CVE-2025-33218

Summary

NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys), where an attacker could cause an integer overflow. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of service, or information disclosure.

Affected Software

VendorProductVersion RangeStatus
NVIDIAGeForceAll driver versions prior to 591.59affected
NVIDIARTX PRO, RTX, QuadroAll driver versions prior to 591.59affected
NVIDIARTX PRO, RTX, QuadroAll driver versions prior to 582.16affected
NVIDIARTX PRO, RTX, QuadroAll driver versions prior to 573.96affected
NVIDIARTX PRO, RTX, QuadroAll driver versions prior to 539.64affected
NVIDIATeslaAll driver versions prior to 591.59affected
NVIDIATeslaAll driver versions prior to 582.16affected
NVIDIATeslaAll driver versions prior to 573.91affected
NVIDIATeslaAll driver versions prior to 539.64affected
NVIDIAGuest driver581.80(All versions prior to and including vGPU software 19.3)affected
NVIDIAGuest driver573.76(All versions prior to and including vGPU software 18.5)affected
NVIDIAGuest driver539.56(All versions prior to and including vGPU software 16.12)affected

Weaknesses

  • CWE-190: CWE-190 Integer Overflow or Wraparound

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References