CVE-2025-23322

{"id": "CVE-2025-23322", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "psirt@nvidia.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2025-08-06T13:15:39.930", "references": [{"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-23322", "tags": ["US Government Resource"], "source": "psirt@nvidia.com"}, {"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5687", "tags": ["Vendor Advisory"], "source": "psirt@nvidia.com"}, {"url": "https://www.cve.org/CVERecord?id=CVE-2025-23322", "tags": ["Third Party Advisory"], "source": "psirt@nvidia.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "psirt@nvidia.com", "description": [{"lang": "en", "value": "CWE-415"}]}], "descriptions": [{"lang": "en", "value": "NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where multiple requests could cause a double free when a stream is cancelled before it is processed. A successful exploit of this vulnerability might lead to denial of service."}, {"lang": "es", "value": "NVIDIA Triton Inference Server para Windows y Linux contiene una vulnerabilidad que permite que varias solicitudes provoquen una doble liberaci\u00f3n si una transmisi\u00f3n se cancela antes de ser procesada. Una explotaci\u00f3n exitosa de esta vulnerabilidad podr\u00eda provocar una denegaci\u00f3n de servicio."}], "lastModified": "2025-08-12T16:35:11.033", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:nvidia:triton_inference_server:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B950A423-817C-4163-87ED-C43AB02DF5BC", "versionEndExcluding": "25.06"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"}, {"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "psirt@nvidia.com"}