CVE-2025-23280

Public on 2025-10-01
Modified on 2025-10-13
Description
NVIDIA Display Driver for Linux contains a vulnerability where an attacker could cause a use-after-free. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of service, and information disclosure.
Severity
Important severity
Important
See what this means
CVSS v3 Base Score
7.8
See breakdown

Affected Packages

Platform Package Release Date Advisory Status
Amazon Linux 2023 cuda-compat 2025-11-05 ALAS2023NVIDIA-2025-255 Fixed
Amazon Linux 2023 cuda-cuobjdump-13-0 2025-09-29 ALAS2023NVIDIA-2025-143 Fixed
Amazon Linux 2023 cuda-cuobjdump-13-0 2025-10-14 ALAS2023NVIDIA-2025-185 Fixed
Amazon Linux 2023 cuda-drivers 2025-11-05 ALAS2023NVIDIA-2025-254 Fixed
Amazon Linux 2023 kmod-nvidia-latest-dkms 2025-11-05 ALAS2023NVIDIA-2025-253 Fixed
Amazon Linux 2023 kmod-nvidia-open-dkms 2025-11-05 ALAS2023NVIDIA-2025-252 Fixed
Amazon Linux 2023 libnvidia-nscq 2025-11-05 ALAS2023NVIDIA-2025-250 Fixed
Amazon Linux 2023 libnvsdm 2025-11-05 ALAS2023NVIDIA-2025-249 Fixed
Amazon Linux 2023 nvidia-driver 2025-11-05 ALAS2023NVIDIA-2025-251 Fixed
Amazon Linux 2023 nvidia-fabricmanager 2025-11-05 ALAS2023NVIDIA-2025-248 Fixed
Amazon Linux 2023 nvidia-imex 2025-11-05 ALAS2023NVIDIA-2025-247 Fixed
Amazon Linux 2023 nvidia-kmod-common 2025-11-05 ALAS2023NVIDIA-2025-246 Fixed
Amazon Linux 2023 nvidia-modprobe 2025-11-05 ALAS2023NVIDIA-2025-244 Fixed
Amazon Linux 2023 nvidia-open 2025-11-05 ALAS2023NVIDIA-2025-243 Fixed
Amazon Linux 2023 nvidia-persistenced 2025-11-05 ALAS2023NVIDIA-2025-242 Fixed
Amazon Linux 2023 nvidia-settings 2025-11-05 ALAS2023NVIDIA-2025-245 Fixed
Amazon Linux 2023 nvidia-xconfig 2025-11-05 ALAS2023NVIDIA-2025-241 Fixed
Amazon Linux 2023 nvlink5 2025-11-05 ALAS2023NVIDIA-2025-240 Fixed
Amazon Linux 2023 nvlink5-580 2025-11-05 ALAS2023NVIDIA-2025-239 Fixed

CVSS Scores

Score Type Score Vector
Amazon Linux CVSSv3 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References

FAQs regarding Amazon Linux ALAS/CVE Severity Red Hat: CVE-2025-23280 Mitre: CVE-2025-23280