CVE-2023-0205

Summary

NVIDIA ConnectX-5, ConnectX-6, and ConnectX6-DX contain a vulnerability in the NIC firmware, where an unprivileged user can exploit insufficient granularity of access control, which may lead to denial of service.

Affected Software

VendorProductVersion RangeStatus
NVIDIANVIDIA ConnectX FirmwareAll versions prior to 35.1012affected

Weaknesses

  • CWE-1220: CWE-1220

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References