DEBIAN-CVE-2025-23259

See a problem?
Please try reporting it to the source first.
Source
https://security-tracker.debian.org/tracker/CVE-2025-23259
Import Source
https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2025-23259.json
JSON Data
https://api.osv.dev/v1/vulns/DEBIAN-CVE-2025-23259
Upstream
Published
2025-09-04T16:15:34.293Z
Modified
2025-11-20T10:18:04.930719Z
Severity
  • 6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H CVSS Calculator
Summary
[none]
Details

NVIDIA Mellanox DPDK contains a vulnerability in Poll Mode Driver (PMD), where an attacker on a VM in the system might be able to cause information disclosure and denial of service on the network interface.

References

Affected packages

Debian:11 / dpdk

Package

Name
dpdk
Purl
pkg:deb/debian/dpdk?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

20.*

20.11-7
20.11.1-1
20.11.1-2
20.11.1-3
20.11.1-4
20.11.2-1
20.11.3-1~deb11u1
20.11.3-1
20.11.3-2
20.11.4-1
20.11.4-2~deb11u1
20.11.4-2
20.11.5-1~deb11u1
20.11.5-1
20.11.6-1~deb11u1
20.11.7-1~deb11u1
20.11.8-1~deb11u1
20.11.9-1~deb11u1
20.11.10-1~deb11u1

21.*

21.08-1
21.08-2
21.11-1
21.11-3
21.11-4~exp1
21.11-4
21.11-5

22.*

22.11~rc2-1
22.11-1
22.11.1-1
22.11.1-2
22.11.2-1
22.11.2-2~deb12u1
22.11.2-2
22.11.2-3
22.11.3-1~deb12u1
22.11.3-1
22.11.3-2
22.11.4-1~deb12u1
22.11.5-1~deb12u1
22.11.6-1~deb12u1
22.11.7-1~deb12u1
22.11.8-1~deb12u1
22.11.9-1~deb12u1

23.*

23.11-1~exp1
23.11-1
23.11.1-1
23.11.1-2
23.11.2-1
23.11.2-1+exp1
23.11.2-1+exp2
23.11.2-1+exp3
23.11.2-1+exp4
23.11.2-2
23.11.2-3

24.*

24.11~rc2-1
24.11~rc2-2
24.11~rc3-1
24.11~rc4-1
24.11-1
24.11-2
24.11.1-1
24.11.2-1
24.11.2-2
24.11.3-1~deb13u1
24.11.3-1
24.11.3-2

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Database specific

source

"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2025-23259.json"

Debian:12 / dpdk

Package

Name
dpdk
Purl
pkg:deb/debian/dpdk?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

22.*

22.11.1-2
22.11.2-1
22.11.2-2~deb12u1
22.11.2-2
22.11.2-3
22.11.3-1~deb12u1
22.11.3-1
22.11.3-2
22.11.4-1~deb12u1
22.11.5-1~deb12u1
22.11.6-1~deb12u1
22.11.7-1~deb12u1
22.11.8-1~deb12u1
22.11.9-1~deb12u1

23.*

23.11-1~exp1
23.11-1
23.11.1-1
23.11.1-2
23.11.2-1
23.11.2-1+exp1
23.11.2-1+exp2
23.11.2-1+exp3
23.11.2-1+exp4
23.11.2-2
23.11.2-3

24.*

24.11~rc2-1
24.11~rc2-2
24.11~rc3-1
24.11~rc4-1
24.11-1
24.11-2
24.11.1-1
24.11.2-1
24.11.2-2
24.11.3-1~deb13u1
24.11.3-1
24.11.3-2

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Database specific

source

"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2025-23259.json"

Debian:13 / dpdk

Package

Name
dpdk
Purl
pkg:deb/debian/dpdk?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
24.11.3-1~deb13u1

Affected versions

24.*

24.11.2-2

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Database specific

source

"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2025-23259.json"

Debian:14 / dpdk

Package

Name
dpdk
Purl
pkg:deb/debian/dpdk?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
24.11.3-1

Affected versions

24.*

24.11.2-2
24.11.3-1~deb13u1

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Database specific

source

"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2025-23259.json"