CVE-2025-23331
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-08-06
Last updated on: 2025-08-12
Assigner: NVIDIA Corporation
Description
Description
NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where a user could cause a memory allocation with excessive size value, leading to a segmentation fault, by providing an invalid request. A successful exploit of this vulnerability might lead to denial of service.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| nvidia | triton_inference_server | to 25.06 (exc) |
| microsoft | windows | * |
| linux | linux_kernel | From 5.15.160 (inc) to 5.16 (inc) |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-789 | The product allocates memory based on an untrusted, large size value, but it does not ensure that the size is within expected limits, allowing arbitrary amounts of memory to be allocated. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability in NVIDIA Triton Inference Server for Windows and Linux allows a user to cause a memory allocation with an excessively large size by sending an invalid request. This can lead to a segmentation fault, which is a type of crash.
How can this vulnerability impact me? :
Exploiting this vulnerability can cause the NVIDIA Triton Inference Server to crash, resulting in a denial of service. This means the server could become unavailable or stop functioning properly.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70