AI Tools: Nvidia equips DALI and Triton Inference Server against attacks
Multiple security vulnerabilities in Nvidia DALI and Triton Inference Server endanger systems. Security patches are available for download.
(Image: AFANASEV IVAN / Shutterstock.com)
Following successful attacks, attackers can crash Nvidia Triton Inference Server. Malicious code can reach systems with DALI. Even though there are currently no indications of attacks, admins should install the repaired versions promptly.
AI Tools as Attack Vector
Triton Inference Server helps in setting up various AI models. DALI processes images and videos in the deep learning context, among other things. It is currently unclear which parameters admins can use to identify already attacked computers.
As a warning message indicates, Triton Inference Server is vulnerable through a total of five security flaws. Four vulnerabilities are classified with the threat level "high". Due to insufficient checks, attackers can trigger DoS states and thus crashes with specific requests (e.g., CVE-2026-24146). Information can also leak (CVE-2026-24147 "medium").
According to the developers, however, version r26.02 is equipped to handle this. All previous releases are vulnerable. This affects all platforms on which Triton Inference Server runs.
Because DALI processes untrusted data, malicious code can reach systems and compromise them. According to the developers, this security problem has been solved in release 2.0. All previous versions are vulnerable through the described path, the developers warn in a message. How the installation proceeds is described in a support article. The software vulnerabilities affect all platforms.
Videos by heise
Most recently, in February of this year, Nvidia equipped the AI tools Megatron Bridge and NeMO Framework against possible malware attacks.
(des)
