Vulnerability Details CVE-2011-0636
The (1) cudaHostAlloc and (2) cuMemHostAlloc functions in the NVIDIA CUDA Toolkit 3.2 developer drivers for Linux 260.19.26, and possibly other versions, do not initialize pinned memory, which allows local users to read potentially sensitive memory, such as file fragments during read or write operations.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 18.5%
CVSS Severity
CVSS v2 Score 2.1
References
- http://classic.chem.msu.su/cgi-bin/ceilidh.exe/gran/gamess/forum/?C35e9ea936bHW-7675-1380-00.htm
- http://classic.chem.msu.su/cgi-bin/ceilidh.exe/gran/gamess/forum/?C35e9ea936bHW-7676-1022+00.htm
- http://classic.chem.msu.su/cgi-bin/ceilidh.exe/gran/gamess/forum/?C35e9ea936bHW-7677-1391+00.htm
- http://classic.chem.msu.su/cgi-bin/ceilidh.exe/gran/gamess/forum/?C35e9ea936bHW-7681-487+00.htm
- http://forums.nvidia.com/index.php?showtopic=190303
- http://osvdb.org/70420
- http://secunia.com/advisories/42859
- http://www.securityfocus.com/archive/1/515591/100/0/threaded
- http://www.securityfocus.com/archive/1/516121/100/0/threaded
- http://www.securityfocus.com/bid/45717
- http://www.securitytracker.com/id?1024962
- https://exchange.xforce.ibmcloud.com/vulnerabilities/64710
- http://classic.chem.msu.su/cgi-bin/ceilidh.exe/gran/gamess/forum/?C35e9ea936bHW-7675-1380-00.htm
- http://classic.chem.msu.su/cgi-bin/ceilidh.exe/gran/gamess/forum/?C35e9ea936bHW-7676-1022+00.htm
- http://classic.chem.msu.su/cgi-bin/ceilidh.exe/gran/gamess/forum/?C35e9ea936bHW-7677-1391+00.htm
- http://classic.chem.msu.su/cgi-bin/ceilidh.exe/gran/gamess/forum/?C35e9ea936bHW-7681-487+00.htm
- http://forums.nvidia.com/index.php?showtopic=190303
- http://osvdb.org/70420
- http://secunia.com/advisories/42859
- http://www.securityfocus.com/archive/1/515591/100/0/threaded
- http://www.securityfocus.com/archive/1/516121/100/0/threaded
- http://www.securityfocus.com/bid/45717
- http://www.securitytracker.com/id?1024962
- https://exchange.xforce.ibmcloud.com/vulnerabilities/64710
Products affected by CVE-2011-0636
-
cpe:2.3:a:nvidia:cuda_toolkit:3.2