CVE-2023-31029 - OpenCVE

NVIDIA DGX A100 baseboard management controller (BMC) contains a vulnerability in the host KVM daemon, where an unauthenticated attacker may cause a stack overflow by sending a specially crafted network packet. A successful exploit of this vulnerability may lead to arbitrary code execution, denial of service, information disclosure, and data tampering.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Nvidia	Dgx A100 Dgx A100 Firmware

Configuration 1 [-]

AND

cpe:2.3:o:nvidia:dgx_a100_firmware:*:*:*:*:bmc:*:*:*

cpe:2.3:h:nvidia:dgx_a100:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://nvidia.custhelp.com/app/answers/detail/a_id/5510

History

No history.

MITRE

Status: PUBLISHED

Assigner: nvidia

Published: 2024-01-12T18:31:32.801Z

Updated: 2024-08-02T14:45:25.582Z

Reserved: 2023-04-22T02:38:33.413Z

Link: CVE-2023-31029

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2024-01-12T19:15:09.847

Modified: 2024-01-18T20:50:53.507

Link: CVE-2023-31029

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-31029", "assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6", "state": "PUBLISHED", "assignerShortName": "nvidia", "dateReserved": "2023-04-22T02:38:33.413Z", "datePublished": "2024-01-12T18:31:32.801Z", "dateUpdated": "2024-08-02T14:45:25.582Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "DGX A100", "vendor": "nvidia", "versions": [{"status": "affected", "version": "All BMC versions prior to 00.22.05"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": true, "type": "text/html", "value": "NVIDIA DGX A100 baseboard management controller (BMC) contains a vulnerability in the host KVM daemon, where an unauthenticated attacker may cause a stack overflow by sending a specially crafted network packet. A successful exploit of this vulnerability may lead to arbitrary code execution, denial of service, information disclosure, and data tampering."}], "value": "NVIDIA DGX A100 baseboard management controller (BMC) contains a vulnerability in the host KVM daemon, where an unauthenticated attacker may cause a stack overflow by sending a specially crafted network packet. A successful exploit of this vulnerability may lead to arbitrary code execution, denial of service, information disclosure, and data tampering."}], "impacts": [{"descriptions": [{"lang": "en", "value": "Code execution, denial of service, information disclosure and data tampering"}]}], "metrics": [{"cvssV3_1": {"baseScore": 9.3, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-121", "description": "CWE-121", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6", "shortName": "nvidia", "dateUpdated": "2024-01-12T18:31:32.801Z"}, "references": [{"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5510"}], "source": {"discovery": "UNKNOWN"}, "title": "CVE"}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T14:45:25.582Z"}, "title": "CVE Program Container", "references": [{"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5510", "tags": ["x_transferred"]}]}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:nvidia:dgx_a100_firmware:*:*:*:*:bmc:*:*:*", "matchCriteriaId": "866DDFEC-0CB8-4152-B36E-A358497AA4D0", "versionEndExcluding": "00.22.05", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:nvidia:dgx_a100:-:*:*:*:*:*:*:*", "matchCriteriaId": "8807CB65-5F49-42E8-B5D8-36943418ADB9", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "NVIDIA DGX A100 baseboard management controller (BMC) contains a vulnerability in the host KVM daemon, where an unauthenticated attacker may cause a stack overflow by sending a specially crafted network packet. A successful exploit of this vulnerability may lead to arbitrary code execution, denial of service, information disclosure, and data tampering."}, {"lang": "es", "value": "El controlador de administraci\u00f3n de placa base (BMC) NVIDIA DGX A100 contiene una vulnerabilidad en el daemon KVM del host, donde un atacante no autenticado puede causar un desbordamiento de pila al enviar un paquete de red especialmente manipulado. Una explotaci\u00f3n exitosa de esta vulnerabilidad puede provocar la ejecuci\u00f3n de c\u00f3digo arbitrario, denegaci\u00f3n de servicio, divulgaci\u00f3n de informaci\u00f3n y manipulaci\u00f3n de datos."}], "id": "CVE-2023-31029", "lastModified": "2024-01-18T20:50:53.507", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 9.3, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.5, "impactScore": 6.0, "source": "psirt@nvidia.com", "type": "Secondary"}]}, "published": "2024-01-12T19:15:09.847", "references": [{"source": "psirt@nvidia.com", "tags": ["Vendor Advisory"], "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5510"}], "sourceIdentifier": "psirt@nvidia.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-787"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-121"}], "source": "psirt@nvidia.com", "type": "Secondary"}]}