Primary

Context

NVIDIA nvJPEG Library Out-of-Bounds Read Vulnerability Allowing Information Disclosure or Denial-of-Service

Vulnerability

A vulnerability in the NVIDIA nvJPEG library allows an attacker to cause an out-of-bounds read by using a specially crafted JPEG file. Exploiting this vulnerability could lead to information disclosure or a denial-of-service condition.

Impact

Exploitation of this vulnerability could result in unauthorized information disclosure or a denial-of-service condition, causing a disruption in service or application functionality.

Remediation

Users are advised to upgrade to NVIDIA CUDA Toolkit 13.0 or CUDA Toolkit 12.9 Update 1. The latest version of the CUDA Toolkit can be downloaded from the NVIDIA Developer website. For more information, visit the NVIDIA Product Security page.

Added: Sep 24, 2025, 2:29 PM

Updated: Sep 24, 2025, 9:47 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

3.1

exploitability

7.4

remediation

7.7

relevance

0.6

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

3.1

exploitability

7.4

remediation

7.7

relevance

0.6

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

NVIDIA nvJPEG Library Out-of-Bounds Read Vulnerability Allowing Information Disclosure or Denial-of-Service

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating