CVE-2025-23275

HIGH7.1EPSS 0.02%

發布日:2025/9/24修改日:2026/5/30

描述

NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvJPEG where a local authenticated user may cause a GPU out-of-bounds write by providing certain image dimensions. A successful exploit of this vulnerability may lead to denial of service and information disclosure.

受影響套件(1)

Debian/nvidia-cuda-toolkitfrom 0

CVSS 分數

來源	版本	嚴重程度	向量
osv	CVSS 3.1	HIGH7.1	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

參考連結(1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2025-23275