Register | Log in

nvidia-cuda-toolkit

NVIDIA CUDA development toolkit

Choose email to subscribe with

general

source: nvidia-cuda-toolkit (non-free)
version: 12.4.1-2
maintainer: Debian NVIDIA Maintainers (archive) (DMD)
uploaders: Andreas Beckmann [DMD] – Graham Inggs [DMD]
arch: all amd64 arm64 ppc64el
std-ver: 4.7.2
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

oldstable: 11.2.2-3+deb11u3
stable: 11.8.0-5~deb12u1
testing: 12.4.1-1
unstable: 12.4.1-2

versioned links

11.2.2-3+deb11u3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
11.8.0-5~deb12u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
12.4.1-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
12.4.1-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

action needed

A new upstream version is available: 13.0.0 high

A new upstream version 13.0.0 is available, you should consider packaging it.

Created: 2023-10-07 Last update: 2025-08-07 07:03

7 security issues in trixie high

There are 7 open security issues in trixie.

7 important issues:

CVE-2024-0102: NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvdisasm, where an attacker can cause an out-of-bounds read issue by deceiving a user into reading a malformed ELF file. A successful exploit of this vulnerability might lead to denial of service.
CVE-2024-0109: NVIDIA CUDA Toolkit contains a vulnerability in command `cuobjdump` where a user may cause a crash by passing in a malformed ELF file. A successful exploit of this vulnerability may cause an out of bounds read in the unprivileged process memory which could lead to a limited denial of service.
CVE-2024-0110: NVIDIA CUDA Toolkit contains a vulnerability in command `cuobjdump` where a user may cause an out-of-bound write by passing in a malformed ELF file. A successful exploit of this vulnerability may lead to code execution or denial of service.
CVE-2024-0111: NVIDIA CUDA Toolkit contains a vulnerability in command 'cuobjdump' where a user may cause a crash or produce incorrect output by passing a malformed ELF file. A successful exploit of this vulnerability may lead to a limited denial of service or data tampering.
CVE-2024-0123: NVIDIA CUDA toolkit for Windows and Linux contains a vulnerability in the nvdisasm command line tool where an attacker may cause an improper validation in input issue by tricking the user into running nvdisasm on a malicious ELF file. A successful exploit of this vulnerability may lead to denial of service.
CVE-2024-0124: NVIDIA CUDA Toolkit for Windows and Linux contains a vulnerability in the nvdisam command line tool, where a user can cause nvdisasm to read freed memory by running it on a malformed ELF file. A successful exploit of this vulnerability might lead to a limited denial of service.
CVE-2025-23247: NVIDIA CUDA Toolkit for all platforms contains a vulnerability in the cuobjdump binary, where a failure to check the length of a buffer could allow a user to cause the tool to crash or execute arbitrary code by passing in a malformed ELF file. A successful exploit of this vulnerability might lead to arbitrary code execution.

Created: 2024-04-06 Last update: 2025-07-25 18:00

7 security issues in sid high

There are 7 open security issues in sid.

7 important issues:

CVE-2024-0102: NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvdisasm, where an attacker can cause an out-of-bounds read issue by deceiving a user into reading a malformed ELF file. A successful exploit of this vulnerability might lead to denial of service.
CVE-2024-0109: NVIDIA CUDA Toolkit contains a vulnerability in command `cuobjdump` where a user may cause a crash by passing in a malformed ELF file. A successful exploit of this vulnerability may cause an out of bounds read in the unprivileged process memory which could lead to a limited denial of service.
CVE-2024-0110: NVIDIA CUDA Toolkit contains a vulnerability in command `cuobjdump` where a user may cause an out-of-bound write by passing in a malformed ELF file. A successful exploit of this vulnerability may lead to code execution or denial of service.
CVE-2024-0111: NVIDIA CUDA Toolkit contains a vulnerability in command 'cuobjdump' where a user may cause a crash or produce incorrect output by passing a malformed ELF file. A successful exploit of this vulnerability may lead to a limited denial of service or data tampering.
CVE-2024-0123: NVIDIA CUDA toolkit for Windows and Linux contains a vulnerability in the nvdisasm command line tool where an attacker may cause an improper validation in input issue by tricking the user into running nvdisasm on a malicious ELF file. A successful exploit of this vulnerability may lead to denial of service.
CVE-2024-0124: NVIDIA CUDA Toolkit for Windows and Linux contains a vulnerability in the nvdisam command line tool, where a user can cause nvdisasm to read freed memory by running it on a malformed ELF file. A successful exploit of this vulnerability might lead to a limited denial of service.
CVE-2025-23247: NVIDIA CUDA Toolkit for all platforms contains a vulnerability in the cuobjdump binary, where a failure to check the length of a buffer could allow a user to cause the tool to crash or execute arbitrary code by passing in a malformed ELF file. A successful exploit of this vulnerability might lead to arbitrary code execution.

