{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-23345", "assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6", "state": "PUBLISHED", "assignerShortName": "nvidia", "dateReserved": "2025-01-14T01:07:21.737Z", "datePublished": "2025-10-23T18:25:48.962Z", "dateUpdated": "2025-10-23T19:02:50.583Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "platforms": ["Windows(R580)"], "product": "GeForce", "vendor": "NVIDIA", "versions": [{"status": "affected", "version": "All driver versions prior to 581.42"}]}, {"defaultStatus": "unaffected", "platforms": ["Windows(R580)"], "product": "NVIDIA RTX, Quadro, NVS", "vendor": "NVIDIA", "versions": [{"status": "affected", "version": "All driver versions prior to 581.42"}]}, {"defaultStatus": "unaffected", "platforms": ["Windows(R570)"], "product": "NVIDIA RTX, Quadro, NVS", "vendor": "NVIDIA", "versions": [{"status": "affected", "version": "All driver versions prior to 573.76"}]}, {"defaultStatus": "unaffected", "platforms": ["Windows(R535)"], "product": "NVIDIA RTX, Quadro, NVS", "vendor": "NVIDIA", "versions": [{"status": "affected", "version": "All driver versions prior to 539.56"}]}, {"defaultStatus": "unaffected", "platforms": ["Windows(R580)"], "product": "Tesla", "vendor": "NVIDIA", "versions": [{"status": "affected", "version": "All driver versions prior to 581.42"}]}, {"defaultStatus": "unaffected", "platforms": ["Windows(R570)"], "product": "Tesla", "vendor": "NVIDIA", "versions": [{"status": "affected", "version": "All driver versions prior to 573.76"}]}, {"defaultStatus": "unaffected", "platforms": ["Windows(R535)"], "product": "Tesla", "vendor": "NVIDIA", "versions": [{"status": "affected", "version": "All driver versions prior to 539.56"}]}, {"defaultStatus": "unaffected", "platforms": ["Linux(R580)"], "product": "GeForce", "vendor": "NVIDIA", "versions": [{"status": "affected", "version": "All driver versions prior to 580.95.05"}]}, {"defaultStatus": "unaffected", "platforms": ["Linux(R570)"], "product": "GeForce", "vendor": "NVIDIA", "versions": [{"status": "affected", "version": "All driver versions prior to 570.195.03"}]}, {"defaultStatus": "unaffected", "platforms": ["Linux(R535)"], "product": "GeForce", "vendor": "NVIDIA", "versions": [{"status": "affected", "version": "All driver versions prior to 535.274.02"}]}, {"defaultStatus": "unaffected", "platforms": ["Linux(R580)"], "product": "NVIDIA RTX, Quadro, NVS", "vendor": "NVIDIA", "versions": [{"status": "affected", "version": "All driver versions prior to 580.95.05"}]}, {"defaultStatus": "unaffected", "platforms": ["Linux(R570)"], "product": "NVIDIA RTX, Quadro, NVS", "vendor": "NVIDIA", "versions": [{"status": "affected", "version": "All driver versions prior to 570.195.03"}]}, {"defaultStatus": "unaffected", "platforms": ["Linux(R535)"], "product": "NVIDIA RTX, Quadro, NVS", "vendor": "NVIDIA", "versions": [{"status": "affected", "version": "All driver versions prior to 535.274.02"}]}, {"defaultStatus": "unaffected", "platforms": ["Linux(R580)"], "product": "Tesla", "vendor": "NVIDIA", "versions": [{"status": "affected", "version": "All driver versions prior to 580.95.05"}]}, {"defaultStatus": "unaffected", "platforms": ["Linux(R570)"], "product": "Tesla", "vendor": "NVIDIA", "versions": [{"status": "affected", "version": "All driver versions prior to 570.195.03"}]}, {"defaultStatus": "unaffected", "platforms": ["Linux(R535)"], "product": "Tesla", "vendor": "NVIDIA", "versions": [{"status": "affected", "version": "All driver versions prior to 535.274.02"}]}, {"defaultStatus": "unaffected", "platforms": ["Linux(R580 Gaming)"], "product": "Guest driver", "vendor": "NVIDIA", "versions": [{"status": "affected", "version": "580.82.07(All versions up to and including the August 2025 release)"}]}, {"defaultStatus": "unaffected", "platforms": ["Linux(R570 vGPU 18)"], "product": "Guest driver", "vendor": "NVIDIA", "versions": [{"status": "affected", "version": "570.172.08(All