NVIDIA DGX A100 contains a vulnerability in SBIOS in the IpSecDxe, where a user with high privileges and preconditioned IpSecDxe global data can exploit improper validation of an array index to cause code execution, which may lead to denial of service, data integrity impact, and information disclosure.
References
Link | Resource |
---|---|
https://nvidia.custhelp.com/app/answers/detail/a_id/5367 | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
No history.
Information
Published : 2022-07-04 18:15
Updated : 2024-02-28 19:29
NVD link : CVE-2022-31603
Mitre link : CVE-2022-31603
CVE.ORG link : CVE-2022-31603
JSON object : View
Products Affected
nvidia
- dgx_a100_firmware
- dgx_a100
CWE
CWE-129
Improper Validation of Array Index