Denial of Service Vulnerability in NVIDIA High-Speed NIC Firmware
CVE-2023-0204

6.5MEDIUM

Key Information:

Vendor: Nvidia
Status: Nvidia Connectx Firmware
Vendor: CVE Published:; 22 April 2023

Summary

The NVIDIA ConnectX-5, ConnectX-6, and ConnectX-6 DX NIC firmware is susceptible to a vulnerability that allows an unprivileged user to improperly manage exceptional conditions. This mismanagement could result in the denial of service, causing disruptions in network functionality and impacting overall system performance.

Affected Version(s)

NVIDIA ConnectX Firmware All versions prior to 35.1012

References

https://nvidia.custhelp.com/app/answers/detail/a_id/5459

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published
Apr 22, 2023
Vulnerability Reserved
Jan 11, 2023