Out-of-Bounds Write Vulnerability in NVIDIA nvJPEG2000 Library
CVE-2024-0143

6.8MEDIUM

Key Information:

Vendor: Nvidia
Status: Nvjpeg2000
Vendor: CVE Published:; 12 February 2025

Summary

The NVIDIA nvJPEG2000 library is susceptible to an out-of-bounds write vulnerability. This issue arises when an attacker manipulates a specially crafted JPEG2000 file, potentially leading to unauthorized code execution and data manipulation. Proper validation of input data is crucial to mitigating such vulnerabilities and ensuring application security.

Affected Version(s)

nvJPEG2000 Linux x86_64 0.8.0

References

https://nvidia.custhelp.com/app/answers/detail/a_id/5596

CVSS V3.1

Score:

6.8

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Feb 12, 2025
Vulnerability Reserved
Dec 2, 2023