CVE-2025-23255
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-09-24

Last updated on: 2025-10-06

Assigner: NVIDIA Corporation

Description
NVIDIA CUDA Toolkit for all platforms contains a vulnerability in the cuobjdump binary where a user may cause an out-of-bounds read by passing a malformed ELF file to cuobjdump. A successful exploit of this vulnerability may lead to a partial denial of service.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-09-24
Last Modified
2025-10-06
Generated
2026-06-16
AI Q&A
2025-09-24
EPSS Evaluated
2026-06-15
NVD
CVE-2025-23255
EUVD
EUVD-2025-30978
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
nvidia cuda_toolkit to 13.0.0 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-125 The product reads data past the end, or before the beginning, of the intended buffer.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in the NVIDIA CUDA Toolkit's cuobjdump binary, where a user can cause an out-of-bounds read by providing a malformed ELF file to cuobjdump. This means the program reads memory outside the intended boundaries, which can lead to unexpected behavior.

Impact Analysis

A successful exploit of this vulnerability may cause a partial denial of service, potentially disrupting the normal operation of the affected software.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-23255. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart