NVIDIA nvJPEG contains a vulnerability in jpeg encoding where a user may cause an out-of-bounds read by providing a maliciously crafted input image with dimensions that cause integer overflows in array index calculations. A successful exploit of this vulnerability may lead to denial of service.
Metrics
Affected Vendors & Products
| Vendors | Products |
|---|---|
| Nvidia |
|
No data.
No data.
References
History
Thu, 25 Sep 2025 08:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Nvidia
Nvidia cuda Toolkit Nvidia nvjpeg |
|
| Vendors & Products |
Nvidia
Nvidia cuda Toolkit Nvidia nvjpeg |
Wed, 24 Sep 2025 19:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Wed, 24 Sep 2025 13:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | NVIDIA nvJPEG contains a vulnerability in jpeg encoding where a user may cause an out-of-bounds read by providing a maliciously crafted input image with dimensions that cause integer overflows in array index calculations. A successful exploit of this vulnerability may lead to denial of service. | |
| Weaknesses | CWE-125 | |
| References |
| |
| Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: nvidia
Published:
Updated: 2025-09-24T18:45:23.273Z
Reserved: 2025-01-14T01:06:24.332Z
Link: CVE-2025-23274
Vulnrichment
Updated: 2025-09-24T18:45:20.251Z
NVD
Status : Awaiting Analysis
Published: 2025-09-24T14:15:47.507
Modified: 2025-09-24T18:11:24.520
Link: CVE-2025-23274
Redhat
No data.