Security Bulletin: Triton Inference Server - December 2023

NVIDIA has released a software update for NVIDIA Triton Inference Server to address the issue disclosed in this bulletin. This issue affects only nondefault deployments that enable dynamic model loading through the model control APIs by using the command line option**--model-control explicit. Deployments that use default settings arenot** affected. To protect your system, install the latest release from the Triton Inference Server Releases page on GitHub, and view the Secure Deployment Considerations Guide.

Go to NVIDIA Product Security.

Security Updates

The following tables list the NVIDIA systems affected, firmware versions affected, and the updated version that includes this security update.

Notes

• This vulnerability affects only nondefault deployments that enable dynamic model loading through the model control APIs by using the command line option**--model-control explicit. Deployments that use default settings arenot** affected.

The following items were made available in the development branch on November 10,2023 and are available in the release branch on December 4, 2023.****

• Updated software that behaves as follows:****

  • Provides the ability to restrict the HTTP endpoint of the model load API****

  • Prevents the model load API from accessing directories outside the model directory****

• A Secure Deployment Considerations Guide intended to provide some key points and best practices that users deploying Triton based solutions should consider.****

Acknowledgements

NVIDIA thanks l1k3beef @ tencent-zhuquelab for reporting issue CVE-2023-31036.