Security Bulletin: NVIDIA DGX-1 - April 2023

Search CVEs in bulletin 2023/5458 by description or CWE

Back to Year | Home
Year: 2023 | Bulletin: 5458
Title: Security Bulletin: NVIDIA DGX-1 - April 2023
Updated: 2023-07-14T00:00:00Z
CVEs: 2
Search by CVE count, CVE description, or CWE.
Matching CVEs: 2
No matching CVEs found.
DateScopeCVE / Details
2023-07-14
2023 10 bulletins
5458 2 CVEs
CVE-2023-25506
CWE-788
NVIDIA DGX-1 contains a vulnerability in Ofbd in AMI SBIOS, where a preconditioned heap can allow a user with elevated privileges to cause an access beyond the end of a buffer, which may lead to code execution, escalation of privileges, denial of service and information disclosure. The scope of the impact of this vulnerability can extend to other components.
Security Bulletin: NVIDIA DGX-1 - April 2023
NVIDIA has released a security update for NVIDIA DGX-1 firmware. This update addresses an issue that may lead to arbitrary code execution, denial of service, escalation of privileges, information disclosure, data tampering, and SecureBoot bypass.<div>To protect your system, download and install this firmware update through the <a href="https://nvid.nvidia.com/dashboard/">NVIDIA Enterprise Support Portal</a>.</div>
2023-07-14
2023 10 bulletins
5458 2 CVEs
CVE-2023-25505
CWE-120
NVIDIA DGX-1 BMC contains a vulnerability in the IPMI handler of the AMI MegaRAC BMC, where an attacker with the appropriate level of authorization can cause a buffer overflow, which may lead to denial of service, information disclosure, or arbitrary code execution.
Security Bulletin: NVIDIA DGX-1 - April 2023
NVIDIA has released a security update for NVIDIA DGX-1 firmware. This update addresses an issue that may lead to arbitrary code execution, denial of service, escalation of privileges, information disclosure, data tampering, and SecureBoot bypass.<div>To protect your system, download and install this firmware update through the <a href="https://nvid.nvidia.com/dashboard/">NVIDIA Enterprise Support Portal</a>.</div>