NVIDIA Container Toolkit Vulnerability Allows for File System Access
CVE-2024-0132
Key Information:
- Vendor
- Nvidia
- Vendor
- CVE Published:
- 26 September 2024
Badges
What is CVE-2024-0132?
CVE-2024-0132 is a vulnerability identified in the NVIDIA Container Toolkit, specifically in versions 1.16.1 and earlier. This toolkit is designed to facilitate the management and deployment of GPU-accelerated applications in containerized environments. The vulnerability stems from a Time-of-check Time-of-use (TOCTOU) flaw that can occur when the toolkit is configured with default settings. If exploited, this vulnerability could grant malicious actors unauthorized access to the host file system, leading to several adverse outcomes for organizations relying on this technology.
Technical Details
CVE-2024-0132 allows a specifically crafted container image to potentially alter its behavior while checking access permissions, resulting in unauthorized access to the host file system. This exploit hinges on the timing of file checks and their subsequent usage, thus enabling attackers to manipulate how the container interacts with the host. This issue specifically affects setups that do not implement Container Device Interface (CDI).
Potential Impact of CVE-2024-0132
-
Code Execution: Successful exploitation of this vulnerability could enable attackers to execute arbitrary code on the host system, potentially leading to full system compromise.
-
Escalation of Privileges: Attackers may gain elevated privileges, allowing them to perform actions that would typically require higher access levels, thus increasing the scope of their malicious activities.
-
Data Tampering and Information Disclosure: The vulnerability can lead to unauthorized access to sensitive data, risking data integrity and confidentiality, which may have serious implications for data governance and compliance within organizations.
Affected Version(s)
Container Toolkit Linux All versions up to and including v1.16.1
GPU Operator Linux All versions up to and including 24.6.1
Get notified when SecurityVulnerability.io launches alerting ๐
Well keep you posted ๐ง
News Articles
Patch Now: NVDIA Flaws Expose AI Models, Critical Infrastructure
A fix for a critical flaw in a tool allowing organizations to run GPU-accelerated containers released last year did not fully mitigate the issue, spurring the need to patch a secondary flaw to protect organizations that rely on its processors for AI workloads.
1 week ago

Incomplete Patch in NVIDIA Toolkit Leaves CVE-2024-0132 Open to Container Escapes
Incomplete fix for CVE-2024-0132 in NVIDIA Toolkit leaves Linux Docker hosts vulnerable to container escapes and DoS attacks.
2 weeks ago
Incomplete NVIDIA Patch to CVE-2024-0132 Exposes AI Infrastructure and Data to Critical Risks
A previously disclosed vulnerability in NVIDIA Container Toolkit has an incomplete patch, which, if exploited, could put a wide range of AI infrastructure and sensitive data at risk.
2 weeks ago
References
CVSS V3.1
Timeline
- ๐พ
Exploit known to exist
- ๐ฐ
First article discovered by wiz.io
Vulnerability published
Vulnerability Reserved