Arbitrary File Write Vulnerability in NVIDIA Triton Inference Server for Linux Could Lead to Code Execution, Denial of Service, and More
CVE-2024-0087

9CRITICAL

Key Information:

Vendor: Nvidia
Status: Nvidia Triton Inference Server
Vendor: CVE Published:; 14 May 2024

What is CVE-2024-0087?

The NVIDIA Triton Inference Server for Linux has a vulnerability that permits a user to direct log output to an arbitrary file location. This capability can lead to the unintentional overwriting of existing log files if they are present, which can result in various security risks. Subsequent exploitation may allow for unauthorized code execution, denial of service, and unauthorized access to sensitive information, increasing the opportunity for data tampering and privilege escalation. This vulnerability emphasizes the importance of careful log file management and security configurations to mitigate potential threats.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

NVIDIA Triton Inference Server 22.09 to 24.03

References

https://nvidia.custhelp.com/app/answers/detail/a_id/5535

CVSS V3.1

Score:

Severity:

CRITICAL

Confidentiality:

High

Integrity:

Low

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published
May 14, 2024
Vulnerability Reserved
Dec 2, 2023

JSON

Nvidia

What is CVE-2024-0087?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.