versions prior to and including vGPU 18.4)"}]}, {"defaultStatus": "unaffected", "platforms": ["Linux(R535 vGPU 16)"], "product": "Guest driver", "vendor": "NVIDIA", "versions": [{"status": "affected", "version": "535.261.03(All versions prior to and including vGPU 16.11)"}]}, {"defaultStatus": "unaffected", "platforms": ["Windows(R580 vGPU 19)"], "product": "Guest driver", "vendor": "NVIDIA", "versions": [{"status": "affected", "version": "581.15(All versions prior to and including vGPU19.1)"}]}, {"defaultStatus": "unaffected", "platforms": ["Windows(R570 vGPU 18)"], "product": "Guest driver", "vendor": "NVIDIA", "versions": [{"status": "affected", "version": "573.48(All versions prior to and including vGPU 18.4)"}]}, {"defaultStatus": "unaffected", "platforms": ["Windows(R535 vGPU 16)"], "product": "Guest driver", "vendor": "NVIDIA", "versions": [{"status": "affected", "version": "539.41(All versions prior to and including vGPU 16.11)"}]}, {"defaultStatus": "unaffected", "platforms": ["Linux(R580 vGPU)"], "product": "Guest driver", "vendor": "NVIDIA", "versions": [{"status": "affected", "version": "580.82.07(All versions prior to and including vGPU 19.1)"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": true, "type": "text/html", "value": "NVIDIA Display Driver for Windows and Linux contains a vulnerability in a video decoder, where an attacker might cause an out-of-bounds read. A successful exploit of this vulnerability might lead to information disclosure or denial of service."}], "value": "NVIDIA Display Driver for Windows and Linux contains a vulnerability in a video decoder, where an attacker might cause an out-of-bounds read. A successful exploit of this vulnerability might lead to information disclosure or denial of service."}], "impacts": [{"descriptions": [{"lang": "en", "value": "Denial of Service, Information Disclosure"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-125", "description": "CWE-125 Out-of-bounds Read", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6", "shortName": "nvidia", "dateUpdated": "2025-10-23T18:25:48.962Z"}, "references": [{"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-23345"}, {"url": "https://www.cve.org/CVERecord?id=CVE-2025-23345"}, {"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5703"}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "NVIDIA PSIRT"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-10-23T19:02:41.360638Z", "id": "CVE-2025-23345", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-10-23T19:02:50.583Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-23345", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-10-23T19:02:41.360638Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-10-23T19:02:47.310Z"}}], "cna": {"source": {"discovery": "UNKNOWN"}, "impacts": [{"descriptions": [{"lang": "en", "value": "Denial of Service, Information Disclosure"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.4, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "NVIDIA", "product": "GeForce", "versions": [{"status": "affected", "version": "All driver versions prior to 581.42"}], "platforms": ["Windows(R580)"], "defaultStatus": "unaffected"}, {"vendor": "NVIDIA", "product": "NVIDIA RTX, Quadro, NVS", "versions": [{"status": "affected", "version": "All driver versions prior to 581.42"}], "platforms": ["Windows(R580)"], "defaultStatus": "unaffected"}, {"vendor": "NVIDIA", "product": "NVIDIA RTX, Quadro, NVS", "versions": [{"status": "affected", "version": "All driver versions prior to 573.76"}], "platforms": ["Windows(R570)"], "defaultStatus": "unaffected"}, {"vendor": "NVIDIA", "product": "NVIDIA RTX, Quadro, NVS", "versions": [{"status": "affected", "version": "All driver versions prior to 539.56"}], "platforms": ["Windows(R535)"], "defaultStatus": "unaffected"}, {"vendor": "NVIDIA", "product": "Tesla", "versions": [{"status": "affected", "version": "All driver versions