA Toolkit contains a vulnerability in command `cuobjdump` where a user may cause an out-of-bound write by passing in a malformed ELF file. A successful exploit of this vulnerability may lead to code execution or denial of service.
CVE-2024-0111: NVIDIA CUDA Toolkit contains a vulnerability in command 'cuobjdump' where a user may cause a crash or produce incorrect output by passing a malformed ELF file. A successful exploit of this vulnerability may lead to a limited denial of service or data tampering.

Created: 2024-10-03 Last update: 2025-09-14 05:30

5 security issues in buster high

There are 5 open security issues in buster.

2 important issues:

CVE-2024-0072: NVIDIA CUDA toolkit for all platforms contains a vulnerability in cuobjdump and nvdisasm where an attacker may cause a crash by tricking a user into reading a malformed ELF file. A successful exploit of this vulnerability may lead to a partial denial of service.
CVE-2024-0076: NVIDIA CUDA toolkit for all platforms contains a vulnerability in cuobjdump and nvdisasm where an attacker may cause a crash by tricking a user into reading a malformed ELF file. A successful exploit of this vulnerability may lead to a partial denial of service.

2 issues postponed or untriaged:

CVE-2022-21821: (needs triaging) NVIDIA CUDA Toolkit SDK contains an integer overflow vulnerability in cuobjdump.To exploit this vulnerability, a remote attacker would require a local user to download a specially crafted, corrupted file and locally execute cuobjdump against the file. Such an attack may lead to remote code execution that causes complete denial of service and an impact on data confidentiality and integrity.
CVE-2022-34667: (needs triaging) NVIDIA CUDA Toolkit SDK contains a stack-based buffer overflow vulnerability in cuobjdump, where an unprivileged remote attacker could exploit this buffer overflow condition by persuading a local user to download a specially crafted corrupted file and execute cuobjdump against it locally, which may lead to a limited denial of service and some loss of data integrity for the local user.

1 ignored issue:

CVE-2020-5991: NVIDIA CUDA Toolkit, all versions prior to 11.1.1, contains a vulnerability in the NVJPEG library in which an out-of-bounds read or write operation may lead to code execution, denial of service, or information disclosure.

Created: 2024-04-06 Last update: 2024-05-18 04:38

lintian reports 12 warnings normal

Lintian reports 12 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2025-09-15 Last update: 2025-09-15 03:04

7 low-priority security issues in trixie low

There are 7 open security issues in trixie.

7 issues left for the package maintainer to handle:

CVE-2024-0102: (needs triaging) NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvdisasm, where an attacker can cause an out-of-bounds read issue by deceiving a user into reading a malformed ELF file. A successful exploit of this vulnerability might lead to denial of service.
CVE-2024-0109: (needs triaging) NVIDIA CUDA Toolkit contains a vulnerability in command `cuobjdump` where a user may cause a crash by passing in a malformed ELF file. A successful exploit of this vulnerability may cause an out of bounds read in the unprivileged process memory which could lead to a limited denial of service.
CVE-2024-0110: (needs triaging) NVIDIA CUDA Toolkit contains a vulnerability in command `cuobjdump` where a user may cause an out-of-bound write by passing in a malformed ELF file. A successful exploit of this vulnerability may lead to code execution or denial of service.
CVE-2024-0111: (needs triaging) NVIDIA CUDA Toolkit contains a vulnerability in command 'cuobjdump' where a user may cause a crash or produce incorrect output by passing a malformed ELF file. A successful exploit of this vulnerability may lead to a limited denial of service or data tampering.
CVE-2024-0123: (needs triaging) NVIDIA CUDA toolkit for Windows and Linux contains a vulnerability in the nvdisasm command line tool where an attacker may cause an improper validation in input issue by tricking the user into running nvdisasm on a malicious ELF file. A successful exploit of this vulnerability may lead to denial of service.
CVE-2024-0124: (needs triaging) NVIDIA CUDA Toolkit for Windows and Linux contains a vulnerability in the nvdisam command line tool, where a user can cause nvdisasm to read freed memory by running it on a malformed ELF file. A successful exploit of this vulnerability might lead to a limited denial of service.
CVE-2025-23247: (needs triaging) NVIDIA CUDA Toolkit for all platforms contains a vulnerability in the cuobjdump binary, where a failure to check the length of a buffer could allow a user to cause the tool to crash or execute arbitrary code by passing in a malformed ELF file. A successful exploit of this vulnerability might lead to arbitrary code execution.

