Time-of-Check Time-of-Use Vulnerability in NVIDIA Container Toolkit for Linux
CVE-2025-23359

8.3HIGH

Key Information:

Vendor
Nvidia
Status
Container Toolkit
Gpu Operator
Vendor
CVE Published:
12 February 2025

Badges

📈 Score: 919👾 Exploit Exists📰 News Worthy

What is CVE-2025-23359?

CVE-2025-23359 is a vulnerability found in the NVIDIA Container Toolkit for Linux, a tool designed to simplify the deployment of GPU-accelerated containers. This vulnerability stems from a Time-of-Check Time-of-Use (TOCTOU) flaw when the toolkit is used with its default settings. If an attacker creates a malicious container image, they could exploit this vulnerability to gain unauthorized access to the host file system. Such access can lead to severe consequences for organizations, including unauthorized execution of code, system outages, and potential breaches of sensitive information.

Technical Details

The CVE-2025-23359 vulnerability is characterized by a TOCTOU vulnerability that occurs when an application's security check fails to account for changes that may occur after the check has been completed but before a resource is actually used. In this context, a crafted container image can manipulate this timing window to execute unintended commands or access restricted areas of the file system. The default configuration of the NVIDIA Container Toolkit may inadvertently facilitate such exploitative maneuvers, thus compromising system integrity and security.

Potential Impact of CVE-2025-23359

  1. Code Execution: The vulnerability gives attackers the potential to execute arbitrary code on the host system, which can lead to total compromise of the system and its resources.

  2. Denial of Service: By leveraging this vulnerability, malicious actors can render services unavailable, causing disruptions to business operations and potential financial loss.

  3. Information Disclosure and Data Tampering: Attackers could gain access to sensitive data stored on the host system, leading to unauthorized disclosure or alteration of critical information, undermining data integrity and confidentiality.

Affected Version(s)

Container Toolkit Linux All versions up to and including 1.17.3

GPU Operator Linux All versions up to and including 24.9.1

News Articles

Patch Now: NVDIA Flaws Expose AI Models, Critical Infrastructure

A fix for a critical flaw in a tool allowing organizations to run GPU-accelerated containers released last year did not fully mitigate the issue, spurring the need to patch a secondary flaw to protect organizations that rely on its processors for AI workloads.

1 week ago

favicon imageTechNadu

NVIDIA Container Toolkit Flaw Allows Full System Access - TechNadu

Attackers could bypass a patched NVIDIA Container Toolkit flaw CVE-2025-23359 via breaking out of a container's isolation protections.

favicon imageSystemTek

NVIDIA Container Toolkit For Linux Time-of-Check Time-of-Use Vulnerability (CVE-2025-23359)

CVE-2025-23359 - NVIDIA Container Toolkit for Linux contains a Time-of-Check Time-of-Use (TOCTOU) vulnerability when used with default configuration, where a crafted container image could gain access to the host file system.

References

https://nvidia.custhelp.com/app/answers/detail/a_id/5616

CVSS V3.1

Score:
8.3
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
Required
Scope:
Changed

Timeline

  • 👾

    Exploit known to exist

  • 📰

    First article discovered by The Hacker News

  • Vulnerability published

  • Vulnerability Reserved

.