Created: 2024-04-06 Last update: 2025-07-25 18:00

11 security issues in bullseye high

There are 11 open security issues in bullseye.

3 important issues:

CVE-2024-0123: NVIDIA CUDA toolkit for Windows and Linux contains a vulnerability in the nvdisasm command line tool where an attacker may cause an improper validation in input issue by tricking the user into running nvdisasm on a malicious ELF file. A successful exploit of this vulnerability may lead to denial of service.
CVE-2024-0124: NVIDIA CUDA Toolkit for Windows and Linux contains a vulnerability in the nvdisam command line tool, where a user can cause nvdisasm to read freed memory by running it on a malformed ELF file. A successful exploit of this vulnerability might lead to a limited denial of service.
CVE-2025-23247: NVIDIA CUDA Toolkit for all platforms contains a vulnerability in the cuobjdump binary, where a failure to check the length of a buffer could allow a user to cause the tool to crash or execute arbitrary code by passing in a malformed ELF file. A successful exploit of this vulnerability might lead to arbitrary code execution.

5 issues postponed or untriaged:

CVE-2024-0072: (needs triaging) NVIDIA CUDA toolkit for all platforms contains a vulnerability in cuobjdump and nvdisasm where an attacker may cause a crash by tricking a user into reading a malformed ELF file. A successful exploit of this vulnerability may lead to a partial denial of service.
CVE-2024-0076: (needs triaging) NVIDIA CUDA toolkit for all platforms contains a vulnerability in cuobjdump and nvdisasm where an attacker may cause a crash by tricking a user into reading a malformed ELF file. A successful exploit of this vulnerability may lead to a partial denial of service.
CVE-2024-0102: (needs triaging) NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvdisasm, where an attacker can cause an out-of-bounds read issue by deceiving a user into reading a malformed ELF file. A successful exploit of this vulnerability might lead to denial of service.
CVE-2022-21821: (needs triaging) NVIDIA CUDA Toolkit SDK contains an integer overflow vulnerability in cuobjdump.To exploit this vulnerability, a remote attacker would require a local user to download a specially crafted, corrupted file and locally execute cuobjdump against the file. Such an attack may lead to remote code execution that causes complete denial of service and an impact on data confidentiality and integrity.
CVE-2022-34667: (needs triaging) NVIDIA CUDA Toolkit SDK contains a stack-based buffer overflow vulnerability in cuobjdump, where an unprivileged remote attacker could exploit this buffer overflow condition by persuading a local user to download a specially crafted corrupted file and execute cuobjdump against it locally, which may lead to a limited denial of service and some loss of data integrity for the local user.

3 ignored issues:

CVE-2024-0109: NVIDIA CUDA Toolkit contains a vulnerability in command `cuobjdump` where a user may cause a crash by passing in a malformed ELF file. A successful exploit of this vulnerability may cause an out of bounds read in the unprivileged process memory which could lead to a limited denial of service.
CVE-2024-0110: NVIDIA CUDA Toolkit contains a vulnerability in command `cuobjdump` where a user may cause an out-of-bound write by passing in a malformed ELF file. A successful exploit of this vulnerability may lead to code execution or denial of service.
CVE-2024-0111: NVIDIA CUDA Toolkit contains a vulnerability in command 'cuobjdump' where a user may cause a crash or produce incorrect output by passing a malformed ELF file. A successful exploit of this vulnerability may lead to a limited denial of service or data tampering.

Created: 2024-10-03 Last update: 2025-07-25 18:00

5 security issues in buster high

There are 5 open security issues in buster.

2 important issues:

CVE-2024-0072: NVIDIA CUDA toolkit for all platforms contains a vulnerability in cuobjdump and nvdisasm where an attacker may cause a crash by tricking a user into reading a malformed ELF file. A successful exploit of this vulnerability may lead to a partial denial of service.
CVE-2024-0076: NVIDIA CUDA toolkit for all platforms contains a vulnerability in cuobjdump and nvdisasm where an attacker may cause a crash by tricking a user into reading a malformed ELF file. A successful exploit of this vulnerability may lead to a partial denial of service.

