Analysis and contextual insights are available on OpenCVE Cloud.
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
No advisories yet.
Tue, 07 Jul 2026 20:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | Out‑of‑Bounds Write in NVIDIA ConnectX and BlueField Virtual Function Command Interface Leading to Local Arbitrary Code Execution |
Tue, 07 Jul 2026 03:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | Out‑of‑Bounds Write in NVIDIA ConnectX and BlueField Virtual Function Command Interface Leading to Local Arbitrary Code Execution |
Mon, 06 Jul 2026 15:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | Buffer Overflow in NVIDIA ConnectX/BlueField VF Command Interface Enables Local Code Execution |
Mon, 06 Jul 2026 03:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | Buffer Overflow in NVIDIA ConnectX/BlueField VF Command Interface Enables Local Code Execution |
Sun, 05 Jul 2026 11:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | Local Arbitrary Code Execution via Out-of-Bounds Write in NVIDIA ConnectX and BlueField VF Command Interface |
Sat, 04 Jul 2026 22:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | Local Arbitrary Code Execution via Out-of-Bounds Write in NVIDIA ConnectX and BlueField VF Command Interface |
Sat, 04 Jul 2026 14:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | Vulnerable VF Command Interface Allows Local Arbitrary Code Execution on NVIDIA ConnectX and BlueField Devices |
Sat, 04 Jul 2026 07:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | Vulnerable VF Command Interface Allows Local Arbitrary Code Execution on NVIDIA ConnectX and BlueField Devices |
Fri, 03 Jul 2026 23:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | NVIDIA ConnectX and BlueField Devices Vulnerable to Local Out-of-Bounds Write Leading to Arbitrary Code Execution |
Fri, 03 Jul 2026 08:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | NVIDIA ConnectX and BlueField Devices Vulnerable to Local Out-of-Bounds Write Leading to Arbitrary Code Execution |
Thu, 02 Jul 2026 16:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | Local Virtual Function Vulnerability Permits Arbitrary Code Execution |
Thu, 02 Jul 2026 05:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | Local Virtual Function Vulnerability Permits Arbitrary Code Execution |
Wed, 01 Jul 2026 23:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | VF Command Interface Out‑of‑Bounds Write Enables Local Arbitrary Code Execution |
Wed, 01 Jul 2026 20:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | VF Command Interface Out‑of‑Bounds Write Enables Local Arbitrary Code Execution |
Wed, 01 Jul 2026 16:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Wed, 01 Jul 2026 15:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | NVIDIA ConnectX and BlueField contain a vulnerability in the command interface where a local user with virtual function (VF) access may cause a write out of bounds by crafted input. A successful exploit of this vulnerability may lead to arbitrary code execution on the device. | |
| Weaknesses | CWE-787 | |
| References |
| |
| Metrics |
cvssV3_1
|
Subscriptions
No data.
Status: PUBLISHED
Assigner: nvidia
Published:
Updated: 2026-07-01T16:03:10.537Z
Reserved: 2025-01-14T01:07:21.737Z
Link: CVE-2025-23351
Updated: 2026-07-01T16:03:06.715Z
No data.
No data.
OpenCVE Enrichment
Updated: 2026-07-07T20:30:04Z