CVE-2025-23300

CWE-476 — NULL Pointer Dereference6 documents6 sources

Severity

5.5MEDIUM

EPSS

0.0%

top 86.93%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Nvidia Geforce Nvidia Guest Driver Nvidia Tesla +1 more

Timeline

PublishedOct 23

Description

NVIDIA Display Driver for Linux contains a vulnerability in the kernel driver, where a user could cause a null pointer dereference by allocating a specific memory resource. A successful exploit of this vulnerability might lead to denial of service.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages8 packages

▶Debiannvidia-graphics-drivers-tesla< 525.147.05-6

▶Debiannvidia-graphics-drivers-tesla-450< 450.248.02-4

▶Debiannvidia-graphics-drivers-tesla-460< 460.106.00-3

▶Debiannvidia-graphics-drivers-tesla-535< 535.274.02-1~deb13u1+1

▶CVEListV5nvidia/guest_driver4 versions+3

🔴Vulnerability Details

CVEList

CVE-2025-23300: NVIDIA Display Driver for Linux contains a vulnerability in the kernel driver, where a user could cause a null pointer dereference by allocating a spe↗2025-10-23

▶

GHSA

GHSA-3vrr-h3vm-h333: NVIDIA Display Driver for Linux contains a vulnerability in the kernel driver, where a user could cause a null pointer dereference by allocating a spe↗2025-10-23

▶

OSV

CVE-2025-23300: NVIDIA Display Driver for Linux contains a vulnerability in the kernel driver, where a user could cause a null pointer dereference by allocating a spe↗2025-10-23

▶

📋Vendor Advisories

Red Hat

nvidia-display-driver: NVIDIA Display Driver Null pointer dereference↗2025-10-23

▶

Debian

CVE-2025-23300: nvidia-graphics-drivers - NVIDIA Display Driver for Linux contains a vulnerability in the kernel driver, w...↗2025

▶