—–BEGIN PGP SIGNED MESSAGE—–

Hash: SHA256

Multiple Vulnerabilities in NVIDIA

Indian – Computer Emergency Response Team (https://www.cert-in.org.in)

Severity Rating: HIGH

Software Affected

Triton inference server all versions prior to r26.02

NVIDIA DALI all versions prior to 2.0

Overview

Multiple vulnerabilities have been reported in NVIDIA, which could allow an attacker to execute arbitrary code or cause denial of service (DoS) condition on the targeted system.

Target Audience:

Individuals and IT administrators, security teams responsible for maintaining and updating NVIDIA products.

Risk Assessment:

Risk of Remote code execution, or Disruption of services.

Impact Assessment:

Potential compromise of system, service of disruption and unauthorized access to sensitive information.

Description

Multiple vulnerabilities exist in NVIDIA products due to improper input validation or deserialization of untrusted data. An attacker could exploit these vulnerabilities by sending a specially crafted request on the targeted system.

Successful exploitation of these vulnerabilities could allow an attacker to execute arbitrary code or cause denial of service (DoS) condition on the targeted system.

Solution

Apply appropriate security updates as mentioned in NVIDIA advisory:

https://www.nvidia.com/en-us/security/

References

NVIDIA

https://nvidia.custhelp.com/app/answers/detail/a_id/5811

https://nvidia.custhelp.com/app/answers/detail/a_id/5816

CVE Name

CVE-2026-24146

CVE-2026-24147

CVE-2026-24156

CVE-2026-24173

CVE-2026-24174

CVE-2026-24175

– —

Thanks and Regards,

CERT-In

Incident Response Help Desk

e-mail: incident@cert-in.org.in

Phone: +91-11-22902657

Toll Free Number: 1800-11-4949

Toll Free Fax : 1800-11-6969

Web: http://www.cert-in.org.in

PGP Fingerprint: A768 083E 4475 5725 B81A A379 2156 C0C0 B620 D0B4

PGP Key information:

https://www.cert-in.org.in/s2cMainServlet?pageid=CONTACTUS

Postal address:

Indian Computer Emergency Response Team (CERT-In)

Ministry of Electronics and Information Technology

Government of India

Electronics Niketan

6, C.G.O. Complex

New Delhi-110 003

—–BEGIN PGP SIGNATURE—–

iQIzBAEBCAAdFiEE6r4Iam/Ey0c/KakL3jCgcSdcys8FAmnfqRUACgkQ3jCgcSdc

ys+YYQ//bnbvERaTEMDrgcKivnPwcqzAQAHrCA/ORjvYmdWgyc2znbVcmhJuThDw

Gf3NhkV5DYiRqiNFQWmxgyUSEKNPG1Lrhx7DupxlZZomHcm4KKDRZHnCccpmmR0o

NaiyCu2xIk7/QzEqKzQYxvauSzaqu5xjpXXL9zLl9yoRKFRRY+2GNVjoJDYjRbjd

Hvnb7BrGOWD6+ESSKQcKn9vf6qOoAgXb+XEouBX+HTVFOMOFvmY8rwcsG9YhBm/e

7bGMwOJPY743FnYV5CUddPe1H2BiCzC6WRFDsc+a7jneh2KqvnU9v1gustjLitm0

KrjECQN5VuyMKZehwW8e5TiAphYIS7OlBLegkQnlHAjrk0BWS5EXADG7IbT3Aehr

XkSlT9EvIMC4E0jkKhYK6Xwj/7Jv/kYPrVYQj+gKDTK4HwNs97lkAstoIyHVWfl8

om1syXav110mA2U1X1oSGgJ65+uUrcqfSvJK5mXGr7fu4+27l+1nHi8rylrTVOyk

UNZWxK7QLstA99Ie6mqJyruJJKmwpUsZ+wn2TTgFkfRAFOeQ4LdekXj0G7CzUrug

d7D+cuFgVewgYVIp0bwCRNE5rp69WpVWA4i/58GhOzUc3bfKSOVaVS28b+jppoii

fSNB4m6AVpAuXWyEAHjAoOkGlugJUEu2PsfYbRqTddtdVYzYWx0=

=n6uZ

—–END PGP SIGNATURE—–