CVE-2025-23272 is a medium-severity vulnerability identified in the NVIDIA CUDA Toolkit, specifically within the nvJPEG library component. This vulnerability is classified as a CWE-125: Out-of-bounds Read, which occurs when a program reads data past the boundary of a buffer. In this case, an attacker can craft a malicious JPEG file that, when processed by the vulnerable nvJPEG library, triggers an out-of-bounds read condition. This flaw exists in all versions of the CUDA Toolkit prior to 12.9 Update 1. The consequence of exploiting this vulnerability includes potential information disclosure, where sensitive data from adjacent memory could be leaked, and denial of service (DoS), where the application or system processing the JPEG file could crash or become unresponsive. The CVSS v3.1 base score is 5.7, indicating a medium severity level. The attack vector is local (AV:L), meaning the attacker must have local access to the system to exploit this vulnerability. The attack complexity is high (AC:H), requiring specific conditions or knowledge to successfully exploit. No privileges are required (PR:N), and no user interaction is needed (UI:N). The impact is limited to confidentiality (C:L) and availability (A:H), with no impact on integrity. There are no known exploits in the wild at the time of publication, and no official patch links are provided yet, though the issue is resolved in CUDA Toolkit 12.9 Update 1 and later versions.

For European organizations, the impact of CVE-2025-23272 depends largely on their use of NVIDIA CUDA Toolkit in local environments, such as research institutions, data centers, and enterprises leveraging GPU-accelerated computing for AI, machine learning, and image processing tasks. The vulnerability could lead to unauthorized disclosure of sensitive data residing in memory, which may include proprietary algorithms, user data, or cryptographic keys, thereby compromising confidentiality. Additionally, denial of service conditions could disrupt critical computational workloads, leading to operational downtime and potential financial losses. Since exploitation requires local access, the risk is higher in environments where multiple users share GPU resources or where attackers can gain local foothold, such as through compromised user accounts or insider threats. The absence of user interaction and privileges required lowers the barrier once local access is obtained. European organizations with strict data protection regulations (e.g., GDPR) must consider the confidentiality impact seriously, as data leakage could lead to regulatory penalties and reputational damage.

European organizations should prioritize upgrading to NVIDIA CUDA Toolkit version 12.9 Update 1 or later, where this vulnerability is addressed. Until patching is possible, organizations should implement strict access controls to limit local access to systems running vulnerable CUDA Toolkit versions, including enforcing least privilege principles and monitoring for unauthorized access attempts. Network segmentation and isolation of GPU-accelerated computing environments can reduce exposure. Additionally, organizations should audit and restrict the processing of untrusted JPEG files, especially those originating from external or less trusted sources, to prevent triggering the vulnerability. Employing runtime application self-protection (RASP) or memory protection mechanisms may help detect or mitigate out-of-bounds reads. Regularly monitoring system logs and GPU usage patterns for anomalies can aid in early detection of exploitation attempts. Finally, organizations should maintain an inventory of systems using the CUDA Toolkit to ensure timely patch management and vulnerability remediation.