CVE-2025-23330

Description

NVIDIA Display Driver for Linux contains a vulnerability where an attacker might be able to trigger a null pointer dereference. A successful exploit of this vulnerability might lead to denial of service.

How to fix CVE-2025-23330

To remediate CVE-2025-23330, upgrade the affected package to a fixed version below.

• Debian/nvidia-graphics-drivers—no fix listed
• Debian/nvidia-graphics-drivers-legacy-390xx—no fix listed
• —upgrade to 525.147.05-6 or later
• —no fix listed
• —upgrade to 450.248.02-4 or later
• —upgrade to 460.106.00-3 or later
• —no fix listed
• —no fix listed
• —no fix listed

Is CVE-2025-23330 being exploited?

Low — EPSS is 0.0%, meaning exploitation activity has not been observed at scale.

Affected packages (9)

• from 0
• from 0
• from 0, < 525.147.05-6
• from 0
• from 0, < 450.248.02-4
• from 0, < 460.106.00-3
• from 0
• from 0
• from 0

CVSS scores

References (1)

• ADVISORYsecurity-tracker.debian.org/tracker/CVE-2025-23330