Imechapishwa: May 03, 2024 06:33
Advisory No: TZCERT/SA/2024/05/02-1
Source: NVIDIA
Software Affected: NVIDIA Triton Inference Server for Linux
NVIDIA Triton Inference Server for Linux contains a vulnerability where a user can set the logging location to an arbitrary file that may result in compromise of confidentiality, integrity, and availability of the server.
Rated with a 9.0 score, this vulnerability is tracked as CVE-2024-0087. This vulnerability impacts NVIDIA’s Triton Inference server for Linux allowing attackers to execute code in the affected server. The vulnerability allows a user to set a logging location to an arbitrary file which can then be misused to infect the server.
Successful exploitation of this vulnerability may allow an attacker to take control of the affected system.
NVIDIA has released security patches for this vulnerability. Users and administrators are encouraged to apply necessary updates.
A digest of Tanzania Computer Emergency Response Team coverage of cyber-security news across the globe.