CVE-2025-23245

Name of the Vulnerable Software and Affected Versions NVIDIA TensorRT-LLM (affected versions not specified) NVIDIA vGPU software (affected versions not specified)

Description The issue concerns a data validation problem in the python executor of NVIDIA TensorRT-LLM, which can be exploited by an attacker with local access to the TRTLLM server, potentially leading to code execution, information disclosure, and data tampering. Additionally, NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager that may allow a guest to access global resources, potentially resulting in a denial of service.

Recommendations For NVIDIA TensorRT-LLM, at the moment, there is no information about a newer version that contains a fix for this vulnerability. For NVIDIA vGPU software, at the moment, there is no information about a newer version that contains a fix for this vulnerability.