CVE-2025-23338

NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvdisasm where a user may cause an out-of-bounds write by running nvdisasm on a malicious ELF file. A successful exploit of this vulnerability may lead to denial of service.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:a:nvidia:cuda_toolkit:*:*:*:*:*:*:*:*
OR cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

History

17 Jun 2026, 08:53

Type Values Removed Values Added
Summary
  • (es) NVIDIA CUDA Toolkit para todas las plataformas contiene una vulnerabilidad en nvdisasm donde un usuario puede causar una escritura fuera de límites al ejecutar nvdisasm en un archivo ELF malicioso. Un exploit exitoso de esta vulnerabilidad puede conducir a una denegación de servicio.

03 Nov 2025, 19:15

Type Values Removed Values Added
References
  • () https://www.talosintelligence.com/vulnerability_reports/TALOS-2025-2169 -

06 Oct 2025, 14:39

Type Values Removed Values Added
References () https://nvd.nist.gov/vuln/detail/CVE-2025-23338 - () https://nvd.nist.gov/vuln/detail/CVE-2025-23338 - Third Party Advisory
References () https://nvidia.custhelp.com/app/answers/detail/a_id/5661 - () https://nvidia.custhelp.com/app/answers/detail/a_id/5661 - Vendor Advisory
References () https://www.cve.org/CVERecord?id=CVE-2025-23338 - () https://www.cve.org/CVERecord?id=CVE-2025-23338 - Third Party Advisory
First Time Microsoft
Nvidia
Linux
Microsoft windows
Nvidia cuda Toolkit
Linux linux Kernel
CPE cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:cuda_toolkit:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

24 Sep 2025, 14:15

Type Values Removed Values Added
New CVE

Information

Published : 2025-09-24 14:15

Updated : 2026-06-17 08:53


NVD link : CVE-2025-23338

Mitre link : CVE-2025-23338

CVE.ORG link : CVE-2025-23338


JSON object : View

Products Affected

microsoft

  • windows

nvidia

  • cuda_toolkit

linux

  • linux_kernel
CWE
CWE-129

Improper Validation of Array Index