Fedora: Security Advisory (FEDORA-2024-cd6112750e)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Incomplete Patch in NVIDIA Toolkit Leaves CVE-2024-0132 Open to Container Escapes

Cybersecurity researchers have detailed a case of an incomplete patch for a previously addressed security flaw impacting the NVIDIA Container Toolkit that, if successfully exploited, could put sensitive data at risk. The original vulnerability CVE-2024-0132 CVSS score: 9.0 is a Time-of-Check...

Important: nvidia-container-toolkit

Issue Overview: NVIDIA Container Toolkit 1.16.1 or earlier contains a Time-of-check Time-of-Use TOCTOU vulnerability when used with default configuration where a specifically crafted container image may gain access to the host file system. This does not impact use cases where CDI is used. A...

How Wiz found a Critical NVIDIA AI vulnerability:  Deep Dive into a container escape (CVE-2024-0132)

Technical details on a critical severity vulnerability CVE-2024-0132 in NVIDIA Container Toolkit and GPU Operator, affecting cloud service providers...

Azure Linux 3.0 Security Update: nvidia-container-toolkit (CVE-2024-0132-M)

The version of nvidia-container-toolkit installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-0132-M advisory. - NIST NVD Details CVE-2024-0132 Note that Nessus has not tested for this issue but has...

Azure Linux 3.0 Security Update: nvidia-container-toolkit (CVE-2024-0132)

The version of nvidia-container-toolkit installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-0132 advisory. - NVIDIA Container Toolkit 1.16.1 or earlier contains a Time-of-check Time-of-Use TOCTOU...

Fedora 41 : golang-github-nvidia-container-toolkit (2024-cd6112750e)

The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-cd6112750e advisory. Update to 1.16.2 Fixes CVE-2024-0132 or GHSA-mjjw-553x-87pq, and CVE-2024-0133 or GHSA-f748-7hpg-88ch Tenable has extracted the preceding descriptio...

Fedora: Security Advisory (FEDORA-2024-8c218846ee)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 40 : golang-github-nvidia-container-toolkit (2024-8c218846ee)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-8c218846ee advisory. Update to 1.16.2 Fixes CVE-2024-0132 or GHSA-mjjw-553x-87pq, and CVE-2024-0133 or GHSA-f748-7hpg-88ch Tenable has extracted the preceding descriptio...

openSUSE Security Advisory (SUSE-SU-2024:3950-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

govulncheck-vulndb-0.0.20241104T154416-1.1 on GA media (moderate)

govulncheck-vulndb-0.0.20241104T154416-1.1 on GA media Announcement ID: openSUSE-SU-2024:14458-1 Rating: moderate Cross-References: CVE-2024-0132 CVE-2024-0133 CVE-2024-10005 CVE-2024-10006 CVE-2024-10086 CVE-2024-10452 CVE-2024-46872 CVE-2024-47401 CVE-2024-50052 CVSS scores: CVE-2024-0132 SUSE ...

CBL Mariner 2.0 Security Update: nvidia-container-toolkit (CVE-2024-0132-M)

The version of nvidia-container-toolkit installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-0132-M advisory. - NIST NVD Details CVE-2024-0132 Note that Nessus has not tested for this issue but has...

CBL Mariner 2.0 Security Update: nvidia-container-toolkit (CVE-2024-0132)

The version of nvidia-container-toolkit installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-0132 advisory. - NVIDIA Container Toolkit 1.16.1 or earlier contains a Time-of-check Time-of-Use TOCTOU...

CVE-2024-0132 affecting package nvidia-container-toolkit for versions less than 1.16.2-1

CVE-2024-0132 affecting package nvidia-container-toolkit for versions less than 1.16.2-1. An upgraded version of the package is available that resolves this issue...

CVE-2024-0132 affecting package nvidia-container-toolkit for versions less than 1.16.2-1

CVE-2024-0132 affecting package nvidia-container-toolkit for versions less than 1.16.2-1. An upgraded version of the package is available that resolves this issue...

NVIDIA: CVE-2024-0132 Container Toolkit 1.16.1 and Earlier Time-of-check Time-of Use Vulnerability

...

NVIDIA Container Toolkit < 1.16.2 Multiple Vulnerabilities

The version of NVIDIA Container Toolkit installed on the remote host is prior to 1.16.2. It is, therefore, affected by multiple vulnerabilities as referenced in the September 2024 Security Bulletin. - NVIDIA Container Toolkit 1.16.1 or earlier contains a Time-of-check Time-of-Use TOCTOU...

Critical NVIDIA Container Toolkit Vulnerability Could Grant Full Host Access to Attackers

A critical security flaw has been disclosed in the NVIDIA Container Toolkit that, if successfully exploited, could allow threat actors to break out of the confines of a container and gain full access to the underlying host. The vulnerability, tracked as CVE-2024-0132, carries a CVSS score of 9.0...

CVE-2024-0132

creationtimestamp| type| source ---|---|--- 2024-09-26 08:46:30+00:00| seen| https://t.me/cvedetector/6385 2024-09-27 09:03:26+00:00| seen| https://t.me/KomunitiSiber/2638 2024-09-27 11:57:43+00:00| seen| Telegram/RuAQlUKocXlT4ofSDLT3CByJGT5eproP32lBf1VKLLCew 2024-09-27 11:57:44+00:00| seen|...

CVE-2024-0132 vulnerabilities

Vulnerabilities for packages: nvidia-container-toolkit, nvidia-gpu-operator-validator...