CVE-2024-0101

Summary

NVIDIA Mellanox OS, ONYX, Skyway, MetroX-2 and MetroX-3 XC contain a vulnerability in ipfilter, where improper ipfilter definitions could enable an attacker to cause a failure by attacking the switch. A successful exploit of this vulnerability might lead to denial of service.

Affected Software

VendorProductVersion RangeStatus
NVIDIAMellanox OSAll versions prior to and including 3.11.1000affected
NVIDIAONYXAll versions prior to and including 3.10.4300affected
NVIDIASkywayAll versions prior to and including 8.2.1000affected
NVIDIASkywayAll versions prior to and including 8.1.4300affected
NVIDIAMetroX-3 XCAll versions prior to and including 18.2.1000affected
NVIDIAMetroX-2All versions prior to and including 3.11.1000affected

Weaknesses

  • CWE-693: CWE-693: Protection Mechanism Failure

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References