Alerts This Week
Warning Icon 1 905
Alerts This Week
Warning Icon 1 905

openSUSE 15.6: Nvidia Important Update CVE-2025-23277 Buffer Overflow

opensuse
Calendar Grey September 17, 2025
Dist Opensuse Esm H88
Address pressing concerns in Nvidia drivers through the most recent major update for openSUSE, while prioritizing system security.
An update that solves five vulnerabilities, contains one feature and has four security fixes can now be installed.

Description

This update for nvidia-open-driver-G06-signed fixes the following issues:

Updated CUDA variant to 580.82.07:

* CVE-2025-23277: Fixed access to memory outside bounds permitted under normal

use cases in NVIDIA Display Driver (bsc#1247528).

* CVE-2025-23278: Fixed improper index validation by issuing a call with

crafted parameters in NVIDIA Display Driver (bsc#1247529).

* CVE-2025-23286: Fixed invalid memory read in NVIDIA GPU Display Driver

(bsc#1247530).

* CVE-2025-23283: Fixed stack buffer overflow triggerable by a malicious guest

in Virtual GPU Manager in NVIDIA vGPU software (bsc#1247531).

* CVE-2025-23279: Fixed race condition that leads to privileges escalations in

NVIDIA .run Installer (bsc#1247532).

Update non-CUDA variant to 580.82.07 (bsc#1249235).

Other fixes:

* Added Requires to be provided by special versions of nvidia-modprobe and

nvidia-persitenced built against SP4 (bsc#1237208, jsc#PED-13295).

* Get rid of rule of older KMPs...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory buffer overflow important memory access OpenSUSE nvidia-open-driver

Patch

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like

YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

* openSUSE Leap 15.6

zypper in -t patch SUSE-2025-3247=1 openSUSE-SLE-15.6-2025-3247=1

* Basesystem Module 15-SP6

zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-3247=1

* Public Cloud Module 15-SP6

zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP6-2025-3247=1

* Public Cloud Module 15-SP7

zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP7-2025-3247=1

Package List

* openSUSE Leap 15.6 (x86_64)

* nvidia-open-driver-G06-signed-kmp-azure-debuginfo-580.82.07_k6.4.0_150600.8.48-150600.3.63.1

* nvidia-open-driver-G06-signed-cuda-kmp-azure-debuginfo-580.82.07_k6.4.0_150600.8.48-150600.3.63.1

* nvidia-open-driver-G06-signed-cuda-azure-devel-580.82.07-150600.3.63.1

* nvidia-open-driver-G06-signed-azure-devel-580.82.07-150600.3.63.1

* nvidia-open-driver-G06-signed-kmp-azure-580.82.07_k6.4.0_150600.8.48-150600.3.63.1

* nvidia-open-driver-G06-signed-cuda-kmp-azure-580.82.07_k6.4.0_150600.8.48-150600.3.63.1

* openSUSE Leap 15.6 (aarch64 x86_64)

* nvidia-open-driver-G06-signed-cuda-debugsource-580.82.07-150600.3.63.1

* nvidia-open-driver-G06-signed-cuda-kmp-default-debuginfo-580.82.07_k6.4.0_150600.23.65-150600.3.63.1

* nvidia-open-driver-G06-signed-kmp-default-580.82.07_k6.4.0_150600.23.65-150600.3.63.1

* nvidia-open-driver-G06-signed-cuda-kmp-default-580.82.07_k6.4.0_150600.23.65-150600.3.63.1

* nvidia-open-driver-G06-signed-default-devel-580.82.07-150600.3.63.1

*...

Read the Full Advisory

References

* bsc#1237208

* bsc#1247528

* bsc#1247529

* bsc#1247530

* bsc#1247531

* bsc#1247532

* bsc#1247907

* bsc#1247923

* bsc#1249235

* jsc#PED-13295

## References:

* https://www.suse.com/security/cve/CVE-2025-23277.html

* https://www.suse.com/security/cve/CVE-2025-23278.html

* https://www.suse.com/security/cve/CVE-2025-23279.html

* https://www.suse.com/security/cve/CVE-2025-23283.html

* https://www.suse.com/security/cve/CVE-2025-23286.html

* https://bugzilla.suse.com/show_bug.cgi?id=1237208

* https://bugzilla.suse.com/show_bug.cgi?id=1247528

* https://bugzilla.suse.com/show_bug.cgi?id=1247529

* https://bugzilla.suse.com/show_bug.cgi?id=1247530

* https://bugzilla.suse.com/show_bug.cgi?id=1247531

* https://bugzilla.suse.com/show_bug.cgi?id=1247532

* https://bugzilla.suse.com/show_bug.cgi?id=1247907

* https://bugzilla.suse.com/show_bug.cgi?id=1247923

* https://bugzilla.suse.com/show_bug.cgi?id=1249235

* https://jira.suse.com/login.jsp?permissionViolation=true&os_destination=%2Fbrowse%2FPED-13295&page_caps=&user_role=

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2025:03247-1
Release Date: 2025-09-17T11:11:45Z
Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * Public Cloud Module 15-SP6 * Public Cloud Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7

Topics%20covered

Topics Covered

security advisory buffer overflow important memory access OpenSUSE nvidia-open-driver

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here