Out-of-Bounds Write Vulnerability in NVIDIA nvJPEG2000 Library
CVE-2024-0142

6.8MEDIUM

Key Information:

Vendor: Nvidia
Status: Nvjpeg2000
Vendor: CVE Published:; 12 February 2025

Summary

The NVIDIA nvJPEG2000 library has a security flaw that allows an attacker to perform an out-of-bounds write operation via a specially crafted JPEG2000 file. If successfully exploited, this vulnerability may enable attackers to execute arbitrary code and manipulate data, potentially compromising the integrity and security of the system.

Affected Version(s)

nvJPEG2000 Linux x86_64 0.8.0

References

https://nvidia.custhelp.com/app/answers/detail/a_id/5596

CVSS V3.1

Score:

6.8

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Feb 12, 2025
Vulnerability Reserved
Dec 2, 2023