CVE-2025-23279

EUVD-2025-23449
NVIDIA .run Installer for Linux and Solaris contains a vulnerability where an attacker could use a race condition to escalate privileges. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, denial of service, or data tampering.
TOCTOU
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7 HIGH
LOCAL
HIGH
LOW
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
nvidiaCNA
7 HIGH
LOCAL
HIGH
LOW
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 2%
Debian logo
Debian Releases
Debian Product
Codename
nvidia-graphics-drivers
bookworm
no-dsa
bookworm/non-free-firmware
535.261.03-1
fixed
bullseye
ignored
bullseye/non-free
vulnerable
forky/non-free-firmware
vulnerable
sid/non-free-firmware
vulnerable
trixie
no-dsa
trixie/non-free-firmware
vulnerable
nvidia-graphics-drivers-legacy-340xx
bookworm
no-dsa
bullseye
ignored
sid/non-free
vulnerable
trixie
no-dsa
nvidia-graphics-drivers-legacy-390xx
bookworm
no-dsa
bullseye
ignored
bullseye/non-free
vulnerable
sid/non-free
vulnerable
trixie
no-dsa
nvidia-graphics-drivers-tesla
bookworm
no-dsa
bookworm/non-free-firmware
525.147.05-15~deb12u1
fixed
bullseye
ignored
sid/non-free-firmware
525.147.05-17
fixed
trixie
no-dsa
nvidia-graphics-drivers-tesla-418
bookworm
no-dsa
bullseye
ignored
bullseye/non-free
vulnerable
sid/non-free
vulnerable
trixie
no-dsa
nvidia-graphics-drivers-tesla-450
bookworm
no-dsa
bullseye
ignored
bullseye/non-free
450.248.02-7~deb11u1
fixed
sid/non-free
450.248.02-12
fixed
trixie
no-dsa
nvidia-graphics-drivers-tesla-460
bookworm
no-dsa
bullseye
ignored
bullseye/non-free
460.106.00-17~deb11u1
fixed
sid/non-free
460.106.00-22
fixed
trixie
no-dsa
nvidia-graphics-drivers-tesla-470
bookworm
no-dsa
bookworm/non-free
vulnerable
bullseye
ignored
bullseye/non-free
vulnerable
sid/non-free
vulnerable
trixie
no-dsa
nvidia-graphics-drivers-tesla-535
bookworm
no-dsa
bookworm/non-free-firmware
vulnerable
bullseye
ignored
forky/non-free-firmware
535.274.02-1
fixed
sid/non-free-firmware
535.274.02-1
fixed
trixie
no-dsa
trixie/non-free-firmware
535.274.02-1~deb13u1
fixed
nvidia-graphics-drivers-tesla-550
bookworm
no-dsa
bullseye
ignored
sid/non-free-firmware
vulnerable
trixie
no-dsa
nvidia-open-gpu-kernel-modules
bookworm
no-dsa
bookworm/contrib
535.261.03-1
fixed
bullseye
ignored
forky/contrib
vulnerable
sid/contrib
vulnerable
trixie
no-dsa
trixie/contrib
vulnerable
Common Weakness Enumeration
References
https://nvidia.custhelp.com/app/answers/detail/a_id/5670