Alerts This Week
Warning Icon 1 727
Alerts This Week
Warning Icon 1 727

SUSE: Important Security Update for NVIDIA Open Driver CVE-2025-23277

suse
Calendar Grey September 17, 2025
Dist Suse Esm H88
The latest release of nvidia-open-driver-G06-signed addresses several critical vulnerabilities, such as memory handling errors and potential buffer overflow hazards.
* bsc#1237208 * bsc#1247528 * bsc#1247529 * bsc#1247530 * bsc#1247531

Summary

## This update for nvidia-open-driver-G06-signed fixes the following issues: Updated CUDA variant to 580.82.07: * CVE-2025-23277: Fixed access to memory outside bounds permitted under normal use cases in NVIDIA Display Driver (bsc#1247528). * CVE-2025-23278: Fixed improper index validation by issuing a call with crafted parameters in NVIDIA Display Driver (bsc#1247529). * CVE-2025-23286: Fixed invalid memory read in NVIDIA GPU Display Driver (bsc#1247530). * CVE-2025-23283: Fixed stack buffer overflow triggerable by a malicious guest in Virtual GPU Manager in NVIDIA vGPU software (bsc#1247531). * CVE-2025-23279: Fixed race condition that leads to privileges escalations in NVIDIA .run Installer (bsc#1247532). Update non-CUDA variant to 580.82.07 (bsc#1249235). Other fixes:

Topics%20covered

Topics Covered

security advisory buffer overflow SuSE important memory access nvidia

References

* bsc#1237208

* bsc#1247528

* bsc#1247529

* bsc#1247530

* bsc#1247531

* bsc#1247532

* bsc#1247907

* bsc#1247923

* bsc#1249235

* jsc#PED-13295

Cross-

* CVE-2025-23277

* CVE-2025-23278

* CVE-2025-23279

* CVE-2025-23283

* CVE-2025-23286

CVSS scores:

* CVE-2025-23277 ( SUSE ): 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

* CVE-2025-23277 ( NVD ): 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

* CVE-2025-23278 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

* CVE-2025-23278 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

* CVE-2025-23279 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2025-23279 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2025-23283 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2025:03246-1
Release Date: 2025-09-17T11:11:24Z
Rating: important

Topics%20covered

Topics Covered

security advisory buffer overflow SuSE important memory access nvidia

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here