fkie_nvd - fkie_cve-2011-0636

fkie_cve-2011-0636

Vulnerability from fkie_nvd

Published

2011-01-22 22:00

Modified

2025-04-11 00:51

Severity ?

Summary

The (1) cudaHostAlloc and (2) cuMemHostAlloc functions in the NVIDIA CUDA Toolkit 3.2 developer drivers for Linux 260.19.26, and possibly other versions, do not initialize pinned memory, which allows local users to read potentially sensitive memory, such as file fragments during read or write operations.

References

URL	Tags
cve@mitre.org	http://classic.chem.msu.su/cgi-bin/ceilidh.exe/gran/gamess/forum/?C35e9ea936bHW-7675-1380-00.htm
cve@mitre.org	http://classic.chem.msu.su/cgi-bin/ceilidh.exe/gran/gamess/forum/?C35e9ea936bHW-7676-1022+00.htm
cve@mitre.org	http://classic.chem.msu.su/cgi-bin/ceilidh.exe/gran/gamess/forum/?C35e9ea936bHW-7677-1391+00.htm
cve@mitre.org	http://classic.chem.msu.su/cgi-bin/ceilidh.exe/gran/gamess/forum/?C35e9ea936bHW-7681-487+00.htm
cve@mitre.org	http://forums.nvidia.com/index.php?showtopic=190303
cve@mitre.org	http://osvdb.org/70420
cve@mitre.org	http://secunia.com/advisories/42859	Vendor Advisory
cve@mitre.org	http://www.securityfocus.com/archive/1/515591/100/0/threaded
cve@mitre.org	http://www.securityfocus.com/archive/1/516121/100/0/threaded
cve@mitre.org	http://www.securityfocus.com/bid/45717
cve@mitre.org	http://www.securitytracker.com/id?1024962
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/64710
af854a3a-2127-422b-91ae-364da2661108	http://classic.chem.msu.su/cgi-bin/ceilidh.exe/gran/gamess/forum/?C35e9ea936bHW-7675-1380-00.htm
af854a3a-2127-422b-91ae-364da2661108	http://classic.chem.msu.su/cgi-bin/ceilidh.exe/gran/gamess/forum/?C35e9ea936bHW-7676-1022+00.htm
af854a3a-2127-422b-91ae-364da2661108	http://classic.chem.msu.su/cgi-bin/ceilidh.exe/gran/gamess/forum/?C35e9ea936bHW-7677-1391+00.htm
af854a3a-2127-422b-91ae-364da2661108	http://classic.chem.msu.su/cgi-bin/ceilidh.exe/gran/gamess/forum/?C35e9ea936bHW-7681-487+00.htm
af854a3a-2127-422b-91ae-364da2661108	http://forums.nvidia.com/index.php?showtopic=190303
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/70420
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/42859	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/515591/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/516121/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/45717
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1024962
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/64710

Impacted products

	Vendor	Product	Version
	nvidia	cuda_toolkit	3.2

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:nvidia:cuda_toolkit:3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "D847561A-6054-405E-8AF8-4C10C2B62F65",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The (1) cudaHostAlloc and (2) cuMemHostAlloc functions in the NVIDIA CUDA Toolkit 3.2 developer drivers for Linux 260.19.26, and possibly other versions, do not initialize pinned memory, which allows local users to read potentially sensitive memory, such as file fragments during read or write operations."
    },
    {
      "lang": "es",
      "value": "Las funciones (1) cudaHostAlloc y (2) cuMemHostAlloc de los controladores de desarrollador NVIDIA CUDA Toolkit 3.2 para Linux 260.19.26, y posiblemente otras versiones, no inicializan la memoria de tipo \"pinned\" (que nunca se mueve a almacenamiento secundario), lo que permite a usuarios locales leer datos de memoria como fragmentos de archivos durante las operaciones de lectura o escritura."
    }
  ],
  "id": "CVE-2011-0636",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 2.1,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2011-01-22T22:00:07.053",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://classic.chem.msu.su/cgi-bin/ceilidh.exe/gran/gamess/forum/?C35e9ea936bHW-7675-1380-00.htm"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://classic.chem.msu.su/cgi-bin/ceilidh.exe/gran/gamess/forum/?C35e9ea936bHW-7676-1022+00.htm"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://classic.chem.msu.su/cgi-bin/ceilidh.exe/gran/gamess/forum/?C35e9ea936bHW-7677-1391+00.htm"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://classic.chem.msu.su/cgi-bin/ceilidh.exe/gran/gamess/forum/?C35e9ea936bHW-7681-487+00.htm"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://forums.nvidia.com/index.php?showtopic=190303"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://osvdb.org/70420"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/42859"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/515591/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/516121/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/45717"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id?1024962"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64710"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://classic.chem.msu.su/cgi-bin/ceilidh.exe/gran/gamess/forum/?C35e9ea936bHW-7675-1380-00.htm"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://classic.chem.msu.su/cgi-bin/ceilidh.exe/gran/gamess/forum/?C35e9ea936bHW-7676-1022+00.htm"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://classic.chem.msu.su/cgi-bin/ceilidh.exe/gran/gamess/forum/?C35e9ea936bHW-7677-1391+00.htm"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://classic.chem.msu.su/cgi-bin/ceilidh.exe/gran/gamess/forum/?C35e9ea936bHW-7681-487+00.htm"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://forums.nvidia.com/index.php?showtopic=190303"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/70420"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/42859"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/515591/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/516121/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/45717"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1024962"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64710"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-200"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CVE-2011-0636 (GCVE-0-2011-0636)

Vulnerability from cvelistv5

Published

2011-01-22 21:00