Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
NVIDIA DCGM, all versions prior to 2.2.9, contains a vulnerability in the DIAG module where any user can inject shared libraries into the DCGM server, which is usually running as root, which may lead to privilege escalation, total loss of confidentiality and integrity, and complete denial of service.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
N/A
Vulnerability Title
Nvidia DCGM 代码注入漏洞
Vulnerability Description
Nvidia DCGM是美国英伟达(Nvidia)公司的一套工具,用于在集群环境中管理和监控 NVIDIA 数据中心 GPU。 NVIDIA DCGM 在 DIAG 模块中存在代码注入漏洞,该漏洞源于任何用户都可以将共享库注入 DCGM 服务器,而该服务器通常以 root 身份运行。这可能导致权限提升、机密性和完整性完全丧失以及完全拒绝服务。
CVSS Information
N/A
Vulnerability Type
N/A