Tensorrt
Monthly
Code execution in NVIDIA TensorRT is possible when the SDK processes a maliciously crafted input that overflows a heap-based buffer (CWE-122), corrupting adjacent heap memory. The flaw affects the TensorRT deep-learning inference library and requires a local user to load attacker-supplied content, per the AV:L/UI:R CVSS vector; there is no public exploit identified at time of analysis and it is not listed in CISA KEV. Successful exploitation yields full loss of confidentiality, integrity, and availability (C:H/I:H/A:H) in the context of the process running the inference job.
Local code execution in NVIDIA TensorRT is possible when the library parses an attacker-supplied input (such as a crafted model/engine file), triggering a heap-based buffer overflow (CWE-122) that can corrupt memory and lead to arbitrary code execution in the context of the process using TensorRT. The CVSS 3.1 vector (AV:L/UI:R) indicates the attacker needs local access and must induce a user or application to load malicious content, and there is no public exploit identified at time of analysis. TensorRT is NVIDIA's deep-learning inference SDK, so the affected population is developers, MLOps pipelines, and inference servers that load third-party or untrusted models.
Improper array index validation (CWE-129) in NVIDIA TensorRT allows an attacker to trigger out-of-bounds memory access that may lead to arbitrary code execution when a victim processes malicious input on the local host. The CVSS 3.1 vector (AV:L/UI:R) indicates the target must actively load attacker-controlled content, so exploitation hinges on tricking a user or automated pipeline into ingesting a crafted model or input file. There is no public exploit identified at time of analysis and the CVE is not in CISA KEV, but with high confidentiality, integrity, and availability impact this is a meaningful priority for AI/ML inference environments.
NVIDIA TensorRT for contains a vulnerability where a user might cause a deserialization of untrusted data. A successful exploit of this vulnerability might lead to code execution.
Code execution in NVIDIA TensorRT is possible when the SDK processes a maliciously crafted input that overflows a heap-based buffer (CWE-122), corrupting adjacent heap memory. The flaw affects the TensorRT deep-learning inference library and requires a local user to load attacker-supplied content, per the AV:L/UI:R CVSS vector; there is no public exploit identified at time of analysis and it is not listed in CISA KEV. Successful exploitation yields full loss of confidentiality, integrity, and availability (C:H/I:H/A:H) in the context of the process running the inference job.
Local code execution in NVIDIA TensorRT is possible when the library parses an attacker-supplied input (such as a crafted model/engine file), triggering a heap-based buffer overflow (CWE-122) that can corrupt memory and lead to arbitrary code execution in the context of the process using TensorRT. The CVSS 3.1 vector (AV:L/UI:R) indicates the attacker needs local access and must induce a user or application to load malicious content, and there is no public exploit identified at time of analysis. TensorRT is NVIDIA's deep-learning inference SDK, so the affected population is developers, MLOps pipelines, and inference servers that load third-party or untrusted models.
Improper array index validation (CWE-129) in NVIDIA TensorRT allows an attacker to trigger out-of-bounds memory access that may lead to arbitrary code execution when a victim processes malicious input on the local host. The CVSS 3.1 vector (AV:L/UI:R) indicates the target must actively load attacker-controlled content, so exploitation hinges on tricking a user or automated pipeline into ingesting a crafted model or input file. There is no public exploit identified at time of analysis and the CVE is not in CISA KEV, but with high confidentiality, integrity, and availability impact this is a meaningful priority for AI/ML inference environments.
NVIDIA TensorRT for contains a vulnerability where a user might cause a deserialization of untrusted data. A successful exploit of this vulnerability might lead to code execution.