156 matches found
CVE-2022-42281
NVIDIA DGX A100 contains a vulnerability in SBIOS in the FsRecovery, which may allow a highly privileged local attacker to cause an out-of-bounds write, which may lead to code execution, denial of service, compromised integrity, and information disclosure...
CVE-2022-42285
DGX A100 SBIOS contains a vulnerability in the Pre-EFI Initialization PEIphase, where a privileged user can disable SPI flash protection, which may lead to denial of service, escalation of privileges, or data tampering...
CVE-2022-42277
NVIDIA DGX Station contains a vulnerability in SBIOS in the SmiFlash, where a local user with elevated privileges can read, write and erase flash, which may lead to code execution, escalation of privileges, denial of service, and information disclosure. The scope of impact can extend to other...
CVE-2022-42276
NVIDIA DGX A100 contains a vulnerability in SBIOS in the SmiFlash, where a local user with elevated privileges can read, write and erase flash, which may lead to code execution, escalation of privileges, denial of service, and information disclosure. The scope of impact can extend to other...
Design/Logic Flaw
NVIDIA DGX Station contains a vulnerability in SBIOS in the SmiFlash, where a local user with elevated privileges can read, write and erase flash, which may lead to code execution, escalation of privileges, denial of service, and information disclosure. The scope of impact can extend to other...
Design/Logic Flaw
NVIDIA DGX A100 contains a vulnerability in SBIOS in the SmiFlash, where a local user with elevated privileges can read, write and erase flash, which may lead to code execution, escalation of privileges, denial of service, and information disclosure. The scope of impact can extend to other...
Design/Logic Flaw
DGX A100 SBIOS contains a vulnerability in the Pre-EFI Initialization PEIphase, where a privileged user can disable SPI flash protection, which may lead to denial of service, escalation of privileges, or data tampering...
Information disclosure
NVIDIA DGX A100 contains a vulnerability in SBIOS in the FsRecovery, which may allow a highly privileged local attacker to cause an out-of-bounds write, which may lead to code execution, denial of service, compromised integrity, and information disclosure...
CVE-2022-42286
DGX A100 SBIOS contains a vulnerability in Bds, which may lead to code execution, denial of service, or escalation of privileges...
CVE-2022-42286
DGX A100 SBIOS contains a vulnerability in Bds, which may lead to code execution, denial of service, or escalation of privileges...
CVE-2022-42286
CVE-2022-42286 is an NVIDIA DGX A100 SBIOS vulnerability in the Bds component that can lead to code execution, denial of service, or privilege escalation. The issue affects the DGX A100 SBIOS (Bds) and is addressed by firmware updates. NVIDIA’s bulletin lists SBIOS firmware version 1.18 as the fi...
CVE-2022-42285
DGX A100 SBIOS contains a vulnerability in the Pre-EFI Initialization PEIphase, where a privileged user can disable SPI flash protection, which may lead to denial of service, escalation of privileges, or data tampering...
CVE-2022-42285
DGX A100 SBIOS contains a vulnerability in the Pre-EFI Initialization PEIphase, where a privileged user can disable SPI flash protection, which may lead to denial of service, escalation of privileges, or data tampering...
CVE-2022-42285
CVE-2022-42285 affects NVIDIA DGX A100 SBIOS in the Pre-EFI Initialization (PEI) phase, where a privileged local user can disable SPI flash protection, enabling denial of service, privilege escalation, or data tampering. NVIDIA’s security bulletin and firmware update table indicate mitigations: D...
CVE-2022-42281
NVIDIA DGX A100 contains a vulnerability in SBIOS in the FsRecovery, which may allow a highly privileged local attacker to cause an out-of-bounds write, which may lead to code execution, denial of service, compromised integrity, and information disclosure...
CVE-2022-42281
The CVE-2022-42281 entry involves the NVIDIA DGX A100 SBIOS FsRecovery vulnerability. A highly privileged local attacker could trigger an out-of-bounds write in SBIOS FsRecovery, potentially enabling code execution, DoS, integrity compromise, or information disclosure. NVIDIA’s security bulletin ...
CVE-2022-42277
NVIDIA DGX Station contains a vulnerability in SBIOS in the SmiFlash, where a local user with elevated privileges can read, write and erase flash, which may lead to code execution, escalation of privileges, denial of service, and information disclosure. The scope of impact can extend to other...
CVE-2022-42277
The CVE-2022-42277 entry affects NVIDIA DGX Station. A vulnerability in SBIOS (SmiFlash) permits a local, highly privileged user to read, write, and erase the flash, with potential for code execution, privilege escalation, denial of service, and information disclosure; impact could extend to othe...
CVE-2022-42276
The CVE-2022-42276 entry concerns NVIDIA DGX A100 SBIOS in the SmiFlash. A local, highly privileged user can read, write, and erase the SPI flash, potentially enabling code execution, privilege escalation, denial of service, or information disclosure with possible impact to other components. NVID...
CVE-2022-42276
NVIDIA DGX A100 contains a vulnerability in SBIOS in the SmiFlash, where a local user with elevated privileges can read, write and erase flash, which may lead to code execution, escalation of privileges, denial of service, and information disclosure. The scope of impact can extend to other...