Denial of Service Vulnerability in NVIDIA Cumulus Linux
CVE-2023-25526

6.5MEDIUM

Key Information:

Vendor: Nvidia
Status: Cumulus Linux
Vendor: CVE Published:; 20 September 2023

Summary

NVIDIA Cumulus Linux is susceptible to a denial of service vulnerability due to issues in the neighmgrd and nlmanager components. An attacker within the same local network can exploit this flaw by sending a specially crafted packet, which may lead to an uncaught exception. If successful, the exploitation of this vulnerability could disrupt network services and impact the availability of affected systems.

Affected Version(s)

Cumulus Linux All versions prior to 5.5.0

References

https://nvidia.custhelp.com/app/answers/detail/a_id/5480

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Sep 20, 2023
Vulnerability Reserved
Feb 7, 2023