Buffer Overflow Vulnerability in NVIDIA nvJPEG2000 Library
CVE-2024-0144

6.8MEDIUM

Key Information:

Vendor: Nvidia
Status: Nvjpeg2000
Vendor: CVE Published:; 12 February 2025

Summary

The NVIDIA nvJPEG2000 library is susceptible to a buffer overflow vulnerability that can be triggered by specially crafted JPEG2000 files. Malicious actors can exploit this flaw to perform unauthorized data manipulation, potentially leading to further security issues. It is crucial for users reliant on NVIDIA products to ensure that they are using updated versions to mitigate risks associated with this vulnerability.

Affected Version(s)

nvJPEG2000 Linux x86_64 0.8.0

References

https://nvidia.custhelp.com/app/answers/detail/a_id/5596

CVSS V3.1

Score:

6.8

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Feb 12, 2025
Vulnerability Reserved
Dec 2, 2023