You can find information about how to handle these issues in the security team's documentation.

Created: 2024-04-06 Last update: 2025-09-14 05:30

9 low-priority security issues in bookworm low

There are 9 open security issues in bookworm.

9 issues left for the package maintainer to handle:

CVE-2024-0072: (needs triaging) NVIDIA CUDA toolkit for all platforms contains a vulnerability in cuobjdump and nvdisasm where an attacker may cause a crash by tricking a user into reading a malformed ELF file. A successful exploit of this vulnerability may lead to a partial denial of service.
CVE-2024-0076: (needs triaging) NVIDIA CUDA toolkit for all platforms contains a vulnerability in cuobjdump and nvdisasm where an attacker may cause a crash by tricking a user into reading a malformed ELF file. A successful exploit of this vulnerability may lead to a partial denial of service.
CVE-2024-0102: (needs triaging) NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvdisasm, where an attacker can cause an out-of-bounds read issue by deceiving a user into reading a malformed ELF file. A successful exploit of this vulnerability might lead to denial of service.
CVE-2024-0109: (needs triaging) NVIDIA CUDA Toolkit contains a vulnerability in command `cuobjdump` where a user may cause a crash by passing in a malformed ELF file. A successful exploit of this vulnerability may cause an out of bounds read in the unprivileged process memory which could lead to a limited denial of service.
CVE-2024-0110: (needs triaging) NVIDIA CUDA Toolkit contains a vulnerability in command `cuobjdump` where a user may cause an out-of-bound write by passing in a malformed ELF file. A successful exploit of this vulnerability may lead to code execution or denial of service.
CVE-2024-0111: (needs triaging) NVIDIA CUDA Toolkit contains a vulnerability in command 'cuobjdump' where a user may cause a crash or produce incorrect output by passing a malformed ELF file. A successful exploit of this vulnerability may lead to a limited denial of service or data tampering.
CVE-2024-0123: (needs triaging) NVIDIA CUDA toolkit for Windows and Linux contains a vulnerability in the nvdisasm command line tool where an attacker may cause an improper validation in input issue by tricking the user into running nvdisasm on a malicious ELF file. A successful exploit of this vulnerability may lead to denial of service.
CVE-2024-0124: (needs triaging) NVIDIA CUDA Toolkit for Windows and Linux contains a vulnerability in the nvdisam command line tool, where a user can cause nvdisasm to read freed memory by running it on a malformed ELF file. A successful exploit of this vulnerability might lead to a limited denial of service.
CVE-2025-23247: (needs triaging) NVIDIA CUDA Toolkit for all platforms contains a vulnerability in the cuobjdump binary, where a failure to check the length of a buffer could allow a user to cause the tool to crash or execute arbitrary code by passing in a malformed ELF file. A successful exploit of this vulnerability might lead to arbitrary code execution.

You can find information about how to handle these issues in the security team's documentation.

Created: 2024-04-06 Last update: 2025-09-14 05:30

testing migrations

This package will soon be part of the qt6base-abi-6.9.2 transition. You might want to ensure that your package is ready for it. You can probably find supplementary information in the debian-release archives or in the corresponding release.debian.org bug.
excuses:
- Migration status for nvidia-cuda-toolkit (12.4.1-3 to 12.4.1-4): Waiting for test results or another package, or too young (no action required now - check later)
- Issues preventing migration:
- ∙ ∙ Too young, only 4 of 5 days old
- Additional info:
- ∙ ∙ Updating nvidia-cuda-toolkit will fix bugs in testing: #1114235
- ∙ ∙ Cannot be tested by piuparts (not a blocker) - (no link yet)
- Not considered

news

[rss feed]

