CVE-2024-0144

NVIDIA nvJPEG2000 library contains a vulnerability where an attacker can cause a buffer overflow issue by means of a specially crafted JPEG2000 file. A successful exploit of this vulnerability might lead to data tampering.

CVSS v3 6.8 MEDIUM

6.8^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 1.6 / Impact : 5.2

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact NONE

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://nvidia.custhelp.com/app/answers/detail/a_id/5596
https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-2108
https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-2113

Configurations

No configuration.

History

15 Apr 2026, 00:35

Type	Values Removed	Values Added
Summary		(es) NVIDIA nvJPEG2000 librería contiene una vulnerabilidad que permite a un atacante provocar un problema de desbordamiento de búfer mediante un archivo JPEG2000 manipulado especialmente manipulado. Una explotación exitosa de esta vulnerabilidad podría provocar la manipulación de datos.

12 Feb 2025, 18:15

Type	Values Removed	Values Added
References		() https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-2108 -

12 Feb 2025, 02:15

Type	Values Removed	Values Added
References		() https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-2113 -

12 Feb 2025, 01:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-02-12 01:15

Updated : 2026-06-17 06:52

NVD link : CVE-2024-0144

Mitre link : CVE-2024-0144

CVE.ORG link : CVE-2024-0144

JSON object : View

Products Affected

No product.

CWE

CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

{"id": "CVE-2024-0144", "cveTags": [], "metrics": {"ssvcV203": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "ssvcData": {"id": "CVE-2024-0144", "role": "CISA Coordinator", "options": [{"exploitation": "none"}, {"automatable": "no"}, {"technicalImpact": "total"}], "version": "2.0.3", "timestamp": "2025-04-05T03:55:34.833666Z"}}], "cvssMetricV31": [{"type": "Secondary", "source": "psirt@nvidia.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.8, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 5.2, "exploitabilityScore": 1.6}]}, "affected": [{"source": "psirt@nvidia.com", "affectedData": [{"vendor": "NVIDIA", "product": "nvJPEG2000", "versions": [{"status": "affected", "version": "0.8.0"}], "platforms": ["Linux x86_64", "Linux sbsa", "Jetson", "Windows"], "defaultStatus": "unaffected"}]}], "published": "2025-02-12T01:15:08.483", "references": [{"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5596", "source": "psirt@nvidia.com"}, {"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-2108", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-2113", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Secondary", "source": "psirt@nvidia.com", "description": [{"lang": "en", "value": "CWE-120"}]}], "descriptions": [{"lang": "en", "value": "NVIDIA nvJPEG2000 library contains a vulnerability where an attacker can cause a buffer overflow issue by means of a specially crafted JPEG2000 file. A successful exploit of this vulnerability might lead to data tampering."}, {"lang": "es", "value": "NVIDIA nvJPEG2000 librer\u00eda contiene una vulnerabilidad que permite a un atacante provocar un problema de desbordamiento de b\u00fafer mediante un archivo JPEG2000 manipulado especialmente manipulado. Una explotaci\u00f3n exitosa de esta vulnerabilidad podr\u00eda provocar la manipulaci\u00f3n de datos."}], "lastModified": "2026-06-17T06:52:51.970", "sourceIdentifier": "psirt@nvidia.com"}