CNNVD-202511-2741 Information

CNNVD ID

CNNVD-202511-2741

Related CVE

CVE-2025-33190

• CNNVD Published: 2025-11-25

Description (Chinese)

NVIDIA DGX Spark是美国英伟达（NVIDIA）公司的一款个人AI计算机。 NVIDIA DGX Spark GB10存在缓冲区错误漏洞，该漏洞源于SROOT固件中存在越界写入，可能导致代码执行、数据篡改、拒绝服务或权限提升。

Description (English)

NVIDIA DGX Spark is a personal AI computer of NVIDIA. NVIDIA DGX Spark GB10 has an error loophole in the buffer zone resulting from cross-border writing in SROOT solids, which may lead to code execution, data manipulation, denial of services or enhanced privileges.

Hazard Level

High

Vulnerability Type

缓冲区错误

Affected Vendor

英伟达

Published

2025-11-25

Last Modified

2026-02-24

References

https://nvd.nist.gov/vuln/detail/CVE-2025-33190 https://nvidia.custhelp.com/app/answers/detail/a_id/5720 https://www.cve.org/CVERecord?id=CVE-2025-33190 https://access.redhat.com/security/cve/cve-2025-33190

Patch

https://nvidia.custhelp.com/app/answers/detail/a_id/5720