PT-2023-9633 · Nvidia · Nvidia Connectx Host Firmware

Publicado

2023-12-02

Atualizado

2024-11-04

CVE-2024-0106

CVSS v3.1

8.7

Alta

Vetor

AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:H

Name of the Vulnerable Software and Affected Versions NVIDIA ConnectX Host Firmware for the BlueField Data Processing Unit (DPU) (affected versions not specified)

Description The issue is related to an improper handling of insufficient privileges, which may lead to denial of service, data tampering, and limited information disclosure. An attacker may exploit this to gain unauthorized access to read and modify data or cause a denial of service.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-274CWE-264

Identificadores relacionados

BDU:2024-08958

CVE-2024-0106

Produtos afetados

Nvidia Connectx Host Firmware

PT-2023-9633 · Nvidia · Nvidia Connectx Host Firmware

CVE-2024-0106

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 14