CVE-2025-23290 in GPU Display Driver
Summary
by MITRE • 08/03/2025
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager, where a guest could get global GPU metrics which may be influenced by work in other VMs. A successful exploit of this vulnerability might lead to information disclosure.
Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.
Analysis
by VulDB Data Team • 08/05/2025
The vulnerability identified as CVE-2025-23290 resides within NVIDIA vGPU software's Virtual GPU Manager component, representing a significant security flaw that undermines the isolation guarantees typically expected in virtualized GPU environments. This issue manifests as an information disclosure vulnerability that allows guest virtual machines to access global GPU metrics that should remain isolated from other virtual environments. The flaw specifically affects the vGPU software implementation where proper boundary enforcement between virtual machines fails to prevent cross-tenant data leakage.
This technical vulnerability stems from inadequate access control mechanisms within the Virtual GPU Manager, where guest operating systems can potentially query and retrieve GPU performance metrics that aggregate data across multiple virtual machines. The underlying flaw creates a path for information leakage through the GPU monitoring interfaces, allowing one VM to observe resource utilization patterns, memory consumption, and performance statistics that belong to other VMs running on the same physical GPU. Such a condition violates fundamental virtualization security principles and creates a potential attack surface for malicious actors seeking to gather intelligence about neighboring virtual environments.
The operational impact of this vulnerability extends beyond simple information disclosure, as it could enable sophisticated attackers to perform side-channel analysis and inference attacks against other virtual machines. An attacker with access to a compromised guest VM could potentially determine the workload characteristics of adjacent VMs, identify running applications, and even infer sensitive information about system configurations or security implementations. This cross-tenant data leakage creates risks for multi-tenant cloud environments where isolation between customer workloads is paramount for maintaining security boundaries and compliance requirements. The vulnerability particularly affects environments where multiple organizations share the same physical GPU resources without proper isolation controls.
Mitigation strategies for CVE-2025-23290 should focus on implementing enhanced access controls within the Virtual GPU Manager and ensuring proper isolation of GPU metrics between virtual machines. System administrators should apply the latest NVIDIA vGPU software updates that address this specific vulnerability through improved boundary enforcement mechanisms. Organizations should also consider implementing network segmentation and access controls to limit the potential impact of any successful exploitation attempts. The vulnerability aligns with CWE-284 Access Control Issues and represents a specific instance of improper access control within virtualized GPU environments. From an ATT&CK framework perspective, this vulnerability maps to techniques involving information gathering and privilege escalation, potentially enabling adversaries to gain insights that could facilitate further attacks against other VMs in the same environment.