PT-2023-9633 · Nvidia · Nvidia Connectx Host Firmware

Published

2023-12-02

Updated

2024-11-04

CVE-2024-0106

CVSS v3.1

8.7

High

Vector

AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:H

Name of the Vulnerable Software and Affected Versions NVIDIA ConnectX Host Firmware for the BlueField Data Processing Unit (DPU) (affected versions not specified)

Description The issue is related to an improper handling of insufficient privileges, which may lead to denial of service, data tampering, and limited information disclosure. An attacker may exploit this to gain unauthorized access to read and modify data or cause a denial of service.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-274CWE-264

Related Identifiers

BDU:2024-08958

CVE-2024-0106

Affected Products

Nvidia Connectx Host Firmware

PT-2023-9633 · Nvidia · Nvidia Connectx Host Firmware

CVE-2024-0106

Weakness Enumeration

Related Identifiers

Affected Products

References · 14