prior to 581.42"}], "platforms": ["Windows(R580)"], "defaultStatus": "unaffected"}, {"vendor": "NVIDIA", "product": "Tesla", "versions": [{"status": "affected", "version": "All driver versions prior to 573.76"}], "platforms": ["Windows(R570)"], "defaultStatus": "unaffected"}, {"vendor": "NVIDIA", "product": "Tesla", "versions": [{"status": "affected", "version": "All driver versions prior to 539.56"}], "platforms": ["Windows(R535)"], "defaultStatus": "unaffected"}, {"vendor": "NVIDIA", "product": "GeForce", "versions": [{"status": "affected", "version": "All driver versions prior to 580.95.05"}], "platforms": ["Linux(R580)"], "defaultStatus": "unaffected"}, {"vendor": "NVIDIA", "product": "GeForce", "versions": [{"status": "affected", "version": "All driver versions prior to 570.195.03"}], "platforms": ["Linux(R570)"], "defaultStatus": "unaffected"}, {"vendor": "NVIDIA", "product": "GeForce", "versions": [{"status": "affected", "version": "All driver versions prior to 535.274.02"}], "platforms": ["Linux(R535)"], "defaultStatus": "unaffected"}, {"vendor": "NVIDIA", "product": "NVIDIA RTX, Quadro, NVS", "versions": [{"status": "affected", "version": "All driver versions prior to 580.95.05"}], "platforms": ["Linux(R580)"], "defaultStatus": "unaffected"}, {"vendor": "NVIDIA", "product": "NVIDIA RTX, Quadro, NVS", "versions": [{"status": "affected", "version": "All driver versions prior to 570.195.03"}], "platforms": ["Linux(R570)"], "defaultStatus": "unaffected"}, {"vendor": "NVIDIA", "product": "NVIDIA RTX, Quadro, NVS", "versions": [{"status": "affected", "version": "All driver versions prior to 535.274.02"}], "platforms": ["Linux(R535)"], "defaultStatus": "unaffected"}, {"vendor": "NVIDIA", "product": "Tesla", "versions": [{"status": "affected", "version": "All driver versions prior to 580.95.05"}], "platforms": ["Linux(R580)"], "defaultStatus": "unaffected"}, {"vendor": "NVIDIA", "product": "Tesla", "versions": [{"status": "affected", "version": "All driver versions prior to 570.195.03"}], "platforms": ["Linux(R570)"], "defaultStatus": "unaffected"}, {"vendor": "NVIDIA", "product": "Tesla", "versions": [{"status": "affected", "version": "All driver versions prior to 535.274.02"}], "platforms": ["Linux(R535)"], "defaultStatus": "unaffected"}, {"vendor": "NVIDIA", "product": "Guest driver", "versions": [{"status": "affected", "version": "580.82.07(All versions up to and including the August 2025 release)"}], "platforms": ["Linux(R580 Gaming)"], "defaultStatus": "unaffected"}, {"vendor": "NVIDIA", "product": "Guest driver", "versions": [{"status": "affected", "version": "570.172.08(All versions prior to and including vGPU 18.4)"}], "platforms": ["Linux(R570 vGPU 18)"], "defaultStatus": "unaffected"}, {"vendor": "NVIDIA", "product": "Guest driver", "versions": [{"status": "affected", "version": "535.261.03(All versions prior to and including vGPU 16.11)"}], "platforms": ["Linux(R535 vGPU 16)"], "defaultStatus": "unaffected"}, {"vendor": "NVIDIA", "product": "Guest driver", "versions": [{"status": "affected", "version": "581.15(All versions prior to and including vGPU19.1)"}], "platforms": ["Windows(R580 vGPU 19)"], "defaultStatus": "unaffected"}, {"vendor": "NVIDIA", "product": "Guest driver", "versions": [{"status": "affected", "version": "573.48(All versions prior to and including vGPU 18.4)"}], "platforms": ["Windows(R570 vGPU 18)"], "defaultStatus": "unaffected"}, {"vendor": "NVIDIA", "product": "Guest driver", "versions": [{"status": "affected", "version": "539.41(All versions prior to and including vGPU 16.11)"}], "platforms": ["Windows(R535 vGPU 16)"], "defaultStatus": "unaffected"}, {"vendor": "NVIDIA", "product": "Guest driver", "versions": [{"status": "affected", "version": "580.82.07(All versions prior to and including vGPU 19.1)"}], "platforms": ["Linux(R580 