ALAS2023NVIDIA-2026-278

Amazon Linux 2023 Security Advisory: ALAS2023NVIDIA-2026-278
Advisory Released Date: 2026-05-15
Advisory Updated Date: 2026-05-25

Severity: Medium

References: CVE-2024-0110
FAQs regarding Amazon Linux ALAS/CVE Severity

Issue Overview:

NVIDIA CUDA Toolkit contains a vulnerability in command `cuobjdump` where a user may cause an out-of-bound write by passing in a malformed ELF file. A successful exploit of this vulnerability may lead to code execution or denial of service. (CVE-2024-0110)

Affected Packages:

cuda-toolkit-12

Issue Correction:
Run dnf update cuda-toolkit-12 --releasever latest or dnf update --advisory ALAS2023NVIDIA-2026-278 --releasever latest to update your system.
More information on how to update your system can be found on this page: Amazon Linux 2023 documentation

New Packages:

x86_64:
    cuda-toolkit-12-12.6.1-1.x86_64

Additional References

Release Notes: Amazon Linux 2023 Release Notes

Red Hat: CVE-2024-0110

Mitre: CVE-2024-0110