Improper Isolation in NVIDIA Container Toolkit Exposes Host Binary to Risks
CVE-2024-0135

7.6HIGH

Key Information:

Vendor: Nvidia
Status: Nvidia Container Toolkit; Nvidia Gpu Operator
Vendor: CVE Published:; 28 January 2025

What is CVE-2024-0135?

The NVIDIA Container Toolkit exhibits an improper isolation vulnerability that can be exploited through specially crafted container images. This weakness may allow attackers to modify host binaries, potentially leading to a range of security risks including unauthorized code execution, denial of service, privilege escalation, information disclosure, and data tampering. Organizations leveraging the toolkit are urged to apply the latest updates to mitigate these threats.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

NVIDIA Container Toolkit Linux All versions up to and including v1.17.0

NVIDIA GPU Operator Linux All versions up to and including 24.9.0

References

https://nvidia.custhelp.com/app/answers/detail/a_id/5599

CVSS V3.1

Score:

7.6

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

High

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Jan 28, 2025
Vulnerability Reserved
Dec 2, 2023

JSON

Nvidia

What is CVE-2024-0135?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.