CVE-2025-23345

CWE-125Out-of-bounds Read6 documents6 sources
Severity
4.4MEDIUM
EPSS
0.0%
top 89.11%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Nvidia GeforceNvidia Guest DriverNvidia Tesla
Timeline
PublishedOct 23

Description

NVIDIA Display Driver for Windows and Linux contains a vulnerability in a video decoder, where an attacker might cause an out-of-bounds read. A successful exploit of this vulnerability might lead to information disclosure or denial of service.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:LExploitability: 1.8 | Impact: 2.5

Affected Packages7 packages

Debiannvidia-graphics-drivers-tesla< 525.147.05-6
Debiannvidia-graphics-drivers-tesla-450< 450.248.02-4
Debiannvidia-graphics-drivers-tesla-460< 460.106.00-3
Debiannvidia-graphics-drivers-tesla-535< 535.274.02-1~deb13u1+1
CVEListV5nvidia/guest_driver7 versions+6

🔴Vulnerability Details

3
CVEList
CVE-2025-23345: NVIDIA Display Driver for Windows and Linux contains a vulnerability in a video decoder, where an attacker might cause an out-of-bounds read2025-10-23
GHSA
GHSA-jwrp-8wgv-pm74: NVIDIA Display Driver for Windows and Linux contains a vulnerability in a video decoder, where an attacker might cause an out-of-bounds read2025-10-23
OSV
CVE-2025-23345: NVIDIA Display Driver for Windows and Linux contains a vulnerability in a video decoder, where an attacker might cause an out-of-bounds read2025-10-23

📋Vendor Advisories

2
Red Hat
nvidia-display-driver: NVIDIA Display Driver out of bound read2025-10-23
Debian
CVE-2025-23345: nvidia-graphics-drivers - NVIDIA Display Driver for Windows and Linux contains a vulnerability in a video ...2025
CVE-2025-23345 (MEDIUM CVSS 4.4) | NVIDIA Display Driver for Windows a | cvebase.io