CVE-2025-23273

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2025-23273
NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvJPEG where a local authenticated user may cause a divide by zero error by submitting a specially crafted JPEG file. A successful exploit of this vulnerability may lead to denial of service.

2.5 /10

CVSS v3 : LOW

V3 Legend

Vector :

Exploitability : 1.0 / Impact : 1.4

Attack Vector LOCAL

Attack Complexity HIGH

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact LOW

Scope UNCHANGED

References
Link Resource
https://nvd.nist.gov/vuln/detail/CVE-2025-23273 Technical Description
https://nvidia.custhelp.com/app/answers/detail/a_id/5661 Vendor Advisory
https://www.cve.org/CVERecord?id=CVE-2025-23273 Third Party Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:a:nvidia:cuda_toolkit:*:*:*:*:*:*:*:*
OR cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:a:nvidia:nvjpeg:-:*:*:*:*:*:*:*
OR cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
cpe:2.3:o:nvidia:driveos:-:*:*:*:*:*:*:*
cpe:2.3:o:nvidia:linux_for_tegra:-:*:*:*:*:*:*:*
History

06 Oct 2025, 14:55

Type Values Removed Values Added
First Time Nvidia
Linux
Microsoft
Nvidia linux For Tegra
Microsoft windows
Nvidia cuda Toolkit
Nvidia driveos
Linux linux Kernel
Nvidia nvjpeg
References () https://nvd.nist.gov/vuln/detail/CVE-2025-23273 - () https://nvd.nist.gov/vuln/detail/CVE-2025-23273 - Technical Description
References () https://nvidia.custhelp.com/app/answers/detail/a_id/5661 - () https://nvidia.custhelp.com/app/answers/detail/a_id/5661 - Vendor Advisory
References () https://www.cve.org/CVERecord?id=CVE-2025-23273 - () https://www.cve.org/CVERecord?id=CVE-2025-23273 - Third Party Advisory
CPE cpe:2.3:a:nvidia:nvjpeg:-:*:*:*:*:*:*:*
cpe:2.3:o:nvidia:driveos:-:*:*:*:*:*:*:*
cpe:2.3:a:nvidia:cuda_toolkit:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
cpe:2.3:o:nvidia:linux_for_tegra:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

24 Sep 2025, 14:15

Type Values Removed Values Added
New CVE
Information

Published : 2025-09-24 14:15

Updated : 2025-10-06 14:55

NVD link : CVE-2025-23273

Mitre link : CVE-2025-23273

CVE.ORG link : CVE-2025-23273

JSON object : View

Products Affected

nvidia

  • nvjpeg
  • driveos
  • linux_for_tegra
  • cuda_toolkit

microsoft

  • windows

linux

  • linux_kernel
CWE
CWE-369

Divide By Zero