vGPU)"], "defaultStatus": "unaffected"}], "references": [{"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-23345"}, {"url": "https://www.cve.org/CVERecord?id=CVE-2025-23345"}, {"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5703"}], "x_generator": {"engine": "NVIDIA PSIRT"}, "descriptions": [{"lang": "en", "value": "NVIDIA Display Driver for Windows and Linux contains a vulnerability in a video decoder, where an attacker might cause an out-of-bounds read. A successful exploit of this vulnerability might lead to information disclosure or denial of service.", "supportingMedia": [{"type": "text/html", "value": "NVIDIA Display Driver for Windows and Linux contains a vulnerability in a video decoder, where an attacker might cause an out-of-bounds read. A successful exploit of this vulnerability might lead to information disclosure or denial of service.", "base64": true}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-125", "description": "CWE-125 Out-of-bounds Read"}]}], "providerMetadata": {"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6", "shortName": "nvidia", "dateUpdated": "2025-10-23T18:25:48.962Z"}}}, "cveMetadata": {"cveId": "CVE-2025-23345", "state": "PUBLISHED", "dateUpdated": "2025-10-23T19:02:50.583Z", "dateReserved": "2025-01-14T01:07:21.737Z", "assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6", "datePublished": "2025-10-23T18:25:48.962Z", "assignerShortName": "nvidia"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "NVIDIA Display Driver for Windows and Linux contains a vulnerability in a video decoder, where an attacker might cause an out-of-bounds read. A successful exploit of this vulnerability might lead to information disclosure or denial of service."}], "id": "CVE-2025-23345", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 2.5, "source": "psirt@nvidia.com", "type": "Secondary"}]}, "published": "2025-10-23T19:15:50.080", "references": [{"source": "psirt@nvidia.com", "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-23345"}, {"source": "psirt@nvidia.com", "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5703"}, {"source": "psirt@nvidia.com", "url": "https://www.cve.org/CVERecord?id=CVE-2025-23345"}], "sourceIdentifier": "psirt@nvidia.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-125"}], "source": "psirt@nvidia.com", "type": "Secondary"}]}

{"bugzilla": {"description": "nvidia-display-driver: NVIDIA Display Driver out of bound read", "id": "2406087", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2406087"}, "csaw": false, "cvss3": {"cvss3_base_score": "6.6", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H", "status": "draft"}, "cwe": "CWE-125", "details": ["No description is available for this CVE."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2025-23345", "package_state": [{"cpe": "cpe:/a:redhat:enterprise_linux_ai:1", "fix_state": "Under investigation", "package_name": "rhelai1/bootc-aws-nvidia-rhel9", "product_name": "Red Hat Enterprise Linux AI (RHEL AI)"}, {"cpe": "cpe:/a:redhat:enterprise_linux_ai:1", "fix_state": "Under investigation", "package_name": "rhelai1/bootc-azure-nvidia-rhel9", "product_name": "Red Hat Enterprise Linux AI (RHEL AI)"}, {"cpe": "cpe:/a:redhat:enterprise_linux_ai:1", "fix_state": "Under investigation", "package_name": "rhelai1/bootc-gcp-nvidia-rhel9", "product_name": "Red Hat Enterprise Linux AI (RHEL AI)"}, {"cpe": "cpe:/a:redhat:enterprise_linux_ai:1", "fix_state": "Under investigation", "package_name": "rhelai1/instructlab-nvidia-rhel9", "product_name": "Red Hat Enterprise Linux AI (RHEL AI)"}], "public_date": "2025-10-23T18:25:48Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2025-23345\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-23345\nhttps://nvidia.custhelp.com/app/answers/detail/a_id/5703"], "threat_severity": "Moderate"}

{"created": "2025-10-24T10:16:52.133663+00:00", "updated": "2025-10-24T10:16:52.133689+00:00", "vendors": ["linux", "linux$PRODUCT$linux", "microsoft", "microsoft$PRODUCT$windows", "nvidia", "nvidia$PRODUCT$display_driver"]}