CVE-2025-23350
Severity CVSS v4.0:
Pending analysis
Type:
CWE-787
Out-of-bounds Write
Publication date:
01/07/2026
Last modified:
01/07/2026
Description
NVIDIA ConnectX and BlueField contain a vulnerability in the command interface where a local user with virtual function (VF) access may cause a write out of bounds by crafted input. A successful exploit of this vulnerability may lead to arbitrary code execution on the device.
Impact
Base Score 3.x
9.00
Severity 3.x
CRITICAL



