CNNVD-202511-2743 Information

CNNVD ID

CNNVD-202511-2743

Related CVE

CVE-2025-33189

• CNNVD Published: 2025-11-25

Description (Chinese)

NVIDIA DGX Spark是美国英伟达（NVIDIA）公司的一款个人AI计算机。 NVIDIA DGX Spark GB10存在缓冲区错误漏洞，该漏洞源于SROOT固件中存在越界写入，可能导致代码执行、数据篡改、拒绝服务、信息泄露或权限提升。

Description (English)

NVIDIA DGX Spark is a personal AI computer of NVIDIA. NVIDIA DGX Spark GB10 has an error loophole in the buffer zone, resulting from cross-border writing in SROOT solids, which may lead to code execution, data manipulation, denial of services, leaking of information or enhanced access.

Hazard Level

Medium

Vulnerability Type

缓冲区错误

Affected Vendor

英伟达

Published

2025-11-25

Last Modified

2026-02-24

References

https://www.cve.org/CVERecord?id=CVE-2025-33189 https://nvd.nist.gov/vuln/detail/CVE-2025-33189 https://nvidia.custhelp.com/app/answers/detail/a_id/5720 https://access.redhat.com/security/cve/cve-2025-33189

Patch

https://nvidia.custhelp.com/app/answers/detail/a_id/5720