CVE-2025-23330
Unknown Unknown - Not Provided

BaseFortify

Vulnerability report for CVE-2025-23330, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2025-10-23

Last updated on: 2025-10-27

Assigner: NVIDIA Corporation

Description

NVIDIA Display Driver for Linux contains a vulnerability where an attacker might be able to trigger a null pointer dereference. A successful exploit of this vulnerability might lead to denial of service.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2025-10-23
Last Modified
2025-10-27
Generated
2026-07-06
AI Q&A
2025-10-23
EPSS Evaluated
2026-07-05
NVD
EUVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
nvidia display_driver 3.1

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-476 The product dereferences a pointer that it expects to be valid but is NULL.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability in the NVIDIA Display Driver for Linux allows an attacker with local access to trigger a null pointer dereference, which can cause the system or service to crash, leading to a denial of service (DoS). It requires low privileges and no user interaction to exploit. [1]

Impact Analysis

Exploiting this vulnerability can cause denial of service by crashing the system or interrupting services, which may lead to downtime or loss of availability of affected systems running the NVIDIA Display Driver for Linux. [1]

Detection Guidance

This vulnerability involves a null pointer dereference in the NVIDIA Display Driver for Linux that can cause denial of service. Detection would involve checking for system crashes or service interruptions related to the NVIDIA display driver. Since the vulnerability requires local access and low privileges, monitoring system logs for crashes or kernel oops related to the NVIDIA driver may help. Specific commands could include checking dmesg or syslog for relevant error messages, for example: 'dmesg | grep -i nvidia' or 'journalctl -k | grep -i nvidia'. However, no explicit detection commands are provided in the available resources. [1]

Mitigation Strategies

Immediate mitigation steps include limiting local access to trusted users only, as the vulnerability requires local access with low privileges. Monitoring for and applying any official patches or updates from NVIDIA as soon as they become available is recommended. Additionally, restricting or disabling the NVIDIA display driver usage on systems where it is not necessary may reduce risk. No specific mitigation commands or workarounds are provided in the available resources. [1]

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-23330. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart