Privilege Escalation Flaw in NVIDIA .run Installer for Linux and Solaris
CVE-2025-23279

7HIGH

Key Information:

Vendor: Nvidia
Status: Gpu Display Drivers
Vendor: CVE Published:; 2 August 2025

What is CVE-2025-23279?

The NVIDIA .run Installer for Linux and Solaris presents a vulnerability that allows attackers to exploit a race condition, potentially leading to code execution, privilege escalation, and unauthorized access to sensitive information. This flaw could result in significant security risks including denial of service and data tampering, emphasizing the importance of applying the latest security patches and maintaining robust system configurations.

Affected Version(s)

GPU Display Drivers R575

References

https://nvidia.custhelp.com/app/answers/detail/a_id/5670

CVSS V3.1

Score:

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 2, 2025
Vulnerability Reserved
Jan 14, 2025

Nvidia

What is CVE-2025-23279?

Affected Version(s)

References

CVSS V3.1

Timeline