Alerts This Week
Warning Icon 1 692
Alerts This Week
Warning Icon 1 692

SUSE nvidia-open-driver-G06 Critical Buffer Overflow Privilege Escalation

suse
Calendar Grey September 29, 2025
Dist Suse Esm H88
SUSE's important update for nvidia-open-driver-G06-signed aims to fix significant security issues and enhance system integrity.
* bsc#1236658 * bsc#1236746 * bsc#1237208 * bsc#1237308 * bsc#1237585

Summary

## This update for nvidia-open-driver-G06-signed fixes the following issues: Updated CUDA variant to 580.82.07: * CVE-2025-23277: Fixed access memory outside bounds permitted under normal use cases in NVIDIA Display Driver (bsc#1247528). * CVE-2025-23278: Fixed improper index validation by issuing a call with crafted parameters in NVIDIA Display Driver (bsc#1247529). * CVE-2025-23286: Fixed invalid memory read in NVIDIA GPU Display Driver (bsc#1247530). * CVE-2025-23283: Fixed stack buffer overflow triggerable by a malicious guest in Virtual GPU Manager in NVIDIA vGPU software (bsc#1247531). * CVE-2025-23279: Fixed race condition that lead to privileges escalations in NVIDIA .run Installer (bsc#1247532). Update non-CUDA variant to 580.82.07 (bsc#1249235). Other fixes:

Topics%20covered

Topics Covered

security advisory buffer overflow SuSE privilege escalation important nvidia-open-driver

References

* bsc#1236658

* bsc#1236746

* bsc#1237208

* bsc#1237308

* bsc#1237585

* bsc#1239139

* bsc#1239653

* bsc#1241231

* bsc#1242054

* bsc#1243192

* bsc#1244614

* bsc#1246010

* bsc#1246327

* bsc#1247528

* bsc#1247529

* bsc#1247530

* bsc#1247531

* bsc#1247532

* bsc#1247907

* bsc#1247923

* bsc#1249235

* jsc#PED-13295

Cross-

* CVE-2025-23277

* CVE-2025-23278

* CVE-2025-23279

* CVE-2025-23283

* CVE-2025-23286

CVSS scores:

* CVE-2025-23277 ( SUSE ): 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

* CVE-2025-23277 ( NVD ): 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

* CVE-2025-23278 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

* CVE-2025-23278 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2025:03424-1
Release Date: 2025-09-29T09:02:01Z
Rating: important

Topics%20covered

Topics Covered

security advisory buffer overflow SuSE privilege escalation important nvidia-open-driver

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here