Threat Advisory

NVIDIA vGPU Vulnerability Triggers Hypervisor Escape

Threat: Vulnerability
Targeted Region: Global
Targeted Sector: Technology & IT
Criticality: High
[subscribe_to_unlock_form]

EXECUTIVE SUMMARY:

Multiple security vulnerabilities have been identified in NVIDIA TensorRT-LLM (versions prior to v1.2.1) and the associated Isaac Launchable framework for Linux. The flaws span remote code execution, denial‑of‑service, race conditions, null‑pointer dereferences, and information‑exposure weaknesses. Exploitation could allow an attacker to execute arbitrary code on AI inference servers, tamper with model data, disrupt critical workloads, or intercept sensitive configuration information. For enterprises that rely on these AI components for production workloads, the risk includes service outages, loss of intellectual property, and potential regulatory fallout due to compromised data confidentiality.[/subscribe_to_unlock_form]

EXECUTIVE SUMMARY:

Multiple security vulnerabilities have been identified in NVIDIA TensorRT-LLM (versions prior to v1.2.1) and the associated Isaac Launchable framework for Linux. The flaws span remote code execution, denial‑of‑service, race conditions, null‑pointer dereferences, and information‑exposure weaknesses. Exploitation could allow an attacker to execute arbitrary code on AI inference servers, tamper with model data, disrupt critical workloads, or intercept sensitive configuration information. For enterprises that rely on these AI components for production workloads, the risk includes service outages, loss of intellectual property, and potential regulatory fallout due to compromised data confidentiality.[emaillocker id="1283"]

  • CVE-2025-33255 – A deserialization bug in the MPI server component enables an unauthenticated remote attacker to trigger unsafe deserialization, potentially achieving remote code execution, data tampering, or information disclosure; exploitation requires network access to the MPI service.
  • CVE-2026-24163 – A similar deserialization flaw in the remote procedure call testing environment allows remote attackers to execute arbitrary code on affected hosts; the vulnerability is exploitable over the network without authentication.
  • CVE-2026-24205 – A race condition arising from concurrent database requests can lead to denial‑of‑service conditions; an attacker must be able to issue overlapping database operations, typically requiring local or privileged access.
  • CVE-2026-24160 – An unchecked return‑code sequence may cause a null pointer dereference, resulting in a crash or DoS; exploitation is possible when a crafted response is processed by the vulnerable component.
  • CVE-2026-24212 with a CVSS score of 7.5 – An information‑exposure bug in the Isaac Launchable framework transmits sensitive data in clear text, allowing a network eavesdropper to capture credentials and potentially achieve privilege escalation or system disruption.

The combined vulnerabilities expose AI inference platforms to remote takeover, data loss, and service interruption, demanding immediate attention. If left unaddressed, organizations risk downtime of critical AI services, theft of proprietary models, and potential compliance penalties. Executives should treat these findings as high priority to safeguard operational continuity and protect sensitive information.

RECOMMENDATION:

  • We recommend you to update NVIDIA TensorRT-LLM to version v1.2.1.

REFERENCES:

The following reports contain further technical details:
https://securityonline.info/nvidia-tensorrt-llm-vulnerabilities-patches/

[/emaillocker]
crossmenu