Skip to main content

Bluefield Lts22

2 CVEs product

Monthly

CVE-2025-23351 CRITICAL Act Now

Out-of-bounds write in the command interface of NVIDIA ConnectX SmartNICs and BlueField DPUs allows a local user holding virtual function (VF) access - typically a tenant inside a guest VM - to corrupt device memory via crafted input and potentially achieve arbitrary code execution on the network device itself. Because the CVSS scope is Changed (S:C), a successful exploit crosses the VF isolation boundary and threatens the host and other tenants, making this a serious multi-tenant/cloud isolation-breakout risk. There is no public exploit identified at time of analysis and it is not listed in CISA KEV.

RCE Buffer Overflow Memory Corruption Nvidia Bluefield Ga +9
NVD GitHub
CVSS 3.1
9.0
EPSS
0.3%
CVE-2025-23350 CRITICAL Act Now

Out-of-bounds write in the command interface of NVIDIA ConnectX network adapters and BlueField DPUs allows a local user holding an assigned virtual function (VF) to corrupt device memory via crafted input, potentially achieving arbitrary code execution on the device itself. Because the flaw sits at the firmware command interface reachable from a SR-IOV guest, a successful exploit crosses the guest/device trust boundary (CVSS scope-changed, base 9.0) and can compromise the host that owns the adapter. This is a vendor-reported issue with no public exploit identified at time of analysis and no CISA KEV listing.

RCE Buffer Overflow Memory Corruption Nvidia Bluefield Ga +7
NVD GitHub
CVSS 3.1
9.0
EPSS
0.3%
EPSS 0% CVSS 9.0
CRITICAL Act Now

Out-of-bounds write in the command interface of NVIDIA ConnectX SmartNICs and BlueField DPUs allows a local user holding virtual function (VF) access - typically a tenant inside a guest VM - to corrupt device memory via crafted input and potentially achieve arbitrary code execution on the network device itself. Because the CVSS scope is Changed (S:C), a successful exploit crosses the VF isolation boundary and threatens the host and other tenants, making this a serious multi-tenant/cloud isolation-breakout risk. There is no public exploit identified at time of analysis and it is not listed in CISA KEV.

RCE Buffer Overflow Memory Corruption +11
NVD GitHub
EPSS 0% CVSS 9.0
CRITICAL Act Now

Out-of-bounds write in the command interface of NVIDIA ConnectX network adapters and BlueField DPUs allows a local user holding an assigned virtual function (VF) to corrupt device memory via crafted input, potentially achieving arbitrary code execution on the device itself. Because the flaw sits at the firmware command interface reachable from a SR-IOV guest, a successful exploit crosses the guest/device trust boundary (CVSS scope-changed, base 9.0) and can compromise the host that owns the adapter. This is a vendor-reported issue with no public exploit identified at time of analysis and no CISA KEV listing.

RCE Buffer Overflow Memory Corruption +9
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy