Out-of-Bounds Write Vulnerability in NVIDIA nvJPEG2000 Library
CVE-2024-0142

6.8MEDIUM

Key Information:

Vendor: Nvidia
Status: Nvjpeg2000
Vendor: CVE Published:; 12 February 2025

What is CVE-2024-0142?

The NVIDIA nvJPEG2000 library has a security flaw that allows an attacker to perform an out-of-bounds write operation via a specially crafted JPEG2000 file. If successfully exploited, this vulnerability may enable attackers to execute arbitrary code and manipulate data, potentially compromising the integrity and security of the system.

Affected Version(s)

nvJPEG2000 Linux x86_64 0.8.0

References

https://nvidia.custhelp.com/app/answers/detail/a_id/5596

CVSS V3.1

Score:

6.8

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 12, 2025
Vulnerability Reserved
Dec 2, 2023

Nvidia

What is CVE-2024-0142?

Affected Version(s)

References

CVSS V3.1

Timeline