Lucene search
NvidiaCVELIST:CVE-2023-31031HistoryJan 12, 2024 - 6:31 p.m.
CVE-2023-31031 CVE
2024-01-1218:31:44
CWE-122
nvidia
www.cve.org
4
nvidia dgx a100
sbios
buffer overflow
code execution
denial of service
information disclosure
data tampering
CVSS3
4.2
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
AI Score
8.5
Confidence
High
EPSS
0
Percentile
5.1%
NVIDIA DGX A100 SBIOS contains a vulnerability where a user may cause a heap-based buffer overflow by local access. A successful exploit of this vulnerability may lead to code execution, denial of service, information disclosure, and data tampering.
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "DGX A100",
"vendor": "nvidia",
"versions": [
{
"status": "affected",
"version": "All SBOIS versions prior to 1.25"
}
]
}
]Related
prion
prion
Heap overflow
2024-01-12 19:15:00
cve
cve
CVE-2023-31031
2024-01-12 19:15:10
nvd
nvd
CVE-2023-31031
2024-01-12 19:15:10
nvidia
nvidia
Security Bulletin: NVIDIA DGX A100 - January 2024
2024-01-11 00:00:00
CVSS3
4.2
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
AI Score
8.5
Confidence
High
EPSS
0
Percentile
5.1%
Related for CVELIST:CVE-2023-31031