CVE-2025-23280 — Use After Free in Nvidia Geforce
Severity
7.0HIGHNVD
EPSS
0.0%
top 95.30%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedOct 10
Description
NVIDIA Display Driver for Linux contains a vulnerability where an attacker could cause a use-after-free. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of service, and information disclosure.
CVSS vector
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.0 | Impact: 5.9
Affected Packages3 packages
▶CVEListV5nvidia/teslaAll driver versions prior to 535.274.02, All driver versions prior to 570.195.03, All driver versions prior to 580.95.05+2
▶CVEListV5nvidia/geforceAll driver versions prior to 535.274.02, All driver versions prior to 570.195.03, All driver versions prior to 580.95.05+2
🔴Vulnerability Details
3CVEList▶
CVE-2025-23280: NVIDIA Display Driver for Linux contains a vulnerability where an attacker could cause a use-after-free↗2025-10-10
OSV▶
CVE-2025-23280: NVIDIA Display Driver for Linux contains a vulnerability where an attacker could cause a use-after-free↗2025-10-10
GHSA▶
GHSA-mhh7-9rp6-6f9f: NVIDIA Display Driver for Linux contains a vulnerability where an attacker could cause a use-after-free↗2025-10-10
📋Vendor Advisories
1Debian▶
CVE-2025-23280: nvidia-graphics-drivers - NVIDIA Display Driver for Linux contains a vulnerability where an attacker could...↗2025