CVE-2024-0122: About design weakness in NVIDIA Delegated Licensing Service (21nd Nov 2024)

Preface: NVIDIA Delegated License Service (DLS) is a component of NVIDIA License System that serves licenses to licensed clients. A DLS instance is hosted on-premises at a location that is accessible from your private network, such as inside your data center.

Background: For deployment in a virtual machine, the Delegated License Server (DLS) component of the NVIDIA License System is supplied as a virtual appliance. The virtual appliance must be installed on a supported hypervisor software release.

The following hypervisor software releases are supported:

Citrix Hypervisor 8.2

Linux Kernel-based Virtual Machine (KVM) hypervisors with one of the following QEMU releases:

QEMU 4.2.0

QEMU 2.12.0 (qemu-kvm-2.12.0-64.el8.2.27782638)

Microsoft Windows Server with Hyper-V 2019 Datacenter edition

Red Hat Enterprise Linux Kernel-based Virtual Machine (KVM) 9.2, 9.1, 9.0, and 8.8

Red Hat Virtualization 4.3

Ubuntu Hypervisor 22.04

VMware vSphere Hypervisor (ESXi) ) 8.0.3, 8.0.2, 8.0.1, 8.0, 7.0.3, 7.0.2, and 7.0.1

Supported Container Orchestration Platforms

For deployment on a supported container orchestration platform, the Delegated License Server (DLS) component of the NVIDIA License System is supplied as a containerized software image.

The following container orchestration platform releases are supported:

Docker 27.1.1 with Docker Compose 2.29.1

Kubernetes 1.23.8

Red Hat OpenShift Container Platform 4.10.67 with Kubernetes 1.23.17

Podman 4.4.2 with Podman Compose 1.0.7

VMware Tanzu Application Platform 1.1 with Kubernetes 1.23.6

Vulnerability details: CVE-2024-0122 – NVIDIA Delegated Licensing Service for all appliance platforms contains a vulnerability where an attacker may cause an unauthorized action. A successful exploit of this vulnerability may lead to partial denial of service and confidential information disclosure.

Official announcement: Please refer to the link for details

https://nvidia.custhelp.com/app/answers/detail/a_id/5570

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.