CVE-2025-23258 | THREATINT

Description

NVIDIA DOCA contains a vulnerability in the collectx-dpeserver Debian package for arm64 that could allow an attacker with low privileges to escalate privileges. A successful exploit of this vulnerability might lead to escalation of privileges.

PUBLISHED Reserved 2025-01-14 | Published 2025-09-04 | Updated 2025-09-04 | Assigner nvidia

HIGH: 7.3CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

Problem types

CWE-732 Incorrect Permission Assignment for Critical Resource

Product status

Default status

unaffected

All 2.5 versions prior to 2.5.4

affected

Default status

unaffected

All 2.9 versions prior to 2.9.3

affected

Default status

unaffected

All 2.10 versions

affected

References

nvd.nist.gov/vuln/detail/CVE-2025-23258

www.cve.org/CVERecord?id=CVE-2025-23258

nvidia.custhelp.com/app/answers/detail/a_id/5655

cve.org (CVE-2025-23258)

nvd.nist.gov (CVE-2025-23258)

Download JSON