CVE-2025-23244

Public on 2025-04-30

Modified on 2025-04-30

Description

NVIDIA GPU Display Driver for Linux contains a vulnerability which could allow an unprivileged attacker to escalate permissions. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.

Severity

Important

CVSS v3 Base Score

7.8

See breakdown

Affected Packages

Platform	Package	Release Date	Advisory	Status
Amazon Linux 2023	cuda-compat	2025-05-07	ALAS2023NVIDIA-2025-072	Fixed
Amazon Linux 2023	cuda-drivers	2025-05-07	ALAS2023NVIDIA-2025-071	Fixed
Amazon Linux 2023	kmod-nvidia-latest-dkms	2025-05-07	ALAS2023NVIDIA-2025-070	Fixed
Amazon Linux 2023	kmod-nvidia-open-dkms	2025-05-07	ALAS2023NVIDIA-2025-069	Fixed
Amazon Linux 2023	libnvidia-nscq-570	2025-05-07	ALAS2023NVIDIA-2025-067	Fixed
Amazon Linux 2023	libnvsdm-570	2025-05-07	ALAS2023NVIDIA-2025-066	Fixed
Amazon Linux 2023	nvidia-driver	2025-05-07	ALAS2023NVIDIA-2025-068	Fixed
Amazon Linux 2023	nvidia-fabric-manager	2025-05-07	ALAS2023NVIDIA-2025-065	Fixed
Amazon Linux 2023	nvidia-imex-570	2025-05-07	ALAS2023NVIDIA-2025-064	Fixed
Amazon Linux 2023	nvidia-kmod-common	2025-05-07	ALAS2023NVIDIA-2025-063	Fixed
Amazon Linux 2023	nvidia-modprobe	2025-05-07	ALAS2023NVIDIA-2025-062	Fixed
Amazon Linux 2023	nvidia-open	2025-05-07	ALAS2023NVIDIA-2025-061	Fixed
Amazon Linux 2023	nvidia-persistenced	2025-05-07	ALAS2023NVIDIA-2025-060	Fixed

CVSS Scores

	Score Type	Score	Vector
Amazon Linux	CVSSv3	7.8	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
NVD	CVSSv3	7.8	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References

Red Hat: CVE-2025-23244 Mitre: CVE-2025-23244