CVE-2024-0115

Published Aug 12, 2024

Last updated 2 months ago

CVSS medium 6.1

Overview

Description: NVIDIA CV-CUDA for Ubuntu 20.04, Ubuntu 22.04, and Jetpack contains a vulnerability in Python APIs where a user may cause an uncontrolled resource consumption issue by a long running CV-CUDA Python process. A successful exploit of this vulnerability may lead to denial of service and data loss.
Source: psirt@nvidia.com
NVD status: Analyzed

Risk scores

CVSS 3.1

Type: Primary
Base score: 6.1
Impact score: 4.2
Exploitability score: 1.8
Vector string: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
Severity: MEDIUM

Weaknesses

psirt@nvidia.com: CWE-400
nvd@nist.gov: NVD-CWE-noinfo

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:nvidia:cv-cuda:0.1.0:prealpha:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B1799F50-62F3-4E38-80F4-A5E8991AD945"
          },
          {
            "criteria": "cpe:2.3:a:nvidia:cv-cuda:0.2.0:alpha:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "ADC7DACB-A6D5-4C2F-B222-1409FAE3D669"
          },
          {
            "criteria": "cpe:2.3:a:nvidia:cv-cuda:0.2.1:alpha:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6A452C07-2073-4BB3-AC27-0D085E33602C"
          },
          {
            "criteria": "cpe:2.3:a:nvidia:cv-cuda:0.3.0:beta:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FADC39DA-E1EA-469F-9252-9B7623E4751C"
          },
          {
            "criteria": "cpe:2.3:a:nvidia:cv-cuda:0.3.1:beta:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BE1D5C25-23E3-48E2-8327-7DB5853D1B18"
          },
          {
            "criteria": "cpe:2.3:a:nvidia:cv-cuda:0.4.0:beta:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "60F7EA28-6914-47C0-B2AB-8098F90B5565"
          },
          {
            "criteria": "cpe:2.3:a:nvidia:cv-cuda:0.5.0:beta:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "44F77894-6314-41AE-B0AE-3AAFF9136D8E"
          },
          {
            "criteria": "cpe:2.3:a:nvidia:cv-cuda:0.6.0:beta:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F330EE75-02EC-46D1-B9DE-C960ACD2F260"
          },
          {
            "criteria": "cpe:2.3:a:nvidia:cv-cuda:0.7.0:beta:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "898D3460-EEB8-47AD-9386-FF005DF3F48C"
          },
          {
            "criteria": "cpe:2.3:a:nvidia:cv-cuda:0.8.0:beta:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FE6B69A1-18DC-49C0-87DC-3A81453361E4"
          },
          {
            "criteria": "cpe:2.3:a:nvidia:cv-cuda:0.9.0:beta:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "14704CB7-BE26-4233-BC7A-0EC4CB99F388"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:nvidia:jetpack_software_development_kit:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "E1118D1E-AC16-4B3E-9F8A-23ED964FD806"
          },
          {
            "criteria": "cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "902B8056-9E37-443B-8905-8AA93E2447FB"
          },
          {
            "criteria": "cpe:2.3:o:canonical:ubuntu_linux:22.04:*:*:*:lts:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "359012F1-2C63-415A-88B8-6726A87830DE"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

References