Description
NVIDIA has released a software security update for NVIDIA NeMo framework to address the issues that are disclosed in this bulletin. To protect your system, remove any pre-existing clone of the NVIDIA NeMo repository and instead clone the repository from the r1.23.0 branch or later (main branch).
| CVE ID |
Description |
Vector |
Base Score |
Severity |
CWE |
Impacts |
| CVE-2024-0081 |
NVIDIA NeMo framework for Ubuntu contains a vulnerability in tools/asr_webapp where an attacker may cause an allocation of resources without limits or throttling. A successful exploit of this vulnerability may lead to a server-side denial of service. |
AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H |
8.6 |
High |
CWE-770 |
Denial of Service |
Acknowledgements
NVIDIA thanks the below finder reporting this issue
CVE-2024-0081: sim4n6
Revision History
| Revision |
Date |
Description |
| 1.0 |
March 27, 2024 |
Initial release |
Description
NVIDIA has released a software security update for NVIDIA NeMo framework to address the issues that are disclosed in this bulletin. To protect your system, remove any pre-existing clone of the NVIDIA NeMo repository and instead clone the repository from the
r1.23.0branch or later (main branch).Acknowledgements
NVIDIA thanks the below finder reporting this issue
CVE-2024-0081: sim4n6
Revision History