Privilege Escalation Vulnerability in NVIDIA DOCA's Debian Package for arm64
CVE-2025-23258

7.3HIGH

Key Information:

Vendor: Nvidia
Status: Nvidia Doca With Collectx-dpeserver
Vendor: CVE Published:; 4 September 2025

What is CVE-2025-23258?

A vulnerability exists in the NVIDIA DOCA collectx-dpeserver Debian package for arm64 that may allow an attacker with low-level privileges to escalate their access. By exploiting this vulnerability, unauthorized users could potentially gain higher privileges on the system, which may lead to broader security implications. This security concern highlights the importance of maintaining updates and proper security practices to safeguard against potential exploitation.

Affected Version(s)

NVIDIA DOCA with collectx-dpeserver Linux – Debian based arm64-2.10 All 2.10 versions

NVIDIA DOCA with collectx-dpeserver Linux – Debian based arm64-2.5 All 2.5 versions prior to 2.5.4

NVIDIA DOCA with collectx-dpeserver Linux – Debian based arm64-2.9 All 2.9 versions prior to 2.9.3

References

https://nvd.nist.gov/vuln/detail/CVE-2025-23258

https://www.cve.org/CVERecord?id=CVE-2025-23258

https://nvidia.custhelp.com/app/answers/detail/a_id/5655

CVSS V3.1

Score:

7.3

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 4, 2025
Vulnerability Reserved
Jan 14, 2025

Nvidia

What is CVE-2025-23258?

Affected Version(s)

References

CVSS V3.1

Timeline