CVE-2025-23273

CWE-3695 documents5 sources
Severity
4.7MEDIUM
EPSS
0.0%
top 97.28%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Nvidia Cuda ToolkitNvidia Nvidia Cuda ToolkitNvidia Nvjpeg
Timeline
PublishedSep 24

Description

NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvJPEG where a local authenticated user may cause a divide by zero error by submitting a specially crafted JPEG file. A successful exploit of this vulnerability may lead to denial of service.

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:LExploitability: 1.0 | Impact: 1.4

Affected Packages3 packages

NVDnvidia/cuda_toolkit< 13.0.0
CVEListV5nvidia/nvjpegAll versions prior to nvJPEG 13.0.0
CVEListV5nvidia/nvidia_cuda_toolkitAll versions prior to CUDA Toolkit 13.0

🔴Vulnerability Details

3
OSV
CVE-2025-23273: NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvJPEG where a local authenticated user may cause a divide by zero error by submitti2025-09-24
CVEList
CVE-2025-23273: NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvJPEG where a local authenticated user may cause a divide by zero error by submitti2025-09-24
GHSA
GHSA-747g-7pf6-5q6p: NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvJPEG where a local authenticated user may cause a divide by zero error by submitti2025-09-24

📋Vendor Advisories

1
Debian
CVE-2025-23273: nvidia-cuda-toolkit - NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvJPEG where a...2025
CVE-2025-23273 (MEDIUM CVSS 4.7) | NVIDIA CUDA Toolkit for all platfor | cvebase.io