Nvidia Dgx_a100
39 CVEs affecting Nvidia Dgx_a100. Latest disclosed: 2024-01-12. Critical: 3, High: 21.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-31030 | Critical | 9.3 | 2024-01-12 | NVIDIA DGX A100 BMC contains a vulnerability in the host KVM daemon, where an unauthenticated attacker may cause a stack overflow by sending a specially crafte… |
CVE-2023-31029 | Critical | 9.3 | 2024-01-12 | NVIDIA DGX A100 baseboard management controller (BMC) contains a vulnerability in the host KVM daemon, where an unauthenticated attacker may cause a stack over… |
CVE-2023-31024 | Critical | 9.0 | 2024-01-12 | NVIDIA DGX A100 BMC contains a vulnerability in the host KVM daemon, where an unauthenticated attacker may cause stack memory corruption by sending a specially… |
CVE-2022-42271 | High | 8.4 | 2023-01-11 | NVIDIA BMC contains a vulnerability in IPMI handler, where an authorized attacker can cause a buffer overflow and cause a denial of service or gain code execut… |
CVE-2022-31599 | High | 8.2 | 2022-07-04 | NVIDIA DGX A100 contains a vulnerability in SBIOS in the Ofbd, where a local user with elevated privileges can cause access to an uninitialized pointer, which… |
CVE-2022-28200 | High | 8.2 | 2022-07-02 | NVIDIA DGX A100 contains a vulnerability in SBIOS in the BiosCfgTool, where a local user with elevated privileges can read and write beyond intended bounds in… |
CVE-2022-42273 | High | 8.1 | 2023-01-12 | NVIDIA BMC contains a vulnerability in libwebsocket, where an authorized attacker can cause a buffer overflow and cause a denial of service or gain code execut… |
CVE-2022-42272 | High | 8.1 | 2023-01-12 | NVIDIA BMC contains a vulnerability in IPMI handler, where an authorized attacker can cause a buffer overflow, which may lead to code execution, denial of serv… |
CVE-2022-42274 | High | 7.8 | 2023-01-13 | NVIDIA BMC contains a vulnerability in IPMI handler, where an authorized attacker can cause a buffer overflow and cause a denial of service or gain code execut… |
CVE-2022-42275 | High | 7.7 | 2023-01-13 | NVIDIA BMC IPMI handler allows an unauthenticated host to write to a host SPI flash bypassing secureboot protections. This may lead to a loss of integrity and… |
CVE-2023-31035 | High | 7.5 | 2024-01-12 | NVIDIA DGX A100 SBIOS contains a vulnerability where an attacker may cause an SMI callout vulnerability that could be used to execute arbitrary code at the SMM… |
CVE-2023-31032 | High | 7.5 | 2024-01-12 | NVIDIA DGX A100 SBIOS contains a vulnerability where a user may cause a dynamic variable evaluation by local access. A successful exploit of this vulnerability… |
CVE-2023-25522 | High | 7.5 | 2023-07-04 | NVIDIA DGX A100/A800 contains a vulnerability in SBIOS where an attacker may cause improper input validation by providing configuration information in a… |
CVE-2023-25521 | High | 7.5 | 2023-07-04 | NVIDIA DGX A100/A800 contains a vulnerability in SBIOS where an attacker may cause execution with unnecessary privileges by leveraging a weakness whereby… |
CVE-2023-0206 | High | 7.5 | 2023-04-22 | NVIDIA DGX A100 SBIOS contains a vulnerability where an attacker may modify arbitrary memory of SMRAM by exploiting the NVME SMM API. A successful exploit of t… |
CVE-2023-0202 | High | 7.5 | 2023-04-22 | NVIDIA DGX A100 SBIOS contains a vulnerability where an attacker may modify arbitrary memory of SMRAM by exploiting the GenericSio and LegacySmmSredir SMM APIs… |
CVE-2022-42276 | High | 7.5 | 2023-01-13 | NVIDIA DGX A100 contains a vulnerability in SBIOS in the SmiFlash, where a local user with elevated privileges can read, write and erase flash, which may lead… |
CVE-2022-31600 | High | 7.5 | 2022-07-04 | NVIDIA DGX A100 contains a vulnerability in SBIOS in the SmmCore, where a user with high privileges can chain another vulnerability to this vulnerability, caus… |
CVE-2020-11487 | High | 7.5 | 2020-10-29 | NVIDIA DGX servers, DGX-1 with BMC firmware versions prior to 3.38.30. DGX-2 with BMC firmware versions prior to 1.06.06 and all DGX A100 Servers with all BMC… |
CVE-2022-42290 | High | 7.2 | 2023-01-13 | NVIDIA BMC contains a vulnerability in SPX REST API, where an authorized attacker can inject arbitrary shell commands, which may lead to code execution, denial… |