FKIE_CVE-2025-33216

Vulnerability from fkie_nvd - Published: 2026-03-24 21:16 - Updated: 2026-03-25 15:41
Severity ?
6.8 (Medium) - CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
Summary
NVIDIA SNAP-4 Container contains a vulnerability in the configuration interface where an attacker on a VM may cause an incorrect calculation of buffer size by sending crafted configurations. A successful exploit of this vulnerability may lead to crash of the SNAP service, causing denial of service of the storage service to the host.
References
psirt@nvidia.comhttps://nvd.nist.gov/vuln/detail/CVE-2025-33216
psirt@nvidia.comhttps://nvidia.custhelp.com/app/answers/detail/a_id/5744
psirt@nvidia.comhttps://www.cve.org/CVERecord?id=CVE-2025-33216
Impacted products
Vendor Product Version
To clipboard 

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "NVIDIA SNAP-4 Container contains a vulnerability in the configuration interface where an attacker on a VM may cause an incorrect calculation of buffer size by sending crafted configurations. A successful exploit of this vulnerability may lead to crash of the SNAP service, causing denial of service of the storage service to the host."
    },
    {
      "lang": "es",
      "value": "NVIDIA SNAP-4 Contenedor contiene una vulnerabilidad en la interfaz de configuraci\u00f3n donde un atacante en una VM puede causar un c\u00e1lculo incorrecto del tama\u00f1o del b\u00fafer al enviar configuraciones manipuladas. Un exploit exitoso de esta vulnerabilidad puede provocar la ca\u00edda del servicio SNAP, causando denegaci\u00f3n de servicio del servicio de almacenamiento al host."
    }
  ],
  "id": "CVE-2025-33216",
  "lastModified": "2026-03-25T15:41:58.280",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "ADJACENT_NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 6.8,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.3,
        "impactScore": 4.0,
        "source": "psirt@nvidia.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2026-03-24T21:16:23.903",
  "references": [
    {
      "source": "psirt@nvidia.com",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-33216"
    },
    {
      "source": "psirt@nvidia.com",
      "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5744"
    },
    {
      "source": "psirt@nvidia.com",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-33216"
    }
  ],
  "sourceIdentifier": "psirt@nvidia.com",
  "vulnStatus": "Awaiting Analysis",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-131"
        }
      ],
      "source": "psirt@nvidia.com",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.