CVE-2025-23273
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-09-24

Last updated on: 2025-10-06

Assigner: NVIDIA Corporation

Description
NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvJPEG where a local authenticated user may cause a divide by zero error by submitting a specially crafted JPEG file. A successful exploit of this vulnerability may lead to denial of service.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-09-24
Last Modified
2025-10-06
Generated
2026-06-16
AI Q&A
2025-09-24
EPSS Evaluated
2026-06-15
NVD
CVE-2025-23273
EUVD
EUVD-2025-30975
Affected Vendors & Products
Showing 8 associated CPEs
Vendor Product Version / Range
linux linux_kernel From 5.15.160 (inc) to 5.16 (inc)
linux linux_kernel From 5.15.160 (inc) to 5.16 (inc)
nvidia cuda_toolkit to 13.0.0 (exc)
microsoft windows *
nvidia nvjpeg *
microsoft windows *
nvidia driveos *
nvidia linux_for_tegra *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-369 The product divides a value by zero.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in the NVIDIA CUDA Toolkit's nvJPEG component, where a local authenticated user can cause a divide by zero error by submitting a specially crafted JPEG file. This error can lead to a denial of service condition.

Impact Analysis

The vulnerability can lead to a denial of service, meaning the affected system or application may crash or become unavailable when processing a malicious JPEG file.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-23273. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart