CVE-2022-31603
6.4
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
NVIDIA DGX A100 contains a vulnerability in SBIOS in the IpSecDxe, where a user with high privileges and preconditioned IpSecDxe global data can exploit improper validation of an array index to cause code execution, which may lead to denial of service, data integrity impact, and information disclosure.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| NVIDIA | NVIDIA DGX A100 | Versions prior to 22.5.5 | affected |
Weaknesses
- CWE-129: CWE-129 Improper Validation of Array Index
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.