Race Condition Vulnerability in NVIDIA Display Driver for Linux
CVE-2025-23282

7HIGH

Key Information:

Vendor: Nvidia
Status: Virtual Gpu Manager; Geforce; Nvidia Rtx, Quadro, Nvs; Tesla
Vendor: CVE Published:; 10 October 2025

What is CVE-2025-23282?

The NVIDIA Display Driver for Linux is susceptible to a race condition vulnerability, allowing attackers to exploit this flaw to escalate privileges. Successful exploitation may lead to unauthorized code execution, potential data tampering, service denial, and sensitive information disclosure. Users are encouraged to update to the latest version of the driver to mitigate the risks associated with this vulnerability.

Affected Version(s)

GeForce Linux(R535) All driver versions prior to 535.274.02

GeForce Linux(R570) All driver versions prior to 570.195.03

GeForce Linux(R580) All driver versions prior to 580.95.05

References

https://nvd.nist.gov/vuln/detail/CVE-2025-23282

https://www.cve.org/CVERecord?id=CVE-2025-23282

https://nvidia.custhelp.com/app/answers/detail/a_id/5703

CVSS V3.1

Score:

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 10, 2025
Vulnerability Reserved
Jan 14, 2025

JSON

Nvidia

What is CVE-2025-23282?

Affected Version(s)

References

CVSS V3.1

Timeline