Improper Isolation Vulnerability in NVIDIA Container Toolkit
CVE-2024-0137

5.5MEDIUM

Key Information:

Vendor: Nvidia
Status: Nvidia Container Toolkit; Nvidia Gpu Operator
Vendor: CVE Published:; 28 January 2025

Summary

The NVIDIA Container Toolkit exhibits an improper isolation vulnerability due to misconfigured container settings. When a specially crafted container image is introduced, it could allow untrusted code to execute within the host's network namespace. This vulnerability is particularly concerning when the toolkit is set up in non-standard configurations. Its exploitation may potentially result in denial of service and unauthorized escalation of privileges, impacting the overall security posture of the systems utilizing the toolkit.

Affected Version(s)

NVIDIA Container Toolkit Linux All versions up to and including v1.17.0

NVIDIA GPU Operator Linux All versions up to and including 24.9.0

References

https://nvidia.custhelp.com/app/answers/detail/a_id/5599

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Jan 28, 2025
Vulnerability Reserved
Dec 2, 2023