NVIDIA DGX H100 BMC and DGX A100 BMC contains a vulnerability in the host KVM daemon, where an unauthenticated attacker may cause a leak of another user’s session token by observing timing discrepancies between server responses. A successful exploit of this vulnerability may lead to information disclosure, escalation of privileges, and data tampering.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: nvidia

Published: 2023-09-20T00:08:17.345Z

Updated: 2024-08-02T11:25:19.194Z

Reserved: 2023-02-07T02:57:25.083Z

Link: CVE-2023-25529

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2023-09-20T01:15:53.497

Modified: 2024-11-21T07:49:40.570

Link: CVE-2023-25529

cve-icon Redhat

No data.