{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-33216", "assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6", "state": "PUBLISHED", "assignerShortName": "nvidia", "dateReserved": "2025-04-15T18:51:06.914Z", "datePublished": "2026-03-24T20:21:46.901Z", "dateUpdated": "2026-03-24T20:55:26.724Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6", "shortName": "nvidia", "dateUpdated": "2026-03-24T20:21:46.901Z"}, "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-131", "description": "CWE-131 Incorrect Calculation of Buffer Size", "type": "CWE"}]}], "impacts": [{"descriptions": [{"lang": "en", "value": "Denial of service"}]}], "affected": [{"vendor": "NVIDIA", "product": "SNAP-4 Container", "platforms": ["BlueField-3"], "versions": [{"status": "affected", "version": "All versions prior to SNAP-4.9.0 and SNAP-4.5.5"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "NVIDIA SNAP-4 Container contains a vulnerability in the configuration interface where an attacker on a VM may cause an incorrect calculation of buffer size by sending crafted configurations. A successful exploit of this vulnerability may lead to crash of the SNAP service, causing denial of service of the storage service to the host.", "supportingMedia": [{"type": "text/html", "base64": true, "value": "NVIDIA SNAP-4 Container contains a vulnerability in the configuration interface where an attacker on a VM may cause an incorrect calculation of buffer size by sending crafted configurations. A successful exploit of this vulnerability may lead to crash of the SNAP service, causing denial of service of the storage service to the host."}]}], "references": [{"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-33216"}, {"url": "https://www.cve.org/CVERecord?id=CVE-2025-33216"}, {"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5744"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "attackVector": "ADJACENT_NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "CHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseSeverity": "MEDIUM", "baseScore": 6.8, "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H"}}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "NVIDIA PSIRT"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-33216", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-24T20:51:05.118895Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-24T20:55:26.724Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-33216", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-24T20:51:05.118895Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-24T20:53:32.798Z"}}], "cna": {"source": {"discovery": "UNKNOWN"}, "impacts": [{"descriptions": [{"lang": "en", "value": "Denial of service"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 6.8, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "NVIDIA", "product": "SNAP-4 Container", "versions": [{"status": "affected", "version": "All versions prior to SNAP-4.9.0 and SNAP-4.5.5"}], "platforms": ["BlueField-3"], "defaultStatus": "unaffected"}], "references": [{"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-33216"}, {"url": "https://www.cve.org/CVERecord?id=CVE-2025-33216"}, {"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5744"}], "x_generator": {"engine": "NVIDIA PSIRT"}, "descriptions": [{"lang": "en", "value": "NVIDIA SNAP-4 Container contains a vulnerability in the configuration interface where an attacker on a VM may cause an incorrect calculation of buffer size by sending crafted configurations. A successful exploit of this vulnerability may lead to crash of the SNAP service, causing denial of service of the storage service to the host.", "supportingMedia": [{"type": "text/html", "value": "NVIDIA SNAP-4 Container contains a vulnerability in the configuration interface where an attacker on a VM may cause an incorrect calculation of buffer size by sending crafted configurations. A successful exploit of this vulnerability may lead to crash of the SNAP service, causing denial of service of the storage service to the host.", "base64": true}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-131", "description": "CWE-131 Incorrect Calculation of Buffer Size"}]}], "providerMetadata": {"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6", "shortName": "nvidia", "dateUpdated": "2026-03-24T20:21:46.901Z"}}}, "cveMetadata": {"cveId": "CVE-2025-33216", "state": "PUBLISHED", "dateUpdated": "2026-03-24T20:55:26.724Z", "dateReserved": "2025-04-15T18:51:06.914Z", "assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6", "datePublished": "2026-03-24T20:21:46.901Z", "assignerShortName": "nvidia"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "NVIDIA SNAP-4 Container contains a vulnerability in the configuration interface where an attacker on a VM may cause an incorrect calculation of buffer size by sending crafted configurations. A successful exploit of this vulnerability may lead to crash of the SNAP service, causing denial of service of the storage service to the host."}], "id": "CVE-2025-33216", "lastModified": "2026-03-25T15:41:58.280", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 2.3, "impactScore": 4.0, "source": "psirt@nvidia.com", "type": "Secondary"}]}, "published": "2026-03-24T21:16:23.903", "references": [{"source": "psirt@nvidia.com", "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-33216"}, {"source": "psirt@nvidia.com", "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5744"}, {"source": "psirt@nvidia.com", "url": "https://www.cve.org/CVERecord?id=CVE-2025-33216"}], "sourceIdentifier": "psirt@nvidia.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-131"}], "source": "psirt@nvidia.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": ["bluefield-3"], "status": "affected", "versions": {"scheme": "semver", "value": "[0,4.5.5)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "original": {"product": "SNAP-4 Container", "source": "cna", "vendor": "NVIDIA"}, "product": "snap-4_container", "vendor": "nvidia"}], "analysis": {"en": {"generated_at": "2026-03-24T21:24:18.156194+00:00", "value": {"mitigation_remediation": ["Check NVIDIA support resources for a patched version of SNAP\u20114 Container and apply the update as soon as it is available.", "If an update is not yet available, review access controls on the SNAP configuration interface and restrict management traffic to trusted hosts only.", "Monitor SNAP service logs for abnormal crashes or repeated restart patterns and investigate any suspicious configuration traffic.", "Consider isolating the virtual machine running SNAP from untrusted networks to reduce exposure until a patch is deployed."], "summary": {"action": "Patch", "impact": "Denial of Service"}, "threat_synthesis": {"affected_systems": "The vulnerability affects NVIDIA SNAP\u20114 Container systems. No specific product version information is provided in the public description, so any deployment of SNAP\u20114 Container remains potentially exposed until a vendor\u2011issued patch or update is applied.", "description_and_impact": "NVIDIA SNAP-4 Container has a bug in its configuration interface that incorrectly calculates a buffer size when receiving crafted configuration data, leading to a crash of the SNAP service. The crash results in a denial of service for the storage service that relies on SNAP. The weakness falls under the category of buffer size miscalculation and is identified as CWE\u2011131.", "risk_and_exploitability": "The CVSS score of 6.8 indicates a medium severity impact, and the entry is not currently listed in the CISA Known Exploited Vulnerabilities catalog. EPSS information is unavailable, making it difficult to gauge current exploitation likelihood. The likely attack vector is a local attacker within a virtual machine that can send custom configuration commands to the SNAP service. Exploit execution requires that the attacker can reach the configuration interface, which may be reachable from within the virtual machine hosting the service. A successful exploitation would interrupt the storage service for all users on the host, potentially causing operational disruption."}}}}, "created": "2026-03-25T11:46:06.735819+00:00", "title": "Buffer Size Miscalculation in NVIDIA SNAP\u20114 Container Leading to Denial of Service", "updated": "2026-03-25T20:57:33.052875+00:00", "vendors": ["nvidia", "nvidia$PRODUCT$snap-4_container"]}