Out-of-bounds Read Vulnerability in NVIDIA CUDA Toolkit
CVE-2025-23248

3.3LOW

Key Information:

Vendor

Nvidia
Status
Nvidia Cuda Toolkit
Vendor
CVE Published:
24 September 2025

What is CVE-2025-23248?

The NVIDIA CUDA Toolkit for all platforms has a vulnerability found in the nvdisasm binary. This security flaw arises when a user inputs a malformed ELF file into nvdisasm, potentially leading to an out-of-bounds read. If exploited successfully, this can result in a partial denial of service, affecting the availability and functionality of the CUDA Toolkit.

Affected Version(s)

NVIDIA CUDA Toolkit Windows All versions prior to CUDA Toolkit 13.0

References

https://nvd.nist.gov/vuln/detail/CVE-2025-23248
https://www.cve.org/CVERecord?id=CVE-2025-23248
https://nvidia.custhelp.com/app/answers/detail/a_id/5661

CVSS V3.1

Score:
3.3
Severity:
LOW
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.