Triton Inference Server
CVE-2024-0088
HIGH
Severity by source
AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
Lifecycle Timeline
1DescriptionNVD
NVIDIA Triton Inference Server for Linux contains a vulnerability in shared memory APIs, where a user can cause an improper memory access issue by a network API. A successful exploit of this vulnerability might lead to denial of service and data tampering.
AnalysisAI
NVIDIA Triton Inference Server for Linux contains a vulnerability in shared memory APIs, where a user can cause an improper memory access issue by a network API. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified as Buffer Overflow (CWE-119), which allows attackers to corrupt memory to execute arbitrary code or crash the application. NVIDIA Triton Inference Server for Linux contains a vulnerability in shared memory APIs, where a user can cause an improper memory access issue by a network API. A successful exploit of this vulnerability might lead to denial of service and data tampering. Affected products include: Nvidia Triton Inference Server.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Use memory-safe languages or bounds-checking. Enable ASLR, DEP/NX, stack canaries. Use safe string functions.
More in Triton Inference Server
View allNVIDIA Triton Inference Server for Linux contains a vulnerability where a user can set the logging location to an arbitr
NVIDIA Triton Inference Server for Linux contains a vulnerability in the tracing API, where a user can corrupt system fi
Denial of service in NVIDIA Triton Inference Server for Linux allows remote unauthenticated attackers to exhaust server
Denial of service in NVIDIA Triton Inference Server for Linux (versions through 26.03) allows a remote attacker to crash
Denial of service in NVIDIA Triton Inference Server for Linux stems from a stack-based buffer overflow (CWE-121) reachab
Denial of service in NVIDIA Triton Inference Server for Linux allows a remote, unauthenticated attacker to disrupt avail
Denial of service in NVIDIA Triton Inference Server on Linux allows remote unauthenticated attackers to exhaust host mem
Denial of service in NVIDIA Triton Inference Server on Linux allows remote unauthenticated attackers to crash the servic
Denial of service in NVIDIA Triton Inference Server for Linux lets remote unauthenticated attackers exhaust server resou
NVIDIA Triton Inference Server for Linux and Windows contains a vulnerability where, when it is launched with the non-de
NVIDIA Triton Server for Linux contains a vulnerability where an attacker may cause an improper validation of specified
NVIDIA Triton Inference Server contains a vulnerability where an attacker may cause an improper check for unusual or exc
Same weakness CWE-119 – Buffer Overflow
View allSame technique Buffer Overflow
View allShare
External POC / Exploit Code
Leaving vuln.today