Bug#1116335: nvidia-cuda-toolkit: CVE-2025-23248 CVE-2025-23255 CVE-2025-23271 CVE-2025-23273 CVE-2025-23274 CVE-2025-23275 CVE-2025-23308 CVE-2025-23338 CVE-2025-23339 CVE-2025-23340 CVE-2025-23346
Salvatore Bonaccorso
carnil at debian.org
Thu Sep 25 19:45:53 BST 2025
Source: nvidia-cuda-toolkit
Version: 12.4.131~12.4.1-4
Severity: grave
Tags: security upstream
Justification: user security hole
X-Debbugs-Cc: carnil at debian.org, Debian Security Team <team at security.debian.org>
Hi,
The following vulnerabilities were published for nvidia-cuda-toolkit.
CVE-2025-23248[0]:
| NVIDIA CUDA Toolkit for all platforms contains a vulnerability in
| the nvdisasm binary where a user may cause an out-of-bounds read by
| passing a malformed ELF file to nvdisasm. A successful exploit of
| this vulnerability may lead to a partial denial of service.
CVE-2025-23255[1]:
| NVIDIA CUDA Toolkit for all platforms contains a vulnerability in
| the cuobjdump binary where a user may cause an out-of-bounds read by
| passing a malformed ELF file to cuobjdump. A successful exploit of
| this vulnerability may lead to a partial denial of service.
CVE-2025-23271[2]:
| NVIDIA CUDA Toolkit for all platforms contains a vulnerability in
| the nvdisasm binary where a user may cause an out-of-bounds read by
| passing a malformed ELF file to nvdisasm. A successful exploit of
| this vulnerability may lead to a partial denial of service.
CVE-2025-23273[3]:
| NVIDIA CUDA Toolkit for all platforms contains a vulnerability in
| nvJPEG where a local authenticated user may cause a divide by zero
| error by submitting a specially crafted JPEG file. A successful
| exploit of this vulnerability may lead to denial of service.
CVE-2025-23274[4]:
| NVIDIA nvJPEG contains a vulnerability in jpeg encoding where a user
| may cause an out-of-bounds read by providing a maliciously crafted
| input image with dimensions that cause integer overflows in array
| index calculations. A successful exploit of this vulnerability may
| lead to denial of service.
CVE-2025-23275[5]:
| NVIDIA CUDA Toolkit for all platforms contains a vulnerability in
| nvJPEG where a local authenticated user may cause a GPU out-of-
| bounds write by providing certain image dimensions. A successful
| exploit of this vulnerability may lead to denial of service and
| information disclosure.
CVE-2025-23308[6]:
| NVIDIA CUDA Toolkit for all platforms contains a vulnerability in
| nvdisasm where an attacker may cause a heap-based buffer overflow by
| getting the user to run nvdisasm on a malicious ELF file. A
| successful exploit of this vulnerability may lead to arbitrary code
| execution at the privilege level of the user running nvdisasm.
CVE-2025-23338[7]:
| NVIDIA CUDA Toolkit for all platforms contains a vulnerability in
| nvdisasm where a user may cause an out-of-bounds write by running
| nvdisasm on a malicious ELF file. A successful exploit of this
| vulnerability may lead to denial of service.
CVE-2025-23339[8]:
| NVIDIA CUDA Toolkit for all platforms contains a vulnerability in
| cuobjdump where an attacker may cause a stack-based buffer overflow
| by getting the user to run cuobjdump on a malicious ELF file. A
| successful exploit of this vulnerability may lead to arbitrary code
| execution at the privilege level of the user running cuobjdump.
CVE-2025-23340[9]:
| NVIDIA CUDA Toolkit for all platforms contains a vulnerability in
| the nvdisasm binary where a user may cause an out-of-bounds read by
| passing a malformed ELF file to nvdisasm. A successful exploit of
| this vulnerability may lead to a partial denial of service.
CVE-2025-23346[10]:
| NVIDIA CUDA Toolkit contains a vulnerability in cuobjdump, where an
| unprivileged user can cause a NULL pointer dereference. A
| successful exploit of this vulnerability may lead to a limited
| denial of service.
If you fix the vulnerabilities please also make sure to include the
CVE (Common Vulnerabilities & Exposures) ids in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2025-23248
https://www.cve.org/CVERecord?id=CVE-2025-23248
[1] https://security-tracker.debian.org/tracker/CVE-2025-23255
https://www.cve.org/CVERecord?id=CVE-2025-23255
[2] https://security-tracker.debian.org/tracker/CVE-2025-23271
https://www.cve.org/CVERecord?id=CVE-2025-23271
[3] https://security-tracker.debian.org/tracker/CVE-2025-23273
https://www.cve.org/CVERecord?id=CVE-2025-23273
[4] https://security-tracker.debian.org/tracker/CVE-2025-23274
https://www.cve.org/CVERecord?id=CVE-2025-23274
[5] https://security-tracker.debian.org/tracker/CVE-2025-23275
https://www.cve.org/CVERecord?id=CVE-2025-23275
[6] https://security-tracker.debian.org/tracker/CVE-2025-23308
https://www.cve.org/CVERecord?id=CVE-2025-23308
[7] https://security-tracker.debian.org/tracker/CVE-2025-23338
https://www.cve.org/CVERecord?id=CVE-2025-23338
[8] https://security-tracker.debian.org/tracker/CVE-2025-23339
https://www.cve.org/CVERecord?id=CVE-2025-23339
[9] https://security-tracker.debian.org/tracker/CVE-2025-23340
https://www.cve.org/CVERecord?id=CVE-2025-23340
[10] https://security-tracker.debian.org/tracker/CVE-2025-23346
https://www.cve.org/CVERecord?id=CVE-2025-23346
[11] https://nvidia.custhelp.com/app/answers/detail/a_id/5661
Please adjust the affected versions in the BTS as needed.
Regards,
Salvatore
More information about the pkg-nvidia-devel
mailing list