CVE-2025-23273

Summary

NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvJPEG where a local authenticated user may cause a divide by zero error by submitting a specially crafted JPEG file. A successful exploit of this vulnerability may lead to denial of service.

Affected Software

VendorProductVersion RangeStatus
NVIDIANVIDIA CUDA ToolkitAll versions prior to CUDA Toolkit 13.0affected
NVIDIAnvJPEGAll versions prior to nvJPEG 13.0.0affected

Weaknesses

  • CWE-369: CWE-369 Divide By Zero

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References