ALAS2023NVIDIA-2026-279

Amazon Linux 2023 Security Advisory: ALAS2023NVIDIA-2026-279
Advisory Released Date: 2026-05-15
Advisory Updated Date: 2026-05-25

Severity: Medium

References: CVE-2024-0110
FAQs regarding Amazon Linux ALAS/CVE Severity

Issue Overview:

NVIDIA CUDA Toolkit contains a vulnerability in command `cuobjdump` where a user may cause an out-of-bound write by passing in a malformed ELF file. A successful exploit of this vulnerability may lead to code execution or denial of service. (CVE-2024-0110)

Affected Packages:

cuda-toolkit

Issue Correction:
Run dnf update cuda-toolkit --releasever latest or dnf update --advisory ALAS2023NVIDIA-2026-279 --releasever latest to update your system.
More information on how to update your system can be found on this page: Amazon Linux 2023 documentation

New Packages:

x86_64:
    cuda-toolkit-12.6.1-1.x86_64

Additional References

Release Notes: Amazon Linux 2023 Release Notes

Red Hat: CVE-2024-0110

Mitre: CVE-2024-0110