[2025-09-13] Accepted nvidia-cuda-toolkit 12.4.1-4 (source) into unstable (Andreas Beckmann)
[2025-09-12] Accepted nvidia-cuda-toolkit 12.5.0-1 (source amd64 all) into experimental (Debian FTP Masters) (signed by: Andreas Beckmann)
[2025-08-21] nvidia-cuda-toolkit 12.4.1-3 MIGRATED to testing (Debian testing watch)
[2025-08-16] Accepted nvidia-cuda-toolkit 12.4.1-3 (source) into unstable (Andreas Beckmann)
[2025-07-26] nvidia-cuda-toolkit 12.4.1-2 MIGRATED to testing (Debian testing watch)
[2025-07-21] Accepted nvidia-cuda-toolkit 12.4.1-2 (source) into unstable (Andreas Beckmann)
[2025-06-15] nvidia-cuda-toolkit 12.4.1-1 MIGRATED to testing (Debian testing watch)
[2025-06-12] Accepted nvidia-cuda-toolkit 12.4.1-1 (source) into unstable (Andreas Beckmann)
[2025-06-11] nvidia-cuda-toolkit 12.3.2-1 MIGRATED to testing (Debian testing watch)
[2025-05-22] Accepted nvidia-cuda-toolkit 12.4.0-2 (source) into experimental (Andreas Beckmann)
[2025-05-18] Accepted nvidia-cuda-toolkit 12.4.0-1 (source amd64 all) into experimental (Debian FTP Masters) (signed by: Andreas Beckmann)
[2025-05-07] Accepted nvidia-cuda-toolkit 12.3.2-1 (source) into unstable (Andreas Beckmann)
[2025-05-03] Accepted nvidia-cuda-toolkit 12.3.1-1 (source) into experimental (Andreas Beckmann)
[2025-04-29] Accepted nvidia-cuda-toolkit 12.3.0-1 (source amd64 all) into experimental (Debian FTP Masters) (signed by: Andreas Beckmann)
[2025-03-18] nvidia-cuda-toolkit 12.2.2-2 MIGRATED to testing (Debian testing watch)
[2025-03-13] Accepted nvidia-cuda-toolkit 12.2.2-2 (source) into unstable (Andreas Beckmann)
[2025-02-19] Accepted nvidia-cuda-toolkit 12.2.2-1 (source) into unstable (Andreas Beckmann)
[2025-01-21] nvidia-cuda-toolkit 12.2.1-3 MIGRATED to testing (Debian testing watch)
[2025-01-15] Accepted nvidia-cuda-toolkit 12.2.1-3 (source) into unstable (Andreas Beckmann)
[2025-01-07] Accepted nvidia-cuda-toolkit 12.2.1-2 (source) into unstable (Andreas Beckmann)
[2025-01-05] Accepted nvidia-cuda-toolkit 12.2.1-1 (source) into unstable (Andreas Beckmann)
[2024-10-31] nvidia-cuda-toolkit 12.2.0-3 MIGRATED to testing (Debian testing watch)
[2024-10-25] Accepted nvidia-cuda-toolkit 12.2.0-3 (source) into unstable (Andreas Beckmann)
[2024-10-16] Accepted nvidia-cuda-toolkit 12.2.0-2 (source) into experimental (Andreas Beckmann)
[2024-10-11] nvidia-cuda-toolkit 12.1.1-4 MIGRATED to testing (Debian testing watch)
[2024-10-05] Accepted nvidia-cuda-toolkit 12.1.1-4 (source) into unstable (Andreas Beckmann)
[2024-10-05] nvidia-cuda-toolkit 12.1.1-3 MIGRATED to testing (Debian testing watch)
[2024-09-30] Accepted nvidia-cuda-toolkit 12.1.1-3 (source) into unstable (Andreas Beckmann)
[2024-07-23] nvidia-cuda-toolkit 12.1.1-2 MIGRATED to testing (Debian testing watch)
[2024-07-17] Accepted nvidia-cuda-toolkit 12.1.1-2 (source) into unstable (Graham Inggs)

bugs [bug history graph]

all: 14
RC: 0
I&N: 10
M&W: 4
F&P: 0
patch: 0

links

homepage
lintian (0, 12)
buildd: logs, exp, cross
popcon
browse source code
edit tags
other distros
security tracker
screenshots
debci

ubuntu

[Information about Ubuntu for Debian Developers]

version: 12.4.1-4
9 bugs