CVE-2025-23279

High CVSS 7.0

Overview

NVIDIA .run Installer for Linux and Solaris contains a vulnerability where an attacker could use a race condition to escalate privileges. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, denial of service, or data tampering.

CWE: CWE-367 Published: 2025-08-02T22:15:44.830

Risk analysis

This vulnerability is rated 🟠 HIGH.

CVSS: 7.0 (HIGH)
Detected tags: dos, info_leak, race (tag impact: VERY HIGH)

Recommended actions:

Rate limiting, resource quotas and circuit breakers.
Reduce verbose errors, remove debug endpoints, minimize PII in logs.
Patch/upgrade immediately (remote code execution).
Reduce exposure (WAF/segmentation), minimize attack surface.

Overview

Recommended tools

Tags