CVE-2025-33216

Summary

NVIDIA SNAP-4 Container contains a vulnerability in the configuration interface where an attacker on a VM may cause an incorrect calculation of buffer size by sending crafted configurations. A successful exploit of this vulnerability may lead to crash of the SNAP service, causing denial of service of the storage service to the host.

Affected Software

VendorProductVersion RangeStatus
NVIDIASNAP-4 ContainerAll versions prior to SNAP-4.9.0 and SNAP-4.5.5affected

Weaknesses

  • CWE-131: CWE-131 Incorrect Calculation of Buffer Size

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References