CVE-2025-33225

Summary

NVIDIA Resiliency Extension for Linux contains a vulnerability in log aggregation, where an attacker could cause predictable log-file names. A successful exploit of this vulnerability may lead to escalation of privileges, code execution, denial of service, information disclosure, and data tampering.

Affected Software

VendorProductVersion RangeStatus
NVIDIAResiliency ExtensionMain branch prior to 0.5.0 releaseaffected

Weaknesses

  • CWE-61: CWE-61 UNIX Symbolic Link (Symlink) Following

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References