201 matches found
Researchers Find New Exploit Bypassing Patched NVIDIA Container Toolkit Vulnerability
Cybersecurity researchers have discovered a bypass for a now-patched security vulnerability in the NVIDIA Container Toolkit that could be exploited to break out of a container's isolation protections and gain complete access to the underlying host. The new vulnerability is being tracked as...
CVE-2025-23359
A flaw was found in the NVIDIA Container Toolkit for Linux. This vulnerability allows a crafted container image to gain access to the host file system via a Time-of-Check Time-of-Use TOCTOU flaw in the default configuration, potentially leading to code execution, denial of service, escalation of...
AZL-56857 CVE-2025-23359 affecting package nvidia-container-toolkit for versions less than 1.17.4-1
NVIDIA Container Toolkit for Linux contains a Time-of-Check Time-of-Use TOCTOU vulnerability when used with default configuration, where a crafted container image could gain access to the host file system. A successful exploit of this vulnerability might lead to code execution, denial of service,...
CVE-2025-23359
NVIDIA Container Toolkit for Linux contains a Time-of-Check Time-of-Use TOCTOU vulnerability when used with default configuration, where a crafted container image could gain access to the host file system. A successful exploit of this vulnerability might lead to code execution, denial of service,...
AZL-56852 CVE-2025-23359 affecting package nvidia-container-toolkit for versions less than 1.17.4-1
NVIDIA Container Toolkit for Linux contains a Time-of-Check Time-of-Use TOCTOU vulnerability when used with default configuration, where a crafted container image could gain access to the host file system. A successful exploit of this vulnerability might lead to code execution, denial of service,...
CVE-2025-23359
NVIDIA Container Toolkit for Linux contains a Time-of-Check Time-of-Use TOCTOU vulnerability when used with default configuration, where a crafted container image could gain access to the host file system. A successful exploit of this vulnerability might lead to code execution, denial of service,...
CVE-2025-23359
The CVE-2025-23359 issue affects the NVIDIA container-toolkit for Linux, where a TOCTOU race under default configuration allows a crafted container image to access the host filesystem, potentially enabling code execution, DoS, privilege escalation, information disclosure, or data tampering. Publi...
CVE-2025-23359
NVIDIA Container Toolkit for Linux contains a Time-of-Check Time-of-Use TOCTOU vulnerability when used with default configuration, where a crafted container image could gain access to the host file system. A successful exploit of this vulnerability might lead to code execution, denial of service,...
NVIDIA Container Toolkit 安全漏洞
NVIDIA Container Toolkit is a container toolkit from NVIDIA, Inc. Allows users to build and run GPU-accelerated containers. A security vulnerability exists in NVIDIA Container Toolkit versions prior to 24.9.2, which stems from the inclusion of a time-of-check time-of-use TOCTOU vulnerability when...
Security Bulletin: NVIDIA Container Toolkit - 11 February 2025
NVIDIA has released a software update for NVIDIA® Container Toolkit and NVIDIA GPU Operator. To protect your system, install the software update as described in the installation section of the NVIDIA Container Toolkit documentation and the NVIDIA GPU Operator documentation. Go to NVIDIA Product...
PT-2025-6424
Name of the Vulnerable Software and Affected Versions NVIDIA Container Toolkit versions up to and including 1.17.3 NVIDIA GPU Operator versions up to and including 24.9.1 Description NVIDIA Container Toolkit and NVIDIA GPU Operator are affected by a Time-of-Check Time-of-Use TOCTOU vulnerability...
Azure Linux 3.0 Security Update: nvidia-container-toolkit (CVE-2024-0133)
The version of nvidia-container-toolkit installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-0133 advisory. - NVIDIA Container Toolkit 1.16.1 or earlier contains a vulnerability in the default mode of...
Azure Linux 3.0 Security Update: nvidia-container-toolkit (CVE-2024-0132-M)
The version of nvidia-container-toolkit installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-0132-M advisory. - NIST NVD Details CVE-2024-0132 Note that Nessus has not tested for this issue but has...
Azure Linux 3.0 Security Update: nvidia-container-toolkit (CVE-2024-0132)
The version of nvidia-container-toolkit installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-0132 advisory. - NVIDIA Container Toolkit 1.16.1 or earlier contains a Time-of-check Time-of-Use TOCTOU...
Azure Linux 3.0 Security Update: nvidia-container-toolkit (CVE-2024-0134)
The version of nvidia-container-toolkit installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-0134 advisory. - NVIDIA Container Toolkit and NVIDIA GPU Operator for Linux contain a UNIX vulnerability whe...
Fedora 40 : golang-github-nvidia-container-toolkit (2025-76012a9a99)
The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-76012a9a99 advisory. Update to 1.17.3 Fixes CVE-2024-0134 or GHSA-7jm9-xpwx-v999 Fixes CVE-2024-0135 or GHSA-9v84-cc9j-pxr6, CVE-2024-0136 or GHSA-vcfp-63cx-4h59, and...
[SECURITY] Fedora 41 Update: golang-github-nvidia-container-toolkit-1.17.3-1.fc41
The NVIDIA Container Toolkit allows users to build and run NVIDIA GPU accelerated containers. The toolkit includes a container runtime library and utilities to automatically configure containers to leverage NVIDIA GPUs...
SUSE CVE-2024-0135
NVIDIA Container Toolkit contains an improper isolation vulnerability where a specially crafted container image could lead to modification of a host binary. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, information disclosure,...
SUSE CVE-2024-0136
NVIDIA Container Toolkit contains an improper isolation vulnerability where a specially crafted container image could lead to untrusted code obtaining read and write access to host devices. This vulnerability is present only when the NVIDIA Container Toolkit is configured in a nondefault way. A...
SUSE CVE-2024-0137
NVIDIA Container Toolkit contains an improper isolation vulnerability where a specially crafted container image could lead to untrusted code running in the host's network namespace. This vulnerability is present only when the NVIDIA Container Toolkit is configured in a nondefault way. A successfu...