Skip to main content

Triton Inference Server CVE-2024-0088

HIGH
Buffer Overflow (CWE-119)
2024-05-14 psirt@nvidia.com
8.1
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
8.1 HIGH
AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
High
Availability
High

Lifecycle Timeline

1
CVE Published
May 14, 2024 - 14:39 nvd
HIGH 8.1

DescriptionNVD

NVIDIA Triton Inference Server for Linux contains a vulnerability in shared memory APIs, where a user can cause an improper memory access issue by a network API. A successful exploit of this vulnerability might lead to denial of service and data tampering.

AnalysisAI

NVIDIA Triton Inference Server for Linux contains a vulnerability in shared memory APIs, where a user can cause an improper memory access issue by a network API. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified as Buffer Overflow (CWE-119), which allows attackers to corrupt memory to execute arbitrary code or crash the application. NVIDIA Triton Inference Server for Linux contains a vulnerability in shared memory APIs, where a user can cause an improper memory access issue by a network API. A successful exploit of this vulnerability might lead to denial of service and data tampering. Affected products include: Nvidia Triton Inference Server.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Use memory-safe languages or bounds-checking. Enable ASLR, DEP/NX, stack canaries. Use safe string functions.

CVE-2024-0087 HIGH
8.8 May 14

NVIDIA Triton Inference Server for Linux contains a vulnerability where a user can set the logging location to an arbitr

CVE-2024-0100 HIGH
8.1 May 14

NVIDIA Triton Inference Server for Linux contains a vulnerability in the tracing API, where a user can corrupt system fi

CVE-2026-24264 HIGH
7.5 Jul 01

Denial of service in NVIDIA Triton Inference Server for Linux allows remote unauthenticated attackers to exhaust server

CVE-2026-24266 HIGH
7.5 Jul 01

Denial of service in NVIDIA Triton Inference Server for Linux (versions through 26.03) allows a remote attacker to crash

CVE-2026-47477 HIGH
7.5 Jul 14

Denial of service in NVIDIA Triton Inference Server for Linux stems from a stack-based buffer overflow (CWE-121) reachab

CVE-2026-47478 HIGH
7.5 Jul 14

Denial of service in NVIDIA Triton Inference Server for Linux allows a remote, unauthenticated attacker to disrupt avail

CVE-2026-47482 HIGH
7.5 Jul 14

Denial of service in NVIDIA Triton Inference Server on Linux allows remote unauthenticated attackers to exhaust host mem

CVE-2026-47480 HIGH
7.5 Jul 14

Denial of service in NVIDIA Triton Inference Server on Linux allows remote unauthenticated attackers to crash the servic

CVE-2026-47479 HIGH
7.5 Jul 14

Denial of service in NVIDIA Triton Inference Server for Linux lets remote unauthenticated attackers exhaust server resou

CVE-2023-31036 HIGH POC
7.5 Jan 12

NVIDIA Triton Inference Server for Linux and Windows contains a vulnerability where, when it is launched with the non-de

CVE-2025-33211 HIGH
7.5 Dec 03

NVIDIA Triton Server for Linux contains a vulnerability where an attacker may cause an improper validation of specified

CVE-2025-33201 HIGH
7.5 Dec 03

NVIDIA Triton Inference Server contains a vulnerability where an attacker may cause an improper check for unusual or exc

Share

CVE-2024-0088 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy