[Git][security-tracker-team/security-tracker][master] Add new nvidia-cuda-toolkit issues (Security Bulletin: NVIDIA CUDA Toolkit - September 2025)
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Sep 25 09:26:48 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
b9d25ae0 by Salvatore Bonaccorso at 2025-09-25T10:26:10+02:00
Add new nvidia-cuda-toolkit issues (Security Bulletin: NVIDIA CUDA Toolkit - September 2025)
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -154,29 +154,59 @@ CVE-2025-23349 (NVIDIA Megatron-LM for all platforms contains a vulnerability in
CVE-2025-23348 (NVIDIA Megatron-LM for all platforms contains a vulnerability in the p ...)
NOT-FOR-US: NVIDIA
CVE-2025-23346 (NVIDIA CUDA Toolkit contains a vulnerability in cuobjdump, where an un ...)
- TODO: check
+ - nvidia-cuda-toolkit <unfixed>
+ [trixie] - nvidia-cuda-toolkit <no-dsa> (Non-free not supported)
+ [bookworm] - nvidia-cuda-toolkit <no-dsa> (Non-free not supported)
+ NOTE: https://nvidia.custhelp.com/app/answers/detail/a_id/5661
CVE-2025-23340 (NVIDIA CUDA Toolkit for all platforms contains a vulnerability in the ...)
- TODO: check
+ - nvidia-cuda-toolkit <unfixed>
+ [trixie] - nvidia-cuda-toolkit <no-dsa> (Non-free not supported)
+ [bookworm] - nvidia-cuda-toolkit <no-dsa> (Non-free not supported)
+ NOTE: https://nvidia.custhelp.com/app/answers/detail/a_id/5661
CVE-2025-23339 (NVIDIA CUDA Toolkit for all platforms contains a vulnerability in cuob ...)
- TODO: check
+ - nvidia-cuda-toolkit <unfixed>
+ [trixie] - nvidia-cuda-toolkit <no-dsa> (Non-free not supported)
+ [bookworm] - nvidia-cuda-toolkit <no-dsa> (Non-free not supported)
+ NOTE: https://nvidia.custhelp.com/app/answers/detail/a_id/5661
CVE-2025-23338 (NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvdi ...)
- TODO: check
+ - nvidia-cuda-toolkit <unfixed>
+ [trixie] - nvidia-cuda-toolkit <no-dsa> (Non-free not supported)
+ [bookworm] - nvidia-cuda-toolkit <no-dsa> (Non-free not supported)
+ NOTE: https://nvidia.custhelp.com/app/answers/detail/a_id/5661
CVE-2025-23308 (NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvdi ...)
- TODO: check
+ - nvidia-cuda-toolkit <unfixed>
+ [trixie] - nvidia-cuda-toolkit <no-dsa> (Non-free not supported)
+ [bookworm] - nvidia-cuda-toolkit <no-dsa> (Non-free not supported)
+ NOTE: https://nvidia.custhelp.com/app/answers/detail/a_id/5661
CVE-2025-23275 (NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvJP ...)
- TODO: check
+ - nvidia-cuda-toolkit <unfixed>
+ [trixie] - nvidia-cuda-toolkit <no-dsa> (Non-free not supported)
+ [bookworm] - nvidia-cuda-toolkit <no-dsa> (Non-free not supported)
+ NOTE: https://nvidia.custhelp.com/app/answers/detail/a_id/5661
CVE-2025-23274 (NVIDIA nvJPEG contains a vulnerability in jpeg encoding where a user m ...)
TODO: check
CVE-2025-23273 (NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvJP ...)
- TODO: check
+ - nvidia-cuda-toolkit <unfixed>
+ [trixie] - nvidia-cuda-toolkit <no-dsa> (Non-free not supported)
+ [bookworm] - nvidia-cuda-toolkit <no-dsa> (Non-free not supported)
+ NOTE: https://nvidia.custhelp.com/app/answers/detail/a_id/5661
CVE-2025-23272 (NVIDIA nvJPEG library contains a vulnerability where an attacker can c ...)
TODO: check
CVE-2025-23271 (NVIDIA CUDA Toolkit for all platforms contains a vulnerability in the ...)
- TODO: check
+ - nvidia-cuda-toolkit <unfixed>
+ [trixie] - nvidia-cuda-toolkit <no-dsa> (Non-free not supported)
+ [bookworm] - nvidia-cuda-toolkit <no-dsa> (Non-free not supported)
+ NOTE: https://nvidia.custhelp.com/app/answers/detail/a_id/5661
CVE-2025-23255 (NVIDIA CUDA Toolkit for all platforms contains a vulnerability in the ...)
- TODO: check
+ - nvidia-cuda-toolkit <unfixed>
+ [trixie] - nvidia-cuda-toolkit <no-dsa> (Non-free not supported)
+ [bookworm] - nvidia-cuda-toolkit <no-dsa> (Non-free not supported)
+ NOTE: https://nvidia.custhelp.com/app/answers/detail/a_id/5661
CVE-2025-23248 (NVIDIA CUDA Toolkit for all platforms contains a vulnerability in the ...)
- TODO: check
+ - nvidia-cuda-toolkit <unfixed>
+ [trixie] - nvidia-cuda-toolkit <no-dsa> (Non-free not supported)
+ [bookworm] - nvidia-cuda-toolkit <no-dsa> (Non-free not supported)
+ NOTE: https://nvidia.custhelp.com/app/answers/detail/a_id/5661
CVE-2025-21488 (Information disclosure while decoding this RTP packet headers received ...)
NOT-FOR-US: Qualcomm
CVE-2025-21487 (Information disclosure while decoding RTP packet received by UE from t ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b9d25ae0d5182a0ebb856314dbed0b2b67f07dc5
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b9d25ae0d5182a0ebb856314dbed0b2b67f07dc5
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250925/4c841516/attachment.htm>
More information about the debian-security-tracker-commits
mailing list