NVIDIA SNAP-4 Container VIRTIO-BLK Out-of-Range Pointer Vulnerability
CVE-2025-33215 Published on March 24, 2026

NVIDIA SNAP-4 Container contains a vulnerability in the VIRTIO-BLK component where a malicious guest VM may cause use of out-of-range pointer offset by sending crafted messages. A successful exploit of this vulnerability may lead to a denial of service of the DPA and impact the availability of storage to other VMs.

NVD

Vulnerability Analysis

Attack Vector:

ADJACENT_NETWORK

Attack Complexity:

LOW

Privileges Required:

LOW

User Interaction:

NONE

Scope:

CHANGED

Confidentiality Impact:

NONE

Integrity Impact:

NONE

Availability Impact:

HIGH

Weakness Type

What is an Untrusted pointer offset Vulnerability?

The program performs pointer arithmetic on a valid pointer, but it uses an offset that can point outside of the intended range of valid memory locations for the resulting pointer.

CVE-2025-33215 has been classified to as an Untrusted pointer offset vulnerability or weakness.

Affected Versions

NVIDIA SNAP-4 Container Version All versions prior to SNAP-4.9.1 and SNAP-4.5.5 is affected by CVE-2025-33215

Exploit Probability

EPSS

0.01%

Percentile

0.23%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

NVIDIA SNAP-4 Container VIRTIO-BLK Out-of-Range Pointer VulnerabilityCVE-2025-33215 Published on March 24, 2026

Vulnerability Analysis

Weakness Type

What is an Untrusted pointer offset Vulnerability?

Affected Versions

Exploit Probability

NVIDIA SNAP-4 Container VIRTIO-BLK Out-of-Range Pointer Vulnerability
CVE-2025-33215 Published on March 24, 2026