CVE-2024-0116 — Out-of-bounds Read in Nvidia Triton Inference Server

CWE-125 — Out-of-bounds Read4 documents4 sources

Severity

6.5MEDIUMNVD

CNA4.9

EPSS

0.2%

top 56.71%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Nvidia Triton Inference Server

Timeline

PublishedOct 1

Description

NVIDIA Triton Inference Server contains a vulnerability where a user may cause an out-of-bounds read issue by releasing a shared memory region while it is in use. A successful exploit of this vulnerability may lead to denial of service.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6

Affected Packages2 packages

▶NVDnvidia/triton_inference_server19.11 — 24.09

▶CVEListV5nvidia/triton_inference_serverv19.11 through v24.08

🔴Vulnerability Details

GHSA

GHSA-cp7p-92pj-7g7p: NVIDIA Triton Inference Server contains a vulnerability where a user may cause an out-of-bounds read issue by releasing a shared memory region while i↗2024-10-01

▶

CVEList

CVE-2024-0116: NVIDIA Triton Inference Server contains a vulnerability where a user may cause an out-of-bounds read issue by releasing a shared memory region while i↗2024-10-01

▶

📋Vendor Advisories

Red Hat

triton: Denial of service↗2024-10-01

▶