CVE-2025-23280 | THREATINT

Description

NVIDIA Display Driver for Linux contains a vulnerability where an attacker could cause a use-after-free. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of service, and information disclosure.

PUBLISHED Reserved 2025-01-14 | Published 2025-10-10 | Updated 2025-10-10 | Assigner nvidia

HIGH: 7.0CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Problem types

CWE-416 Use After Free

Product status

Default status

unaffected

All driver versions prior to 580.95.05

affected

Default status

unaffected

All driver versions prior to 570.195.03

affected

Default status

unaffected

All driver versions prior to 535.274.02

affected

Default status

unaffected

All driver versions prior to 580.95.05

affected

Default status

unaffected

All driver versions prior to 570.195.03

affected

Default status

unaffected

All driver versions prior to 535.274.02

affected

Default status

unaffected

All driver versions prior to 580.95.05

affected

Default status

unaffected

All driver versions prior to 570.195.03

affected

Default status

unaffected

All driver versions prior to 535.274.02

affected

Default status

unaffected

580.82.07(All versions prior to and including vGPU 19.1)

affected

Default status

unaffected

580.82.07(All versions up to and including the August 2025 release)

affected

Default status

unaffected

570.172.08(All versions prior to and including vGPU 18.4)

affected

Default status

unaffected

535.261.03(All versions prior to and including vGPU 16.11)

affected

References

nvd.nist.gov/vuln/detail/CVE-2025-23280

www.cve.org/CVERecord?id=CVE-2025-23280

nvidia.custhelp.com/app/answers/detail/a_id/5703

cve.org (CVE-2025-23280)

nvd.nist.gov (CVE-2025-23280)

Download JSON