Nixpkgs Security Tracker

Login with GitHub

Suggestion detail

Untriaged
Permalink CVE-2025-33220
7.8 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): LOCAL
  • Attack complexity (AC): LOW
  • Privileges required (PR): LOW
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): HIGH
  • Availability impact (A): HIGH
created 1 month, 3 weeks ago
NVIDIA vGPU software contains a vulnerability in the Virtual GPU …

NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager, where a malicious guest could cause heap memory access after the memory is freed. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of service, or information disclosure.

References

Affected products

Tesla
  • ==All driver versions prior to 580.126.09
  • ==All driver versions prior to 535.288.01
  • ==All driver versions prior to 590.48.01
  • ==All driver versions prior to 570.211.01
GeForce
  • ==All driver versions prior to 580.126.09
  • ==All driver versions prior to 535.288.01
  • ==All driver versions prior to 590.48.01
  • ==All driver versions prior to 570.211.01
Virtual GPU Manager
  • ==570.195.02(All versions prior to and including vGPU software 18.5)
  • ==535.274.03(All versions prior to and including vGPU software 16.13)
  • ==580.105.06(All versions prior to and including vGPU software 19.3)
RTX PRO, RTX, Quadro
  • ==All driver versions prior to 580.126.09
  • ==All driver versions prior to 535.288.01
  • ==All driver versions prior to 590.48.01
  • ==All driver versions prior to 570.211.01

Matching in nixpkgs

Package maintainers