NVIDIA patches critical flaws in Triton AI Server
Take action: If you are using NVIDIA Triton Inference Server, plan for a patch cycle. Not the most critical of issues, but it's still wise to plan for a regular update.
Learn More
NVIDIA has recently addressed two critical vulnerabilities in its widely-utilized Triton Inference Server, which is a key component of the company's AI platform.
Vulnerability details
- CVE-2024-0087 (CVSS score: 9) - This vulnerability arises from an arbitrary file write flaw in the log configuration interface of the Triton Server. An attacker could exploit this flaw to write malicious code or scripts to sensitive system files, such as /root/.bashrc or /etc/environment.
- CVE-2024-0088 (CVSS score: 5.5) - This vulnerability is due to inadequate parameter validation in Triton Server's shared memory handling. Clients can register shared memory and specify addresses for input parameters and output results using shared_memory_offset and shared_memory_byte_size parameters. Lack of validation for these parameters can lead to arbitrary address writing, potentially causing memory data leakage, program crashes, or arbitrary code execution.
-
CVE-2024-0100 (CVSS score: 6.5) - This medium-severity vulnerability in the tracing API of the Triton Inference Server allows a user to corrupt system files. Successful exploitation could lead to denial of service (DoS) and data tampering.
Proof-of-Concept (PoC) has been published by google research team.
NVIDIA has released updates to address these vulnerabilities. Organizations using Triton Inference Server are urged to apply these updates.
