CVE-2023-31024

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Jan 12, 2024

Updated: Jan 18, 2024

CWE ID 121

CWE ID 787

Summary

CVE-2023-31024 is a newly disclosed vulnerability impacting the Baseboard Management Controller (BMC) of NVIDIA's DGX A100 system. The root cause lies within the host KVM daemon, which is susceptible to stack memory corruption upon receipt of a crafted network packet. This issue poses significant risks, as an unauthenticated attacker may exploit it to execute arbitrary code, cause a denial of service, disclose sensitive information, or tamper with data.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

NVIDIA

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/uG2Qjn
https://www.cve.org/CVERecord?id=CVE-2023-31024
https://nvd.nist.gov/vuln/detail/CVE-2023-31024

Back to Vulnerability Database

CVE-2023-31024

CVSS 3.1 Score 9.8 of 10 (high)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations