CVE-2025-23280

NameCVE-2025-23280
DescriptionNVIDIA Display Driver for Linux contains a vulnerability where an attacker could cause a use-after-free. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of service, and information disclosure.
SourceCVE (at NVD; CERT, ENISA, LWN, oss-sec, fulldisc, Debian ELTS, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
Debian Bugs1118679, 1118680, 1118681, 1118682, 1118683, 1118684, 1118685, 1118686, 1118687, 1118688, 1118689

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
nvidia-graphics-drivers (PTS)bullseye/non-free470.256.02-2vulnerable
bookworm/non-free-firmware535.247.01-1~deb12u1vulnerable
trixie/non-free-firmware550.163.01-2vulnerable
forky/non-free-firmware, sid/non-free-firmware550.163.01-3vulnerable
nvidia-graphics-drivers-legacy-340xx (PTS)sid/non-free340.108-26vulnerable
nvidia-graphics-drivers-legacy-390xx (PTS)bullseye/non-free390.157-1~deb11u1vulnerable
sid/non-free390.157-14vulnerable
nvidia-graphics-drivers-tesla (PTS)bookworm/non-free-firmware525.147.05-15~deb12u1fixed
sid/non-free-firmware525.147.05-17fixed
nvidia-graphics-drivers-tesla-418 (PTS)bullseye/non-free418.226.00-6~deb11u2vulnerable
sid/non-free418.226.00-20vulnerable
nvidia-graphics-drivers-tesla-450 (PTS)bullseye/non-free450.248.02-7~deb11u1fixed
sid/non-free450.248.02-12fixed
nvidia-graphics-drivers-tesla-460 (PTS)bullseye/non-free460.106.00-17~deb11u1fixed
sid/non-free460.106.00-22fixed
nvidia-graphics-drivers-tesla-470 (PTS)bullseye/non-free470.256.02-1~deb11u2vulnerable
bookworm/non-free470.256.02-1~deb12u1vulnerable
sid/non-free470.256.02-8vulnerable
nvidia-graphics-drivers-tesla-535 (PTS)bookworm/non-free-firmware535.216.03-3~deb12u1vulnerable
trixie/non-free-firmware535.261.03-1vulnerable
forky/non-free-firmware, sid/non-free-firmware535.274.02-1fixed
nvidia-graphics-drivers-tesla-550 (PTS)sid/non-free-firmware550.54.15-3vulnerable
nvidia-open-gpu-kernel-modules (PTS)bookworm/contrib535.247.01-1~deb12u1vulnerable
trixie/contrib550.163.01-2vulnerable
forky/contrib, sid/contrib550.163.01-3vulnerable

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
nvidia-graphics-driverssource(unstable)(unfixed)1118679
nvidia-graphics-drivers-legacy-340xxsource(unstable)(unfixed)1118680
nvidia-graphics-drivers-legacy-390xxsource(unstable)(unfixed)1118681
nvidia-graphics-drivers-teslasource(unstable)525.147.05-61118686
nvidia-graphics-drivers-tesla-418source(unstable)(unfixed)1118682
nvidia-graphics-drivers-tesla-450source(unstable)450.248.02-41118683
nvidia-graphics-drivers-tesla-460source(unstable)460.106.00-31118684
nvidia-graphics-drivers-tesla-470source(unstable)(unfixed)1118685
nvidia-graphics-drivers-tesla-535sourceexperimental535.261.03-1
nvidia-graphics-drivers-tesla-535source(unstable)535.274.02-11118688
nvidia-graphics-drivers-tesla-550source(unstable)(unfixed)1118689
nvidia-open-gpu-kernel-modulessource(unstable)(unfixed)1118687

Notes

[trixie] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
[bookworm] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
[bullseye] - nvidia-graphics-drivers-legacy-390xx <ignored> (Non-free not supported)
[bullseye] - nvidia-graphics-drivers-tesla-418 <ignored> (Non-free not supported)
450.248.02-4 turned the package into a metapackage to aid switching to nvidia-graphics-drivers-tesla-470
460.106.00-3 turned the package into a metapackage to aid switching to nvidia-graphics-drivers-tesla-470
[bookworm] - nvidia-graphics-drivers-tesla-470 <no-dsa> (Non-free not supported)
[bullseye] - nvidia-graphics-drivers-tesla-470 <ignored> (Non-free not supported)
525.147.05-6 turned the package into a metapackage to aid switching to nvidia-graphics-drivers
[trixie] - nvidia-open-gpu-kernel-modules <no-dsa> (Contrib not supported)
[bookworm] - nvidia-open-gpu-kernel-modules <no-dsa> (Contrib not supported)
[trixie] - nvidia-graphics-drivers-tesla-535 <no-dsa> (Non-free not supported)
[bookworm] - nvidia-graphics-drivers-tesla-535 <no-dsa> (Non-free not supported)
https://nvidia.custhelp.com/app/answers/detail/a_id/5703
https://blog.quarkslab.com/nvidia_gpu_kernel_vmalloc_exploit.html
Search for package or bug name: Reporting problems