A huge collection of 3400+ free website templates JAR theme com WP themes and more at the biggest community-driven free web design site
Home / security-advisories / Code Execution Vulnerability on NVIDIA Triton Inference Server for Linux (CVE-2024-0087)

Code Execution Vulnerability on NVIDIA Triton Inference Server for Linux (CVE-2024-0087)

Advisory No: TZCERT/SA/2024/05/02-1

Date of First Release: 2nd May 2024

Source: NVIDIA

Software Affected: NVIDIA Triton Inference Server for Linux

Overview:

NVIDIA Triton Inference Server for Linux contains a vulnerability where a user can set the logging location to an arbitrary file that may result in compromise of confidentiality, integrity, and availability of the server.

Description:

Rated with a 9.0 score, this vulnerability is tracked as CVE-2024-0087. This vulnerability impacts NVIDIA’s Triton Inference server for Linux allowing attackers to execute code in the affected server. The vulnerability allows a user to set a logging location to an arbitrary file which can then be misused to infect the server.

Impact:

Successful exploitation of this vulnerability may allow an attacker to take control of the affected system.

Solution:

NVIDIA has released security patches for this vulnerability. Users and administrators are encouraged to apply necessary updates.

References:

  1. https://nvidia.custhelp.com/app/answers/detail/a_id/5535
  2. https://vulners.com/nvidia/NVIDIA:5535

Check Also

Remote Code Execution Vulnerabilities in IBM Operational Decision Manager, and IBM i Modernization Engine for Lifecycle Integration (CVE-2019-19919, CVE-2019-12384)

Advisory No: TZCERT/SA/2024/05/17-6 Date of First Release: 17th May 2024 Source: IBM Software Affected: IBM …