PT-2026-54609 · Nvidia · Connect+1
Published
2026-07-01
·
Updated
2026-07-02
·
CVE-2025-23351
CVSS v3.1
9.0
Critical
| Vector | AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
NVIDIA ConnectX (affected versions not specified)
NVIDIA BlueField (affected versions not specified)
Description
A flaw exists in the command interface that allows a local user with virtual function (VF) access to trigger a write out of bounds by providing crafted input. This condition can lead to arbitrary code execution on the device.
Recommendations
Apply the latest security patches for NVIDIA ConnectX.
Apply the latest security patches for NVIDIA BlueField.
Fix
Memory Corruption
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Bluefield
Connect