Source: nvidia-graphics-drivers Severity: serious Tags: security upstream X-Debbugs-Cc: Debian Security Team <[email protected]> Control: clone -1 -2 -3 -4 -5 -6 -7 -8 -9 -10 -11 Control: reassign -2 src:nvidia-graphics-drivers-legacy-340xx 340.76-6 Control: retitle -2 nvidia-graphics-drivers-legacy-340xx: CVE-2025-23280, CVE-2025-23282, CVE-2025-23300, CVE-2025-23330, CVE-2025-23332, CVE-2025-23345 Control: tag -2 + wontfix Control: reassign -3 src:nvidia-graphics-drivers-legacy-390xx 390.48-4 Control: retitle -3 nvidia-graphics-drivers-legacy-390xx: CVE-2025-23280, CVE-2025-23282, CVE-2025-23300, CVE-2025-23330, CVE-2025-23332, CVE-2025-23345 Control: tag -3 + wontfix Control: reassign -4 src:nvidia-graphics-drivers-tesla-418 418.87.01-1 Control: retitle -4 nvidia-graphics-drivers-tesla-418: CVE-2025-23280, CVE-2025-23282, CVE-2025-23300, CVE-2025-23330, CVE-2025-23332, CVE-2025-23345 Control: tag -4 + wontfix Control: reassign -5 src:nvidia-graphics-drivers-tesla-450 450.51.05-1 Control: retitle -5 nvidia-graphics-drivers-tesla-450: CVE-2025-23280, CVE-2025-23282, CVE-2025-23300, CVE-2025-23330, CVE-2025-23332, CVE-2025-23345 Control: tag -5 + wontfix Control: close -5 450.248.02-4 Control: reassign -6 src:nvidia-graphics-drivers-tesla-460 460.32.03-1 Control: retitle -6 nvidia-graphics-drivers-tesla-460: CVE-2025-23280, CVE-2025-23282, CVE-2025-23300, CVE-2025-23330, CVE-2025-23332, CVE-2025-23345 Control: tag -6 + wontfix Control: close -6 460.106.00-3 Control: reassign -7 src:nvidia-graphics-drivers-tesla-470 470.57.02-1 Control: retitle -7 nvidia-graphics-drivers-tesla-470: CVE-2025-23280, CVE-2025-23282, CVE-2025-23300, CVE-2025-23330, CVE-2025-23332, CVE-2025-23345 Control: tag -7 + wontfix Control: reassign -8 src:nvidia-graphics-drivers-tesla 510.85.02-1 Control: retitle -8 nvidia-graphics-drivers-tesla: CVE-2025-23280, CVE-2025-23282, CVE-2025-23300, CVE-2025-23330, CVE-2025-23332, CVE-2025-23345 Control: found -8 515.48.07-1 Control: found -8 525.60.13-1 Control: tag -8 + wontfix Control: close -8 525.147.05-6 Control: reassign -9 src:nvidia-open-gpu-kernel-modules 515.43.04-1 Control: retitle -9 nvidia-open-gpu-kernel-modules: CVE-2025-23280, CVE-2025-23282, CVE-2025-23300, CVE-2025-23330, CVE-2025-23332, CVE-2025-23345 Control: found -9 520.56.06-1 Control: found -9 525.85.12-1 Control: found -9 530.30.02-1 Control: found -9 535.43.02-1 Control: found -9 545.23.06-1 Control: found -9 550.40.07-1 Control: found -9 555.42.02-1 Control: found -9 560.28.03-1 Control: found -9 565.57.01-1 Control: found -9 570.86.16-1 Control: found -9 575.51.02-1 Control: found -9 580.65.06-1 Control: reassign -10 src:nvidia-graphics-drivers-tesla-535 535.216.01-1 Control: retitle -10 nvidia-graphics-drivers-tesla-535: CVE-2025-23280, CVE-2025-23282, CVE-2025-23300, CVE-2025-23330, CVE-2025-23332, CVE-2025-23345 Control: reassign -11 src:nvidia-graphics-drivers-tesla-550 550.54.15-1 Control: retitle -11 nvidia-graphics-drivers-tesla-550: CVE-2025-23280, CVE-2025-23282, CVE-2025-23300, CVE-2025-23330, CVE-2025-23332, CVE-2025-23345 Control: tag -11 + wontfix Control: found -1 340.24-1 Control: found -1 343.22-1 Control: found -1 396.18-1 Control: found -1 430.14-1 Control: found -1 455.23.04-1 Control: found -1 465.24.02-1 Control: found -1 495.44-1 Control: found -1 515.48.07-1 Control: found -1 520.56.06-1 Control: found -1 525.53-1 Control: found -1 530.30.02-1 Control: found -1 535.43.02-1 Control: found -1 545.23.06-1 Control: found -1 550.40.07-1 Control: found -1 555.42.02-1 Control: found -1 560.28.03-1 Control: found -1 565.57.01-1 Control: found -1 570.86.16-1 Control: found -1 575.51.02-1 Control: found -1 580.65.06-1
https://nvidia.custhelp.com/app/answers/detail/a_id/5703 CVE-2025-23309 NVIDIA Display Driver contains a vulnerability where an uncontrolled DLL loading path might lead to arbitrary denial of service, escalation of privileges, code execution, and data tampering. CVE-2025-23347 NVIDIA Project G-Assist contains a vulnerability where an attacker might be able to escalate permissions. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of service, and information disclosure. CVE-2025-23280 NVIDIA Display Driver for Linux contains a vulnerability where an attacker could cause a use-after-free. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of service, and information disclosure. CVE-2025-23282 NVIDIA Display Driver for Linux contains a vulnerability where an attacker might be able to use a race condition to escalate privileges. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of service, and information disclosure. CVE-2025-23300 NVIDIA Display Driver for Linux contains a vulnerability in the kernel driver, where a user could cause a null pointer dereference by allocating a specific memory resource. A successful exploit of this vulnerability might lead to denial of service. CVE-2025-23330 NVIDIA Display Driver for Linux contains a vulnerability where an attacker might be able to cause a null pointer dereference. A successful exploit of this vulnerability might lead to denial of service. CVE-2025-23332 NVIDIA Display Driver for Linux contains a vulnerability in a kernel module, where an attacker might be able to cause a null pointer deference. A successful exploit of this vulnerability might lead to denial of service. CVE-2025-23345 NVIDIA Display Driver for Windows and Linux contains a vulnerability in a video decoder, where an attacker might cause an out-of-bounds read. A successful exploit of this vulnerability might lead to information disclosure or denial of service. Linux Driver Branch CVEs Addressed R580, R570, R535 CVE-2025-23280, CVE-2025-23282, CVE-2025-23300, CVE-2025-23330, CVE-2025-23332, CVE-2025-23345 Driver Branch Affected Driver Versions Updated Driver Version R580 All driver versions prior to 580.95.05 580.95.05 R570 All driver versions prior to 570.195.03 570.195.03 R535 All driver versions prior to 535.274.02 535.274.02 Andreas
