FKIE_CVE-2025-23275

Vulnerability from fkie_nvd - Published: 2025-09-24 14:15 - Updated: 2025-10-06 14:51
Severity ?
4.2 (Medium) - CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L
7.1 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
Summary
NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvJPEG where a local authenticated user may cause a GPU out-of-bounds write by providing certain image dimensions. A successful exploit of this vulnerability may lead to denial of service and information disclosure.
References
psirt@nvidia.comhttps://nvd.nist.gov/vuln/detail/CVE-2025-23275Third Party Advisory
psirt@nvidia.comhttps://nvidia.custhelp.com/app/answers/detail/a_id/5661Vendor Advisory
psirt@nvidia.comhttps://www.cve.org/CVERecord?id=CVE-2025-23275Third Party Advisory
Impacted products
Vendor Product Version
nvidia cuda_toolkit *
linux linux_kernel -
microsoft windows -
nvidia nvjpeg -
linux linux_kernel -
microsoft windows -
nvidia driveos -
nvidia linux_for_tegra -
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:nvidia:cuda_toolkit:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "970ED8B6-06F1-46FF-B2A7-F55E719FB1CA",
              "versionEndExcluding": "13.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:nvidia:nvjpeg:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5D06AD3-1AD1-42F4-86FB-AEE6FCCEB90F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:nvidia:driveos:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1BE9DB43-7814-4F31-A662-2E668BD74FC9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:nvidia:linux_for_tegra:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE63BA35-E2A7-4641-845D-FC84B3BA3AE4",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvJPEG where a local authenticated user may cause a GPU out-of-bounds write by providing certain image dimensions.  A successful exploit of this vulnerability may lead to denial of service and information disclosure."
    },
    {
      "lang": "es",
      "value": "NVIDIA CUDA Toolkit para todas las plataformas contiene una vulnerabilidad en nvJPEG donde un usuario local autenticado puede causar una escritura fuera de l\u00edmites de la GPU al proporcionar ciertas dimensiones de imagen. Un exploit exitoso de esta vulnerabilidad puede conducir a denegaci\u00f3n de servicio y revelaci\u00f3n de informaci\u00f3n."
    }
  ],
  "id": "CVE-2025-23275",
  "lastModified": "2025-10-06T14:51:06.530",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "LOCAL",
          "availabilityImpact": "LOW",
          "baseScore": 4.2,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L",
          "version": "3.1"
        },
        "exploitabilityScore": 0.8,
        "impactScore": 3.4,
        "source": "psirt@nvidia.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.1,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.2,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2025-09-24T14:15:47.660",
  "references": [
    {
      "source": "psirt@nvidia.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-23275"
    },
    {
      "source": "psirt@nvidia.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5661"
    },
    {
      "source": "psirt@nvidia.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-23275"
    }
  ],
  "sourceIdentifier": "psirt@nvidia.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "psirt@nvidia.com",
      "type": "Secondary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.