Multiple Security Vulnerabilities Found in NVIDIA DGX H100 System

In an era where Artificial Intelligence (AI) stands at the pinnacle of technological achievement, the NVIDIA DGX H100 System has rightfully earned its place as the foremost in handling AI infrastructure. Billed as the universal tool for all AI undertakings—from analytics to training and inference—this behemoth operates on the might of eight NVIDIA H100 Tensor Core GPUs.

But, every giant, however grand, has its vulnerabilities. The DGX H100 is no exception, as recent discoveries have highlighted.

A security audit has revealed multiple vulnerabilities in the system, which could be exploited by attackers to gain unauthorized access or take control of the system.

The vulnerabilities affect the baseboard management controller (BMC), which is a small computer that manages the hardware of the DGX H100 System. The BMC is accessible over the network, and the vulnerabilities allow attackers to send specially crafted packets that can cause a variety of problems, including:

1. CVE‑2023‑25528 (CVSS: 8.8) – A web server plugin flaw could cause a stack overflow, potentially leading to arbitrary code execution, data tampering, denial of service, and more.

2. CVE‑2023‑25533 & CVE‑2023‑31009 (CVSS: 8.3 for both) – The web UI and the REST service, respectively, may suffer from improper input validation. This vulnerability could result in information leaks, code execution, or even privilege escalation.

3. CVE‑2023‑25529 & CVE‑2023‑25530 (CVSS: 8.0 for both) – The host KVM daemon and the KVM service present threats where an attacker could potentially disclose data, tamper with it, or exploit it for privilege escalation.

4. CVE‑2023‑25527 (CVSS: 7.8) – A local attacker could exploit the host KVM daemon to corrupt kernel memory. The consequences? Denial of service, information disclosure, and even arbitrary kernel code execution.

5. CVE‑2023‑25531, CVE‑2023‑31008 & CVE‑2023‑25534 (CVSS scores ranging from 7.6 to 5.7) – IPMI vulnerabilities could lead to multiple security issues, from improper input validation to information leaks and potential code execution.

6. CVE‑2023‑31015, CVE‑2023‑31012 & CVE‑2023‑31013 (CVSS scores between 6.6 and 6.1) – REST service vulnerabilities present risks around improper authentication or input validation, potentially leading to information disclosure or privilege escalation.

7. CVE‑2023‑25532 -(CVSS: 6.5) – This IPMI flaw could lead exclusively to information disclosure.

8. CVE‑2023‑31011 (CVSS: 5.2) – Another REST service vulnerability threatens privilege escalation and information leaks.

All of the above issues affect versions prior to 23.08.18, with the latter version remaining unaffected.

While these vulnerabilities paint a somber picture, the NVIDIA DGX H100 remains a powerhouse in AI infrastructure. Its vulnerabilities serve as a crucial reminder that even the mightiest systems require rigorous scrutiny and continuous improvement.

If you’re running on a version predating 23.08.18, immediate action is warranted. Upgrade to version 23.08.18 to shield yourself from these vulnerabilities.