NVIDIA Container Toolkit Vulnerability Allows for File System Access
CVE-2024-0132

8.3HIGH

Key Information:

Vendor
Nvidia
Status
Container Toolkit
Gpu Operator
Vendor
CVE Published:
26 September 2024

Badges

๐Ÿ“ˆ Score: 901๐Ÿ‘พ Exploit Exists๐Ÿ“ฐ News Worthy

What is CVE-2024-0132?

CVE-2024-0132 is a vulnerability identified in the NVIDIA Container Toolkit, specifically in versions 1.16.1 and earlier. This toolkit is designed to facilitate the management and deployment of GPU-accelerated applications in containerized environments. The vulnerability stems from a Time-of-check Time-of-use (TOCTOU) flaw that can occur when the toolkit is configured with default settings. If exploited, this vulnerability could grant malicious actors unauthorized access to the host file system, leading to several adverse outcomes for organizations relying on this technology.

Technical Details

CVE-2024-0132 allows a specifically crafted container image to potentially alter its behavior while checking access permissions, resulting in unauthorized access to the host file system. This exploit hinges on the timing of file checks and their subsequent usage, thus enabling attackers to manipulate how the container interacts with the host. This issue specifically affects setups that do not implement Container Device Interface (CDI).

Potential Impact of CVE-2024-0132

  1. Code Execution: Successful exploitation of this vulnerability could enable attackers to execute arbitrary code on the host system, potentially leading to full system compromise.

  2. Escalation of Privileges: Attackers may gain elevated privileges, allowing them to perform actions that would typically require higher access levels, thus increasing the scope of their malicious activities.

  3. Data Tampering and Information Disclosure: The vulnerability can lead to unauthorized access to sensitive data, risking data integrity and confidentiality, which may have serious implications for data governance and compliance within organizations.

Affected Version(s)

Container Toolkit Linux All versions up to and including v1.16.1

GPU Operator Linux All versions up to and including 24.6.1

News Articles

Patch Now: NVDIA Flaws Expose AI Models, Critical Infrastructure

A fix for a critical flaw in a tool allowing organizations to run GPU-accelerated containers released last year did not fully mitigate the issue, spurring the need to patch a secondary flaw to protect organizations that rely on its processors for AI workloads.

1 week ago

favicon imageThe Hacker News

Incomplete Patch in NVIDIA Toolkit Leaves CVE-2024-0132 Open to Container Escapes

Incomplete fix for CVE-2024-0132 in NVIDIA Toolkit leaves Linux Docker hosts vulnerable to container escapes and DoS attacks.

2 weeks ago

favicon imageTrend Micro

Incomplete NVIDIA Patch to CVE-2024-0132 Exposes AI Infrastructure and Data to Critical Risks

A previously disclosed vulnerability in NVIDIA Container Toolkit has an incomplete patch, which, if exploited, could put a wide range of AI infrastructure and sensitive data at risk.

2 weeks ago

References

https://nvidia.custhelp.com/app/answers/detail/a_id/5582

CVSS V3.1

Score:
8.3
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
Required
Scope:
Changed

Timeline

  • ๐Ÿ‘พ

    Exploit known to exist

  • ๐Ÿ“ฐ

    First article discovered by wiz.io

  • Vulnerability published

  • Vulnerability Reserved

.