Nvidia Bluefield Lts22 vulnerabilities

CVE-2025-23299 [MEDIUM] CWE-787 CVE-2025-23299: NVIDIA Bluefield and ConnectX contain a vulnerability in the management interface that could allow a NVIDIA Bluefield and ConnectX contain a vulnerability in the management interface that could allow a malicious actor with high privilege access to execute arbitrary code.

CVE-2025-23256 [HIGH] CWE-863 CVE-2025-23256: NVIDIA BlueField contains a vulnerability in the management interface, where an attacker with local NVIDIA BlueField contains a vulnerability in the management interface, where an attacker with local access could cause incorrect authorization to modify the configuration. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, and data tampering.

CVE-2024-0106 [HIGH] CWE-274 CVE-2024-0106: NVIDIA ConnectX Host Firmware for the BlueField Data Processing Unit (DPU) contains a vulnerability NVIDIA ConnectX Host Firmware for the BlueField Data Processing Unit (DPU) contains a vulnerability where an attacker may cause an improper handling of insufficient privileges issue. A successful exploit of this vulnerability may lead to denial of service, data tampering, and limited information disclosure.

CVE-2024-0105 [HIGH] CWE-274 CVE-2024-0105: NVIDIA ConnectX Firmware contains a vulnerability where an attacker may cause an improper handling o NVIDIA ConnectX Firmware contains a vulnerability where an attacker may cause an improper handling of insufficient privileges issue. A successful exploit of this vulnerability may lead to denial of service, data tampering, and limited information disclosure.