2 issues postponed or untriaged:

CVE-2022-21821: (needs triaging) NVIDIA CUDA Toolkit SDK contains an integer overflow vulnerability in cuobjdump.To exploit this vulnerability, a remote attacker would require a local user to download a specially crafted, corrupted file and locally execute cuobjdump against the file. Such an attack may lead to remote code execution that causes complete denial of service and an impact on data confidentiality and integrity.
CVE-2022-34667: (needs triaging) NVIDIA CUDA Toolkit SDK contains a stack-based buffer overflow vulnerability in cuobjdump, where an unprivileged remote attacker could exploit this buffer overflow condition by persuading a local user to download a specially crafted corrupted file and execute cuobjdump against it locally, which may lead to a limited denial of service and some loss of data integrity for the local user.

1 ignored issue:

CVE-2020-5991: NVIDIA CUDA Toolkit, all versions prior to 11.1.1, contains a vulnerability in the NVJPEG library in which an out-of-bounds read or write operation may lead to code execution, denial of service, or information disclosure.

Created: 2024-04-06 Last update: 2024-05-18 04:38

lintian reports 5 warnings normal

Lintian reports 5 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2025-07-22 Last update: 2025-07-22 02:33

9 low-priority security issues in bookworm low

There are 9 open security issues in bookworm.

9 issues left for the package maintainer to handle:

CVE-2024-0072: (needs triaging) NVIDIA CUDA toolkit for all platforms contains a vulnerability in cuobjdump and nvdisasm where an attacker may cause a crash by tricking a user into reading a malformed ELF file. A successful exploit of this vulnerability may lead to a partial denial of service.
CVE-2024-0076: (needs triaging) NVIDIA CUDA toolkit for all platforms contains a vulnerability in cuobjdump and nvdisasm where an attacker may cause a crash by tricking a user into reading a malformed ELF file. A successful exploit of this vulnerability may lead to a partial denial of service.
CVE-2024-0102: (needs triaging) NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvdisasm, where an attacker can cause an out-of-bounds read issue by deceiving a user into reading a malformed ELF file. A successful exploit of this vulnerability might lead to denial of service.
CVE-2024-0109: (needs triaging) NVIDIA CUDA Toolkit contains a vulnerability in command `cuobjdump` where a user may cause a crash by passing in a malformed ELF file. A successful exploit of this vulnerability may cause an out of bounds read in the unprivileged process memory which could lead to a limited denial of service.
CVE-2024-0110: (needs triaging) NVIDIA CUDA Toolkit contains a vulnerability in command `cuobjdump` where a user may cause an out-of-bound write by passing in a malformed ELF file. A successful exploit of this vulnerability may lead to code execution or denial of service.
CVE-2024-0111: (needs triaging) NVIDIA CUDA Toolkit contains a vulnerability in command 'cuobjdump' where a user may cause a crash or produce incorrect output by passing a malformed ELF file. A successful exploit of this vulnerability may lead to a limited denial of service or data tampering.
CVE-2024-0123: (needs triaging) NVIDIA CUDA toolkit for Windows and Linux contains a vulnerability in the nvdisasm command line tool where an attacker may cause an improper validation in input issue by tricking the user into running nvdisasm on a malicious ELF file. A successful exploit of this vulnerability may lead to denial of service.
CVE-2024-0124: (needs triaging) NVIDIA CUDA Toolkit for Windows and Linux contains a vulnerability in the nvdisam command line tool, where a user can cause nvdisasm to read freed memory by running it on a malformed ELF file. A successful exploit of this vulnerability might lead to a limited denial of service.
CVE-2025-23247: (needs triaging) NVIDIA CUDA Toolkit for all platforms contains a vulnerability in the cuobjdump binary, where a failure to check the length of a buffer could allow a user to cause the tool to crash or execute arbitrary code by passing in a malformed ELF file. A successful exploit of this vulnerability might lead to arbitrary code execution.

You can find information about how to handle these issues in the security team's documentation.

Created: 2024-04-06 Last update: 2025-07-25 18:00

Build log checks report 1 warning low

Build log checks report 1 warning

Created: 2025-01-10 Last update: 2025-01-10 00:32

news

[2025-07-26] nvidia-cuda-toolkit 12.4.1-2 MIGRATED to testing (Debian testing watch)
[2025-07-21] Accepted nvidia-cuda-toolkit 12.4.1-2 (source) into unstable (Andreas Beckmann)
[2025-06-15] nvidia-cuda-toolkit 12.4.1-1 MIGRATED to testing (Debian testing watch)
[2025-06-12] Accepted nvidia-cuda-toolkit 12.4.1-1 (source) into unstable (Andreas Beckmann)
[2025-06-11] nvidia-cuda-toolkit 12.3.2-1 MIGRATED to testing (Debian testing watch)
[2025-05-22] Accepted nvidia-cuda-toolkit 12.4.0-2 (source) into experimental (Andreas Beckmann)
[2025-05-18] Accepted nvidia-cuda-toolkit 12.4.0-1 (source amd64 all) into experimental (Debian FTP Masters) (signed by: Andreas Beckmann)
[2025-05-07] Accepted nvidia-cuda-toolkit 12.3.2-1 (source) into unstable (Andreas Beckmann)
[2025-05-03] Accepted nvidia-cuda-toolkit 12.3.1-1 (source) into experimental (Andreas Beckmann)
[2025-04-29] Accepted nvidia-cuda-toolkit 12.3.0-1 (source amd64 all) into experimental (Debian FTP Masters) (signed by: Andreas Beckmann)
[2025-03-18] nvidia-cuda-toolkit 12.2.2-2 MIGRATED to testing (Debian testing watch)
[2025-03-13] Accepted nvidia-cuda-toolkit 12.2.2-2 (source) into unstable (Andreas Beckmann)
[2025-02-19] Accepted nvidia-cuda-toolkit 12.2.2-1 (source) into unstable (Andreas Beckmann)
[2025-01-21] nvidia-cuda-toolkit 12.2.1-3 MIGRATED to testing (Debian testing watch)
[2025-01-15] Accepted nvidia-cuda-toolkit 12.2.1-3 (source) into unstable (Andreas Beckmann)
[2025-01-07] Accepted nvidia-cuda-toolkit 12.2.1-2 (source) into unstable (Andreas Beckmann)
[2025-01-05] Accepted nvidia-cuda-toolkit 12.2.1-1 (source) into unstable (Andreas Beckmann)
[2024-10-31] nvidia-cuda-toolkit 12.2.0-3 MIGRATED to testing (Debian testing watch)
[2024-10-25] Accepted nvidia-cuda-toolkit 12.2.0-3 (source) into unstable (Andreas Beckmann)
[2024-10-16] Accepted nvidia-cuda-toolkit 12.2.0-2 (source) into experimental (Andreas Beckmann)
[2024-10-11] nvidia-cuda-toolkit 12.1.1-4 MIGRATED to testing (Debian testing watch)
[2024-10-05] Accepted nvidia-cuda-toolkit 12.1.1-4 (source) into unstable (Andreas Beckmann)
[2024-10-05] nvidia-cuda-toolkit 12.1.1-3 MIGRATED to testing (Debian testing watch)
[2024-09-30] Accepted nvidia-cuda-toolkit 12.1.1-3 (source) into unstable (Andreas Beckmann)
[2024-07-23] nvidia-cuda-toolkit 12.1.1-2 MIGRATED to testing (Debian testing watch)
[2024-07-17] Accepted nvidia-cuda-toolkit 12.1.1-2 (source) into unstable (Graham Inggs)
[2024-06-21] Accepted nvidia-cuda-toolkit 12.2.0-1 (source amd64 all) into experimental (Debian FTP Masters) (signed by: Andreas Beckmann)
[2024-05-18] nvidia-cuda-toolkit 12.1.1-1 MIGRATED to testing (Debian testing watch)
[2024-05-12] Accepted nvidia-cuda-toolkit 12.1.1-1 (source) into unstable (Andreas Beckmann)
[2024-05-11] nvidia-cuda-toolkit 12.1.0-2 MIGRATED to testing (Debian testing watch)

1
2

bugs [bug history graph]

all: 13
RC: 1
I&N: 9
M&W: 3
F&P: 0
patch: 0

links

homepage
lintian (0, 5)
buildd: logs, checks, cross
popcon
browse source code
edit tags
other distros
security tracker
screenshots
debci

ubuntu

[Information about Ubuntu for Debian Developers]

version: 12.4.1-2
9 bugs

Debian Package Tracker — Copyright 2013-2025 The Distro Tracker Developers

Report problems to the tracker.debian.org pseudo-package in the Debian BTS.

Documentation — Bugs — Git Repository — Contributing