CVE-2025-23332 — NULL Pointer Dereference in Nvidia Geforce
Severity
5.0MEDIUMNVD
EPSS
0.0%
top 92.47%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedOct 23
Description
NVIDIA Display Driver for Linux contains a vulnerability in a kernel module, where an attacker might be able to trigger a null pointer deference. A successful exploit of this vulnerability might lead to denial of service.
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:HExploitability: 1.3 | Impact: 3.6
Affected Packages4 packages
▶CVEListV5nvidia/teslaAll driver versions prior to 535.274.02, All driver versions prior to 570.195.03, All driver versions prior to 580.95.05+2
▶CVEListV5nvidia/geforceAll driver versions prior to 535.274.02, All driver versions prior to 570.195.03, All driver versions prior to 580.95.05+2
▶CVEListV5nvidia/virtual_gpu_manager535.261.04(All versions prior to and including vGPU 16.11), 570.172.07(All versions prior to and including vGPU 18.4), 580.82.02(All versions prior to and including vGPU 19.1)+2
🔴Vulnerability Details
3CVEList▶
CVE-2025-23332: NVIDIA Display Driver for Linux contains a vulnerability in a kernel module, where an attacker might be able to trigger a null pointer deference↗2025-10-23
GHSA▶
GHSA-3cg3-jw2v-vmvx: NVIDIA Display Driver for Linux contains a vulnerability in a kernel module, where an attacker might be able to trigger a null pointer deference↗2025-10-23
OSV▶
CVE-2025-23332: NVIDIA Display Driver for Linux contains a vulnerability in a kernel module, where an attacker might be able to trigger a null pointer deference↗2025-10-23