PT-2023-16084 · Nvidia · Nvidia Connectx6-Dx+2
Alvin R. Lebeck
+8
·
Publicado
2023-04-22
·
Atualizado
2023-05-02
·
CVE-2023-0205
CVSS v3.1
7.7
Alta
| Vetor | AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
NVIDIA ConnectX-5 (affected versions not specified)
NVIDIA ConnectX-6 (affected versions not specified)
NVIDIA ConnectX6-DX (affected versions not specified)
Description
The issue is related to insufficient granularity of access control in the NIC firmware, which can be exploited by an unprivileged user to potentially cause a denial of service.
Recommendations
For NVIDIA ConnectX-5, update to a version that addresses the insufficient access control granularity issue.
For NVIDIA ConnectX-6, update to a version that addresses the insufficient access control granularity issue.
For NVIDIA ConnectX6-DX, update to a version that addresses the insufficient access control granularity issue.
As a temporary workaround, consider restricting access to the NIC firmware to minimize the risk of exploitation.
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Nvidia Connectx-5
Nvidia Connectx-6
Nvidia Connectx6-Dx