Lucene search

NvidiaVULNRICHMENT:CVE-2024-0115

HistoryAug 09, 2024 - 2:23 a.m.

CVE-2024-0115

2024-08-0902:23:48

CWE-400

nvidia

github.com

nvidia

cv-cuda

ubuntu

jetpack

vulnerability

python

denial of service

data loss

CVSS3

6.1

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H

AI Score

6.8

Confidence

High

EPSS

Percentile

9.5%

SSVC

Exploitation

none

Automatable

Technical Impact

partial

JSON

NVIDIA CV-CUDA for Ubuntu 20.04, Ubuntu 22.04, and Jetpack contains a vulnerability in Python APIs where a user may cause an uncontrolled resource consumption issue by a long running CV-CUDA Python process. A successful exploit of this vulnerability may lead to denial of service and data loss.

CNA Affected

[
  {
    "vendor": "NVIDIA",
    "product": "NVIDIA CV-CUDA",
    "versions": [
      {
        "status": "affected",
        "version": "v0.1.x - v0.9.x"
      }
    ],
    "platforms": [
      "Ubuntu 20.04",
      "Ubuntu 22.04",
      "Jetpack"
    ],
    "defaultStatus": "unaffected"
  }
]

References

nvidia.custhelp.com/app/answers/detail/a_id/5560

CVSS3

6.1

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H

AI Score

6.8

Confidence

High

EPSS

Percentile

9.5%

SSVC

Exploitation

none

Automatable

Technical Impact

partial

JSON

Related for VULNRICHMENT:CVE-2024-0115