Time-of-Check Time-of-Use Vulnerability in NVIDIA Container Toolkit for Linux
CVE-2025-23359

8.3HIGH

Key Information:

Vendor: Nvidia
Status: Container Toolkit; Gpu Operator
Vendor: CVE Published:; 12 February 2025

Summary

The NVIDIA Container Toolkit for Linux is susceptible to a Time-of-Check Time-of-Use (TOCTOU) vulnerability, especially when operated under its default configuration. This flaw allows maliciously crafted container images to potentially access the host file system. Successful exploitation could result in various security issues, including unauthorized code execution, denial of service, elevated user privileges, and even sensitive data exposure or manipulation.

Affected Version(s)

Container Toolkit Linux All versions up to and including 1.17.3

GPU Operator Linux All versions up to and including 24.9.1

References

https://nvidia.custhelp.com/app/answers/detail/a_id/5616

CVSS V3.1

Score:

8.3

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Feb 12, 2025
Vulnerability Reserved
Jan 14, 2025