Log Aggregation Vulnerability in NVIDIA Resiliency Extension for Linux
CVE-2025-33225

8.4HIGH

Key Information:

Vendor: Nvidia
Status: Resiliency Extension
Vendor: CVE Published:; 16 December 2025

What is CVE-2025-33225?

The NVIDIA Resiliency Extension for Linux is vulnerable due to an issue in its log aggregation mechanism, allowing attackers to manipulate log file names predictably. This flaw opens the door for various malicious activities, including privilege escalation, execution of arbitrary code, denial of service, inadvertent information disclosure, and potential data tampering, undermining system integrity and security.

Affected Version(s)

Resiliency Extension Linux Main branch prior to 0.5.0 release

References

https://nvd.nist.gov/vuln/detail/CVE-2025-33225

https://www.cve.org/CVERecord?id=CVE-2025-33225

https://nvidia.custhelp.com/app/answers/detail/a_id/5746

CVSS V3.1

Score:

8.4

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Dec 16, 2025
Vulnerability Reserved
Apr 15, 2025

JSON

Nvidia

What is CVE-2025-33225?

Affected Version(s)

References

CVSS V3.1

Timeline