CNNVD-202511-2742 Information

Nov 25, 2025 cve

CNNVD ID

CNNVD-202511-2742

CVE-2025-33195

  • CNNVD Published: 2025-11-25

Description (Chinese)

NVIDIA DGX Spark是美国英伟达(NVIDIA)公司的一款个人AI计算机。 NVIDIA DGX Spark GB10存在缓冲区错误漏洞,该漏洞源于SROOT固件中存在意外内存缓冲区操作,可能导致数据篡改、拒绝服务或权限提升。

Description (English)

NVIDIA DGX Spark is a personal AI computer of NVIDIA. NVIDIA DGX Spark GB10 has a buffer zone error loophole, which stems from the accidental memory buffer operation in SROOT solids, which may lead to data manipulation, denial of service or enhanced access.

Hazard Level

High

Vulnerability Type

缓冲区错误

Affected Vendor

英伟达

Published

2025-11-25

Last Modified

2026-02-24

References

https://nvd.nist.gov/vuln/detail/CVE-2025-33195 https://www.cve.org/CVERecord?id=CVE-2025-33195 https://nvidia.custhelp.com/app/answers/detail/a_id/5720 https://access.redhat.com/security/cve/cve-2025-33195

Patch

https://nvidia.custhelp.com/app/answers/detail/a_id/5720

Share on: