exploitDog

GHSA-fr4g-6wp8-4cr3

Опубликовано: 05 июл. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 6.4

Описание

NVIDIA DGX A100 contains a vulnerability in SBIOS in the IpSecDxe, where a user with elevated privileges and a preconditioned heap can exploit an out-of-bounds write vulnerability, which may lead to code execution, denial of service, data integrity impact, and information disclosure.

NVIDIA DGX A100 contains a vulnerability in SBIOS in the IpSecDxe, where a user with elevated privileges and a preconditioned heap can exploit an out-of-bounds write vulnerability, which may lead to code execution, denial of service, data integrity impact, and information disclosure.

Ссылки

EPSS

Процентиль: 14%

0.00047

Низкий

6.4 Medium

CVSS3

CVE ID

Дефекты

CWE-787

Связанные уязвимости

CVE-2022-31602

CVSS3: 6.4

nvd

больше 3 лет назад

NVIDIA DGX A100 contains a vulnerability in SBIOS in the IpSecDxe, where a user with elevated privileges and a preconditioned heap can exploit an out-of-bounds write vulnerability, which may lead to code execution, denial of service, data integrity impact, and information disclosure.

BDU:2022-05381

CVSS3: 6.4

fstec

больше 3 лет назад

Уязвимость компонента SBIOS в IpSecDxe сервера NVIDIA DGX A100, позволяющая нарушителю выполнить произвольный код, вызвать отказ в обслуживании или оказать воздействие на целостность защищаемой информации

EPSS

Процентиль: 14%

0.00047

Низкий

6.4 Medium

CVSS3

CVE ID

Дефекты

CWE-787