Nvidia News Articles

Patch Now: NVDIA Flaws Expose AI Models, Critical Infrastructure

A fix for a critical flaw in a tool allowing organizations to run GPU-accelerated containers released last year did not fully mitigate the issue, spurring the need to patch a secondary flaw to protect organizations that rely on its processors for AI workloads.

1 week ago

Incomplete Patch in NVIDIA Toolkit Leaves CVE-2024-0132 Open to Container Escapes

Incomplete fix for CVE-2024-0132 in NVIDIA Toolkit leaves Linux Docker hosts vulnerable to container escapes and DoS attacks.

2 weeks ago

Incomplete NVIDIA Patch to CVE-2024-0132 Exposes AI Infrastructure and Data to Critical Risks

A previously disclosed vulnerability in NVIDIA Container Toolkit has an incomplete patch, which, if exploited, could put a wide range of AI infrastructure and sensitive data at risk.

2 weeks ago

Incomplete NVIDIA Patch to CVE-2024-0132 Exposes AI Infrastructure and Data to Critical Risks

A previously disclosed vulnerability in NVIDIA Container Toolkit has an incomplete patch, which, if exploited, could put a wide range of AI infrastructure and sensitive data at risk.

2 weeks ago

NVIDIA Support

Details This section provides a summary of potential vulnerabilities that this security update addresses and their impact. Descriptions use CWE™, and base scores and vectors use CVSS v3.1...

Hackers Exploit Palo Alto Firewall Vulnerability Day After Disclosure

Attempts to exploit CVE-2024-0108, an authentication bypass vulnerability in Palo Alto firewalls, started one day after disclosure. 

NVIDIA Container Toolkit Flaw Allows Full System Access - TechNadu

Attackers could bypass a patched NVIDIA Container Toolkit flaw CVE-2025-23359 via breaking out of a container's isolation protections.

Researcher Discovers Critical NVIDIA Container Vulnerability

Security researchers at Wiz have uncovered a critical vulnerability (CVE-2024-0132) in NVIDIA's Container Toolkit that could allow attackers to escape container isolation and gain full access to host...

NVIDIA Container Toolkit For Linux Time-of-Check Time-of-Use Vulnerability (CVE-2025-23359)

CVE-2025-23359 - NVIDIA Container Toolkit for Linux contains a Time-of-Check Time-of-Use (TOCTOU) vulnerability when used with default configuration, where a crafted container image could gain access to the host file system.

Researchers Find New Exploit Bypassing Patched NVIDIA Container Toolkit Vulnerability

CVE-2025-23359 (CVSS 8.3) lets attackers bypass NVIDIA’s container security, gaining host access via a TOCTOU flaw. Fix available in v1.17.4.

NVIDIA AI vulnerability:  Deep Dive into CVE 2024-0132 | Wiz Blog

Critical severity vulnerability (CVE-2024-0132) affecting Container Toolkit and GPU Operator may present risk to cloud service providers

Nvidia fixed CVE-2024-0130 in UFM Enterprise

NVIDIA has patched a high-severity vulnerability affecting its UFM Enterprise, UFM Appliance, and UFM CyberAI products. could allow an attacker to gain escalated privileges, tamper with data, deny service, and disclose sensitive information. The vulnerability, identified as CVE-2024-0130 with a CVSS...

NVIDIA affected by a Critical vulnerability CVE-2024-0138

NVIDIA has released a patch addressing a critical vulnerability in its Base Command Manager software, that could pose significant risks, including the potential for remote code execution, denial of service, privilege escalation, information disclosure, and data tampering. This flaw, tracked as CVE-2...

October Patch Tuesday: MSFT patches 2 exploited zero days

Microsoft has patched a brace of zero days that are under active attack as part of October Patch Tuesday 2024.

Critical NVIDIA Container Toolkit flaw could allow access to the underlying host

A critical vulnerability in the NVIDIA Container Toolkit could allow a container to escape and gain full access to the underlying host.

NVIDIA AI Container Toolkit Vulnerability Fix

On Wednesday, NVIDIA released updates to fix a critical vulnerability in its NVIDIA Container Toolkit, which, if exploited, could put a wide range of AI infrastructure and underlying data/secrets at risk....

Critical Nvidia bug allows container escape, host takeover

A critical bug in Nvidia's widely used Container Toolkit could allow a rogue user or software to escape their containers and ultimately take complete control of the underlying host. The flaw, tracked as...

Wiz Research Finds Critical NVIDIA AI Vulnerability Affecting Containers Using NVIDIA GPUs, Including Over 35% of Cloud Environments | Wiz Blog

Critical severity vulnerability CVE-2024-0132 affecting NVIDIA Container Toolkit and GPU Operator presents high risk to AI workloads and environments.

NVIDIA ChatRTX for Windows Vulnerability Lets Attackers Escalate Privileges

NVIDIA, a leading technology company, has recently released a security update regarding its Windows ChatRTX application.