CVE-2023-25519
published 2023-09-12CVE-2023-25519: NVIDIA ConnectX Host Firmware for the BlueField Data Processing Unit contains a vulnerability where a restricted host may cause an incorrect user management…
high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
NVIDIA ConnectX Host Firmware for the BlueField Data Processing Unit contains a vulnerability where a restricted host may cause an incorrect user management error. A successful exploit of this vulnerability may lead to escalation of privileges.
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| nvidia | bluefield_1 | — | — |
| nvidia | bluefield_1_firmware | >= 18.24.1000 | — |
| nvidia | bluefield_2_ga | — | — |
| nvidia | bluefield_2_ga_firmware | < 24.38.1002 | 24.38.1002 |
| nvidia | bluefield_2_lts | — | — |
| nvidia | bluefield_2_lts_firmware | < 24.35.3006 | 24.35.3006 |
| nvidia | bluefield_3_ga | — | — |
| nvidia | bluefield_3_ga_firmware | < 32.38.1002 | 32.38.1002 |