CVE-2024-53878 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	2.8 LOW	LOCAL	LOW	LOW	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L
nvidia	CNA	2.8 LOW	LOCAL	LOW	LOW	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L
CISA-ADP	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 16%

Vendor	Product	Version
nvidia	cuda_toolkit	𝑥 < 12.8.0

𝑥

= Vulnerable software versions

Debian Releases

Debian Product

Codename

nvidia-cuda-toolkit

bullseye/non-free	unimportant
bookworm/non-free	unimportant
trixie/non-free	unimportant
forky/non-free	unimportant
sid/non-free	unimportant

Ubuntu Releases

Ubuntu Product

Codename

nvidia-cuda-toolkit

plucky	needs-triage
oracular	ignored
noble	needs-triage
jammy	needs-triage
focal	needs-triage
bionic	needs-triage
xenial	needs-triage

Common Weakness Enumeration

CWE-1284 - Improper Validation of Specified Quantity in Input
The product receives input that is expected to specify a quantity (such as size or length), but it does not validate or incorrectly validates that the quantity has the required properties.

References

https://nvidia.custhelp.com/app/answers/detail/a_id/5594