CVE-2025-23332

Summary

NVIDIA Display Driver for Linux contains a vulnerability in a kernel module, where an attacker might be able to trigger a null pointer deference. A successful exploit of this vulnerability might lead to denial of service.

Affected Software

VendorProductVersion RangeStatus
NVIDIAVirtual GPU Manager580.82.02(All versions prior to and including vGPU 19.1)affected
NVIDIAVirtual GPU Manager570.172.07(All versions prior to and including vGPU 18.4)affected
NVIDIAVirtual GPU Manager535.261.04(All versions prior to and including vGPU 16.11)affected
NVIDIAGeForceAll driver versions prior to 580.95.05affected
NVIDIAGeForceAll driver versions prior to 570.195.03affected
NVIDIAGeForceAll driver versions prior to 535.274.02affected
NVIDIANVIDIA RTX, Quadro, NVSAll driver versions prior to 580.95.05affected
NVIDIANVIDIA RTX, Quadro, NVSAll driver versions prior to 570.195.03affected
NVIDIANVIDIA RTX, Quadro, NVSAll driver versions prior to 535.274.02affected
NVIDIATeslaAll driver versions prior to 580.95.05affected
NVIDIATeslaAll driver versions prior to 570.195.03affected
NVIDIATeslaAll driver versions prior to 535.274.02affected
NVIDIAGuest driver580.82.07(All versions prior to and including vGPU 19.1)affected
NVIDIAGuest driver580.82.07(All versions up to and including the August 2025 release)affected
NVIDIAGuest driver570.172.08(All versions prior to and including vGPU 18.4)affected
NVIDIAGuest driver535.261.03(All versions prior to and including vGPU 16.11)affected

Weaknesses

  • CWE-476: CWE-476 NULL Pointer Dereference

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References