Skip to main content

NVIDIA ConnectX CVE-2025-23350

| EUVDEUVD-2025-210395 CRITICAL
Out-of-bounds Write (CWE-787)
2026-07-01 nvidia GHSA-3qrx-5p8c-85ff
9.0
CVSS 3.1 · Vendor: nvidia
Share

Severity by source

Vendor (nvidia) PRIMARY
9.0 CRITICAL
AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
vuln.today AI
9.0 CRITICAL

VF access represents the guest/device boundary (AV:A) with low privilege (PR:L); the out-of-bounds write yields device code execution that crosses into the host (S:C, C/I/A:H).

3.1 AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
4.0 AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

Primary rating from Vendor (nvidia).

CVSS VectorVendor: nvidia

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Attack Vector
Adjacent
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Changed
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

1
Analysis Generated
Jul 01, 2026 - 16:00 vuln.today

DescriptionCVE.org

NVIDIA ConnectX and BlueField contain a vulnerability in the command interface where a local user with virtual function (VF) access may cause a write out of bounds by crafted input. A successful exploit of this vulnerability may lead to arbitrary code execution on the device.

AnalysisAI

Out-of-bounds write in the command interface of NVIDIA ConnectX network adapters and BlueField DPUs allows a local user holding an assigned virtual function (VF) to corrupt device memory via crafted input, potentially achieving arbitrary code execution on the device itself. Because the flaw sits at the firmware command interface reachable from a SR-IOV guest, a successful exploit crosses the guest/device trust boundary (CVSS scope-changed, base 9.0) and can compromise the host that owns the adapter. This is a vendor-reported issue with no public exploit identified at time of analysis and no CISA KEV listing.

Technical ContextAI

ConnectX is NVIDIA/Mellanox's family of high-speed Ethernet/InfiniBand network interface cards, and BlueField is the associated Data Processing Unit (DPU/SmartNIC) that embeds ConnectX networking with Arm cores. Both expose a hardware command interface used to issue control operations to the device firmware. Under SR-IOV, the adapter presents virtual functions (VFs) that can be assigned to guest VMs or unprivileged contexts; the command interface reachable through a VF is the attack surface here. The root cause is CWE-787 (Out-of-bounds Write): the firmware fails to properly validate the size or bounds of attacker-supplied command input, so crafted data writes past the intended buffer, corrupting adjacent memory. Affected build trains per NVIDIA CPE data are ConnectX GA, LTS22, LTS23, LTS24 and BlueField GA, LTS22, LTS23, LTS24.

RemediationAI

Patch available per vendor advisory: apply the fixed firmware/driver for your specific ConnectX or BlueField branch (GA, LTS22, LTS23, or LTS24) as published by NVIDIA at https://github.com/NVIDIA/product-security/tree/main/2026/5699; the input data does not include exact fixed version numbers, so confirm the target build directly from that advisory before deploying. Until patched, reduce exposure by not assigning virtual functions to untrusted or multi-tenant guests, since the exploit prerequisite is VF access - where SR-IOV passthrough to untrusted VMs is not operationally required, disable it and use paravirtualized networking instead, accepting the throughput/latency trade-off. Where VFs must be exposed, restrict them to trusted workloads only and monitor for anomalous device command-interface behavior; note these are compensating controls that do not remove the underlying flaw.

Share

CVE-2025-23350 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy