CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
Low
EPSS
Percentile
23.6%
NVIDIA has released a software update for NVIDIA Triton Inference Server to address the issue disclosed in this bulletin. This issue affects only nondefault deployments that enable dynamic model loading through the model control APIs by using the command line option**--model-control explicit
. Deployments that use default settings arenot** affected. To protect your system, install the latest release from the Triton Inference Server Releases page on GitHub, and view the Secure Deployment Considerations Guide.
Go to NVIDIA Product Security.
The following tables list the NVIDIA systems affected, firmware versions affected, and the updated version that includes this security update.
CVE IDs Addressed | Affected Product(s) | Platform/OS | Affected Version(s) | Updated Version |
---|---|---|---|---|
CVE-2023-31036 | Triton Inference Server | Windows, Linux | All versions prior to 2.40 | 2.40 |
--model-control explicit
. Deployments that use default settings arenot** affected.The following items were made available in the development branch on November 10,2023 and are available in the release branch on December 4, 2023.****
Updated software that behaves as follows:****
Provides the ability to restrict the HTTP endpoint of the model load API****
Prevents the model load API from accessing directories outside the model directory****
A Secure Deployment Considerations Guide intended to provide some key points and best practices that users deploying Triton based solutions should consider.****
NVIDIA thanks l1k3beef @ tencent-zhuquelab for reporting issue CVE-2023-31036.