DGX Station A100 System Firmware Changes

This chapter contains the list of changes for the following DGX Station A100 firmware components.

DGX Station A100 BMC Changes

This is a list of the changes to the BMC for DGX Station A100.

Changes in 2.09.00

  • This update removes the pump (fan 6) speed control from the BMC and locks the pump pulse-width modulation (PWM) to 40 percent.

  • The BMC update includes software security enhancements. Refer to NVIDIA Security Bulletin DGX for details.

  • The following table lists potential security vulnerabilities that have been reported by AMI or third-party vendors. They are addressed in DGX Station A100 BMC version 2.09.00.

    • Affected BMC versions: All BMC versions prior to 2.09.00

    • Updated BMC version: 2.09.00

    • Firmware container version: 24.1.1

    CVE IDs Addressed

    Vendor (per NVD)
    CVE-2022-26872
    CVE-2022-40258
    CVE-2023-28863
    CVE-2023-34472
    CVE-2023-34329
    CVE-2023-34471
    CVE-2023-34473
    CVE-2023-34337

    AMI
    CVE-2023-25191
    CVE-2023-25192
    CVE-2023-28863

    MITRE
    CVE-2021-46279
    CVE-2021-4228

    Nozomi Networks Inc.

Changes in 2.01.01

  • The BMC update includes a change that prevents the BMC from controlling the coolant pump, also referred to as fan 6. The pump pulse-width modulation (PWM) is set to 40%. This change prevents the pump from failing due to cycling between low speed and high speed.

Changes in 2.01.00

DGX Station A100 SBIOS Changes

This is a list of the changes to the SBIOS for DGX Station A100.

Changes in 10.20

  • The SBIOS update includes software security enhancements. Refer to NVIDIA Security Bulletin DGX for details.

  • The following table lists potential security vulnerabilities that have been reported by AMI or AMD. They are addressed in DGX A100 Station SBIOS version 10.20.

    • Affected SBIOS versions: All SBIOS versions prior to 10.20

    • Updated SBIOS version: 10.20

    • Firmware container version: 24.1.1

    CVE IDs Addressed

    Vendor (per NVD)
    CVE-2021-26316
    CVE-2021-39298
    CVE-2021-26402
    CVE-2022-23813
    CVE-2022-23814
    CVE-2021-26328
    CVE-2020-10713
    CVE-2020-34302
    CVE-2020-34303
    CVE-2017-5715
    CVE-2021-38578
    CVE-2021-30004
    CVE-2023-28005
    CVE-2021-33164
    CVE-2014-4860
    CVE-2014-4859
    CVE-2021-38575
    CVE-2019-14586
    CVE-2019-14559
    CVE-2019-14584
    CVE-2019-14563
    CVE-2019-14553
    CVE-2019-14587
    CVE-2021-38576

    AMI
    CVE-2020-12954
    CVE-2020-12961
    CVE-2021-26331
    CVE-2021-46771
    CVE-2021-26335
    CVE-2021-26315
    CVE-2020-12946
    CVE-2021-26353
    CVE-2021-26352
    CVE-2021-26351
    CVE-2021-26337
    CVE-2021-26338
    CVE-2020-12951
    CVE-2021-26390
    CVE-2021-26370
    CVE-2020-12944
    CVE-2021-26332
    CVE-2020-12988
    CVE-2021-26329
    CVE-2021-26330
    CVE-2021-26321
    CVE-2021-26323
    CVE-2021-26324
    CVE-2021-26325
    CVE-2021-26326
    CVE-2021-26322
    CVE-2021-26327
    CVE-2021-26312
    CVE-2021-26408

    AMD

Changes in 10.16

  • Fixed the issue where the ECC Leaky Bucket Threshold help string mentions that the range is 0 to 255, but the default value of this option is actually 1000.