CVE-2024-0141

Summary

NVIDIA Hopper HGX for 8-GPU contains a vulnerability in the GPU vBIOS that may allow a malicious actor with tenant level GPU access to write to an unsupported registry causing a bad state. A successful exploit of this vulnerability may lead to denial of service.

Affected Software

VendorProductVersion RangeStatus
NVIDIANVIDIA Hopper HGX 8-GPUHGX-22.10-1-rc67 (1.5.0)affected
NVIDIANVIDIA Hopper HGX 8-GPUHGX-22.10-1-rc63 (1.4.0)affected
NVIDIANVIDIA Hopper HGX 8-GPUHGX-22.10-1-rc59 (1.3.2)affected
NVIDIANVIDIA Hopper HGX 8-GPUHGX-22.10-1-rc57 (1.3.0/1.3.1)affected

Weaknesses

  • CWE-782: CWE-782

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References