CVE-2025-23338

CWE-129Improper Array Index Validation5 documents5 sources
Severity
5.5MEDIUM
EPSS
0.0%
top 92.48%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Nvidia Cuda ToolkitNvidia Nvidia Cuda Toolkit
Timeline
PublishedSep 24

Description

NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvdisasm where a user may cause an out-of-bounds write by running nvdisasm on a malicious ELF file. A successful exploit of this vulnerability may lead to denial of service.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:LExploitability: 1.8 | Impact: 1.4

Affected Packages2 packages

NVDnvidia/cuda_toolkit< 13.0.0
CVEListV5nvidia/nvidia_cuda_toolkitAll versions prior to CUDA Toolkit 13.0

🔴Vulnerability Details

3
OSV
CVE-2025-23338: NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvdisasm where a user may cause an out-of-bounds write by running nvdisasm on a mali2025-09-24
GHSA
GHSA-7cwj-xv9g-xcqr: NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvdisasm where a user may cause an out-of-bounds write by running nvdisasm on a mali2025-09-24
CVEList
CVE-2025-23338: NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvdisasm where a user may cause an out-of-bounds write by running nvdisasm on a mali2025-09-24

📋Vendor Advisories

1
Debian
CVE-2025-23338: nvidia-cuda-toolkit - NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvdisasm where...2025
CVE-2025-23338 (MEDIUM CVSS 5.5) | NVIDIA CUDA Toolkit for all platfor | cvebase.io