CVE-2025-23282_CVE-2025-23282

7 / 10

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Description

NVIDIA Display Driver for Linux contains a vulnerability where an attacker might be able to use a race condition to escalate privileges. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of service, and information disclosure.

Basic Information

ID CVE-2025-23282

Source nvidia

Published Oct 10, 2025 at 17:41

Modified Oct 10, 2025 at 17:42

Affected Product

Vendor NVIDIA

Product Virtual GPU Manager

Version 580.82.02(All versions up to and including the August 2025 release)

Affected Versions NVIDIA Virtual GPU Manager 580.82.02(All versions up to and including the August 2025 release)
NVIDIA Virtual GPU Manager 580.82.02(All versions prior to and including vGPU 19.1)
NVIDIA Virtual GPU Manager 570.172.07(All versions prior to and including vGPU 18.4)
NVIDIA Virtual GPU Manager 535.261.04(All versions prior to and including vGPU 16.11)
NVIDIA GeForce All driver versions prior to 580.95.05
NVIDIA GeForce All driver versions prior to 570.195.03
NVIDIA GeForce All driver versions prior to 535.274.02
NVIDIA NVIDIA RTX, Quadro, NVS All driver versions prior to 580.95.05
NVIDIA NVIDIA RTX, Quadro, NVS All driver versions prior to 570.195.03
NVIDIA NVIDIA RTX, Quadro, NVS All driver versions prior to 535.274.02
NVIDIA Tesla All driver versions prior to 580.95.05
NVIDIA Tesla All driver versions prior to 570.195.03
NVIDIA Tesla All driver versions prior to 535.274.02
NVIDIA Guest driver 580.82.07(All versions prior to and including vGPU 19.1)
NVIDIA Guest driver 580.82.07(All versions up to and including the August 2025 release)
NVIDIA Guest driver 570.172.08(All versions prior to and including vGPU 18.4)
NVIDIA Guest driver 535.261.03(All versions prior to and including vGPU 16.11)

CWE Classification

CWE-415

References

{
    "lastseen": "",
    "description": "NVIDIA Display Driver for Linux contains a vulnerability where an attacker might be able to use a race condition to escalate privileges. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of service, and information disclosure.",
    "published": "2025-10-10T17:41:55.131Z",
    "modified": "2025-10-10T17:42:48.106Z",
    "type": "cve",
    "title": "CVE-2025-23282",
    "source": "nvidia",
    "references": "https://nvd.nist.gov/vuln/detail/CVE-2025-23282\nhttps://www.cve.org/CVERecord?id=CVE-2025-23282\nhttps://nvidia.custhelp.com/app/answers/detail/a_id/5703",
    "id": "CVE-2025-23282",
    "bulletinFamily": "",
    "cwe": [
        "CWE-415"
    ],
    "cvelist": null,
    "sourceData": "NVIDIA Virtual GPU Manager 580.82.02(All versions up to and including the August 2025 release)\nNVIDIA Virtual GPU Manager 580.82.02(All versions prior to and including vGPU 19.1)\nNVIDIA Virtual GPU Manager 570.172.07(All versions prior to and including vGPU 18.4)\nNVIDIA Virtual GPU Manager 535.261.04(All versions prior to and including vGPU 16.11)\nNVIDIA GeForce All driver versions prior to 580.95.05\nNVIDIA GeForce All driver versions prior to 570.195.03\nNVIDIA GeForce All driver versions prior to 535.274.02\nNVIDIA NVIDIA RTX, Quadro, NVS All driver versions prior to 580.95.05\nNVIDIA NVIDIA RTX, Quadro, NVS All driver versions prior to 570.195.03\nNVIDIA NVIDIA RTX, Quadro, NVS All driver versions prior to 535.274.02\nNVIDIA Tesla All driver versions prior to 580.95.05\nNVIDIA Tesla All driver versions prior to 570.195.03\nNVIDIA Tesla All driver versions prior to 535.274.02\nNVIDIA Guest driver 580.82.07(All versions prior to and including vGPU 19.1)\nNVIDIA Guest driver 580.82.07(All versions up to and including the August 2025 release)\nNVIDIA Guest driver 570.172.08(All versions prior to and including vGPU 18.4)\nNVIDIA Guest driver 535.261.03(All versions prior to and including vGPU 16.11)",
    "sourceHref": "",
    "cvss": {
        "score": 7,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Virtual GPU Manager",
    "version": "580.82.02(All versions up to and including the August 2025 release)",
    "vendor": "NVIDIA",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}