Improper Isolation in NVIDIA Container Toolkit Exposes Host Binary to Risks
CVE-2024-0135

7.6HIGH

Key Information:

Vendor: Nvidia
Status: Nvidia Container Toolkit; Nvidia Gpu Operator
Vendor: CVE Published:; 28 January 2025

Summary

The NVIDIA Container Toolkit exhibits an improper isolation vulnerability that can be exploited through specially crafted container images. This weakness may allow attackers to modify host binaries, potentially leading to a range of security risks including unauthorized code execution, denial of service, privilege escalation, information disclosure, and data tampering. Organizations leveraging the toolkit are urged to apply the latest updates to mitigate these threats.

Affected Version(s)

NVIDIA Container Toolkit Linux All versions up to and including v1.17.0

NVIDIA GPU Operator Linux All versions up to and including 24.9.0

References

https://nvidia.custhelp.com/app/answers/detail/a_id/5599

CVSS V3.1

Score:

7.6

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

High

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Jan 28, 2025
Vulnerability Reserved
Dec 2, 2023