Vulnerability in NVIDIA vGPU Software Affecting Resource Management
CVE-2025-23246

5.5MEDIUM

Key Information:

Vendor: Nvidia
Status: Vgpu Software, Cloud Gaming
Vendor: CVE Published:; 1 May 2025

What is CVE-2025-23246?

A flaw exists in the NVIDIA vGPU software that affects both Windows and Linux platforms. This vulnerability is linked to the Virtual GPU Manager (vGPU plugin), where improper control over resource allocation allows a guest system to consume excessive resources. If exploited, this security issue could potentially lead to service disruptions and denial of service, impacting system performance and availability.

Affected Version(s)

vGPU Software, Cloud Gaming Linux R535, R550, R570, R575

References

https://nvidia.custhelp.com/app/answers/detail/a_id/5630

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 1, 2025
Vulnerability Reserved
Jan 14, 2025

Nvidia

What is CVE-2025-23246?

Affected Version(s)

References

CVSS V3.1

Timeline