CVE-2025-33215
Received Received - Intake
Out-of-Range Pointer Vulnerability in NVIDIA VIRTIO-BLK Causes DoS

Publication date: 2026-03-24

Last updated on: 2026-03-24

Assigner: NVIDIA Corporation

Description
NVIDIA SNAP-4 Container contains a vulnerability in the VIRTIO-BLK component where a malicious guest VM may cause use of out-of-range pointer offset by sending crafted messages. A successful exploit of this vulnerability may lead to a denial of service of the DPA and impact the availability of storage to other VMs.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-24
Last Modified
2026-03-24
Generated
2026-06-16
AI Q&A
2026-03-24
EPSS Evaluated
2026-06-15
NVD
CVE-2025-33215
EUVD
EUVD-2025-208964
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
nvidia snap-4 *
nvidia snap-4_container *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-823 The product performs pointer arithmetic on a valid pointer, but it uses an offset that can point outside of the intended range of valid memory locations for the resulting pointer.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2025-33215 is a vulnerability in the NVIDIA SNAP-4 Container, specifically in the VIRTIO-BLK component. It allows a malicious guest virtual machine (VM) to send specially crafted messages that cause the use of an out-of-range pointer offset. This flaw can be exploited to disrupt the normal operation of the system.

Impact Analysis

Exploiting this vulnerability can lead to a denial of service (DoS) condition in the Data Processing Accelerator (DPA). This results in impacting the availability of storage resources to other VMs running on the same host, potentially causing interruptions or failures in storage access.

Compliance Impact

I don't know

Detection Guidance

I don't know

Mitigation Strategies

I don't know

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-33215. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart