CVE-2025-33216
Received Received - Intake
Buffer Size Miscalculation in NVIDIA SNAP-4 Causes DoS

Publication date: 2026-03-24

Last updated on: 2026-03-24

Assigner: NVIDIA Corporation

Description
NVIDIA SNAP-4 Container contains a vulnerability in the configuration interface where an attacker on a VM may cause an incorrect calculation of buffer size by sending crafted configurations. A successful exploit of this vulnerability may lead to crash of the SNAP service, causing denial of service of the storage service to the host.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-24
Last Modified
2026-03-24
Generated
2026-06-16
AI Q&A
2026-03-24
EPSS Evaluated
2026-06-15
NVD
CVE-2025-33216
EUVD
EUVD-2025-208966
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
nvidia snap-4 *
nvidia snap-4_container to 4.9.0 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-131 The product does not correctly calculate the size to be used when allocating a buffer, which could lead to a buffer overflow.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

[{'type': 'paragraph', 'content': "CVE-2025-33216 is a vulnerability in the NVIDIA SNAP-4 Container's configuration interface. An attacker operating within a virtual machine (VM) can exploit this flaw by sending specially crafted configurations that cause an incorrect calculation of buffer size."}, {'type': 'paragraph', 'content': 'This miscalculation can lead to a crash of the SNAP service, resulting in a denial of service (DoS) condition for the storage service on the host system.'}, {'type': 'paragraph', 'content': 'The vulnerability is classified under CWE-131, which pertains to incorrect calculation of buffer size.'}] [1, 2]

Impact Analysis

Exploitation of this vulnerability can cause the SNAP service to crash, leading to a denial of service (DoS) condition.

This DoS disrupts the storage service on the host system, potentially affecting system stability and availability.

The vulnerability impacts availability (high impact) but does not affect confidentiality or integrity.

Compliance Impact

I don't know

Detection Guidance

I don't know

Mitigation Strategies

To mitigate the vulnerability CVE-2025-33216 in the NVIDIA SNAP-4 Container, users should update to the fixed versions of the software.

  • Upgrade to SNAP-4 version 4.9.0 or later.
  • Alternatively, upgrade to SNAP-4 version 4.5.5 or later if using that branch.

These updates address the incorrect buffer size calculation vulnerability that can cause the SNAP service to crash and result in denial of service.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-33216. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart