CVE-2025-23308

LOW 3.3

CVSS Score

3.3

EPSS Score

0.0%

EPSS Percentile

0th

NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvdisasm where an attacker may cause a heap-based buffer overflow by getting the user to run nvdisasm on a malicious ELF file. A successful exploit of this vulnerability may lead to arbitrary code execution at the privilege level of the user running nvdisasm.

CWE	CWE-122
Vendor	nvidia
Product	nvidia cuda toolkit
Published	Sep 24, 2025
Last Updated	Feb 26, 2026

Stay Ahead of the Next One

Get instant alerts for nvidia nvidia cuda toolkit

Be the first to know when new low vulnerabilities affecting nvidia nvidia cuda toolkit are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

Attack Vector

Local

Attack Complexity

Low

Privileges Required

None

User Interaction

Required

Scope

Unchanged

Confidentiality

Low

Integrity

None

Availability

None

Affected Versions

NVIDIA / NVIDIA CUDA Toolkit

All versions prior to CUDA Toolkit 13.0

References

NVD ↗ CVE.org ↗ EPSS Data ↗

nvd.nist.gov: https://nvd.nist.gov/vuln/detail/CVE-2025-23308 cve.org: https://www.cve.org/CVERecord?id=CVE-2025-23308 nvidia.custhelp.com: https://nvidia.custhelp.com/app/answers/detail/a_id/5661 talosintelligence.com: https://www.talosintelligence.com/vulnerability_reports/TALOS-2025-2204