CVE-2025-23274_CVE-2025-23274

4.5 / 10

MEDIUM

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L

Description

NVIDIA nvJPEG contains a vulnerability in jpeg encoding where a user may cause an out-of-bounds read by providing a maliciously crafted input image with dimensions that cause integer overflows in array index calculations. A successful exploit of this vulnerability may lead to denial of service.

Basic Information

ID CVE-2025-23274

Source nvidia

Published Sep 24, 2025 at 13:12

Affected Product

Vendor NVIDIA

Product NVIDIA CUDA Toolkit

Version All versions prior to CUDA Toolkit 13.0

Affected Versions NVIDIA NVIDIA CUDA Toolkit All versions prior to CUDA Toolkit 13.0
NVIDIA nvJPEG All versions prior to nvJPEG 13.0.0

CWE Classification

CWE-125

References

{
    "lastseen": "",
    "description": "NVIDIA nvJPEG contains a vulnerability in jpeg encoding where a user may cause an out-of-bounds read by providing a maliciously crafted input image with dimensions that cause integer overflows in array index calculations. A successful exploit of this vulnerability may lead to denial of service.",
    "published": "2025-09-24T13:12:19.823Z",
    "modified": "2025-09-24T13:12:19.823Z",
    "type": "cve",
    "title": "CVE-2025-23274",
    "source": "nvidia",
    "references": "https://nvd.nist.gov/vuln/detail/CVE-2025-23274\nhttps://www.cve.org/CVERecord?id=CVE-2025-23274\nhttps://nvidia.custhelp.com/app/answers/detail/a_id/5661",
    "id": "CVE-2025-23274",
    "bulletinFamily": "",
    "cwe": [
        "CWE-125"
    ],
    "cvelist": null,
    "sourceData": "NVIDIA NVIDIA CUDA Toolkit All versions prior to CUDA Toolkit 13.0\nNVIDIA nvJPEG All versions prior to nvJPEG 13.0.0",
    "sourceHref": "",
    "cvss": {
        "score": 4.5,
        "severity": "MEDIUM",
        "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "NVIDIA CUDA Toolkit",
    "version": "All versions prior to CUDA Toolkit 13.0",
    "vendor": "NVIDIA",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}