Lucene search
+L

201 matches found

The Hacker News
The Hacker News
added 2025/02/12 2:4 p.m.23 views

Researchers Find New Exploit Bypassing Patched NVIDIA Container Toolkit Vulnerability

Cybersecurity researchers have discovered a bypass for a now-patched security vulnerability in the NVIDIA Container Toolkit that could be exploited to break out of a container's isolation protections and gain complete access to the underlying host. The new vulnerability is being tracked as...

9CVSS8.4AI score0.37055EPSS
Exploits3
RedhatCVE
RedhatCVE
added 2025/02/12 8:57 a.m.14 views

CVE-2025-23359

A flaw was found in the NVIDIA Container Toolkit for Linux. This vulnerability allows a crafted container image to gain access to the host file system via a Time-of-Check Time-of-Use TOCTOU flaw in the default configuration, potentially leading to code execution, denial of service, escalation of...

8.3CVSS8.4AI score0.03577EPSS
Exploits1References4
OSV
OSV
added 2025/02/12 1:15 a.m.3 views

AZL-56857 CVE-2025-23359 affecting package nvidia-container-toolkit for versions less than 1.17.4-1

NVIDIA Container Toolkit for Linux contains a Time-of-Check Time-of-Use TOCTOU vulnerability when used with default configuration, where a crafted container image could gain access to the host file system. A successful exploit of this vulnerability might lead to code execution, denial of service,...

8.3CVSS7.4AI score0.03577EPSS
Exploits1References1
NVD
NVD
added 2025/02/12 1:15 a.m.16 views

CVE-2025-23359

NVIDIA Container Toolkit for Linux contains a Time-of-Check Time-of-Use TOCTOU vulnerability when used with default configuration, where a crafted container image could gain access to the host file system. A successful exploit of this vulnerability might lead to code execution, denial of service,...

8.3CVSS0.03577EPSS
Exploits1References2
OSV
OSV
added 2025/02/12 1:15 a.m.5 views

AZL-56852 CVE-2025-23359 affecting package nvidia-container-toolkit for versions less than 1.17.4-1

NVIDIA Container Toolkit for Linux contains a Time-of-Check Time-of-Use TOCTOU vulnerability when used with default configuration, where a crafted container image could gain access to the host file system. A successful exploit of this vulnerability might lead to code execution, denial of service,...

8.3CVSS5.8AI score0.03577EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/02/12 12:52 a.m.14 views

CVE-2025-23359

NVIDIA Container Toolkit for Linux contains a Time-of-Check Time-of-Use TOCTOU vulnerability when used with default configuration, where a crafted container image could gain access to the host file system. A successful exploit of this vulnerability might lead to code execution, denial of service,...

8.3CVSS8.5AI score0.03577EPSS
Exploits1References1
CVE
CVE
added 2025/02/12 12:52 a.m.155 views

CVE-2025-23359

The CVE-2025-23359 issue affects the NVIDIA container-toolkit for Linux, where a TOCTOU race under default configuration allows a crafted container image to access the host filesystem, potentially enabling code execution, DoS, privilege escalation, information disclosure, or data tampering. Publi...

8.3CVSS8.5AI score0.03577EPSS
Exploits1References2Affected Software2
Cvelist
Cvelist
added 2025/02/12 12:52 a.m.18 views

CVE-2025-23359

NVIDIA Container Toolkit for Linux contains a Time-of-Check Time-of-Use TOCTOU vulnerability when used with default configuration, where a crafted container image could gain access to the host file system. A successful exploit of this vulnerability might lead to code execution, denial of service,...

8.3CVSS0.03577EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/02/12 12:0 a.m.5 views

NVIDIA Container Toolkit 安全漏洞

NVIDIA Container Toolkit is a container toolkit from NVIDIA, Inc. Allows users to build and run GPU-accelerated containers. A security vulnerability exists in NVIDIA Container Toolkit versions prior to 24.9.2, which stems from the inclusion of a time-of-check time-of-use TOCTOU vulnerability when...

8.3CVSS8.9AI score0.03577EPSS
Exploits1References2
Nvidia
Nvidia
added 2025/02/11 12:0 a.m.31 views

Security Bulletin: NVIDIA Container Toolkit - 11 February 2025

NVIDIA has released a software update for NVIDIA® Container Toolkit and NVIDIA GPU Operator. To protect your system, install the software update as described in the installation section of the NVIDIA Container Toolkit documentation and the NVIDIA GPU Operator documentation. Go to NVIDIA Product...

8.3CVSS8.8AI score0.03577EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2025/02/11 12:0 a.m.6 views

PT-2025-6424

Name of the Vulnerable Software and Affected Versions NVIDIA Container Toolkit versions up to and including 1.17.3 NVIDIA GPU Operator versions up to and including 24.9.1 Description NVIDIA Container Toolkit and NVIDIA GPU Operator are affected by a Time-of-Check Time-of-Use TOCTOU vulnerability...

8.3CVSS9.4AI score0.03577EPSS
Exploits1References52
Tenable Nessus
Tenable Nessus
added 2025/02/10 12:0 a.m.16 views

Azure Linux 3.0 Security Update: nvidia-container-toolkit (CVE-2024-0133)

The version of nvidia-container-toolkit installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-0133 advisory. - NVIDIA Container Toolkit 1.16.1 or earlier contains a vulnerability in the default mode of...

4.1CVSS6.1AI score0.00235EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/02/10 12:0 a.m.15 views

Azure Linux 3.0 Security Update: nvidia-container-toolkit (CVE-2024-0132-M)

The version of nvidia-container-toolkit installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-0132-M advisory. - NIST NVD Details CVE-2024-0132 Note that Nessus has not tested for this issue but has...

9CVSS8.6AI score0.37055EPSS
Exploits2References1
Tenable Nessus
Tenable Nessus
added 2025/02/10 12:0 a.m.9 views

Azure Linux 3.0 Security Update: nvidia-container-toolkit (CVE-2024-0132)

The version of nvidia-container-toolkit installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-0132 advisory. - NVIDIA Container Toolkit 1.16.1 or earlier contains a Time-of-check Time-of-Use TOCTOU...

9CVSS8.6AI score0.37055EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2025/02/10 12:0 a.m.10 views

Azure Linux 3.0 Security Update: nvidia-container-toolkit (CVE-2024-0134)

The version of nvidia-container-toolkit installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-0134 advisory. - NVIDIA Container Toolkit and NVIDIA GPU Operator for Linux contain a UNIX vulnerability whe...

4.1CVSS5.3AI score0.00376EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/02/09 12:0 a.m.13 views

Fedora 40 : golang-github-nvidia-container-toolkit (2025-76012a9a99)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-76012a9a99 advisory. Update to 1.17.3 Fixes CVE-2024-0134 or GHSA-7jm9-xpwx-v999 Fixes CVE-2024-0135 or GHSA-9v84-cc9j-pxr6, CVE-2024-0136 or GHSA-vcfp-63cx-4h59, and...

8.4CVSS6.2AI score0.01088EPSS
Exploits0References5
Fedora
Fedora
added 2025/02/08 2:17 a.m.18 views

[SECURITY] Fedora 41 Update: golang-github-nvidia-container-toolkit-1.17.3-1.fc41

The NVIDIA Container Toolkit allows users to build and run NVIDIA GPU accelerated containers. The toolkit includes a container runtime library and utilities to automatically configure containers to leverage NVIDIA GPUs...

8.4CVSS7.2AI score0.01088EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2025/01/29 4:12 a.m.2 views

SUSE CVE-2024-0135

NVIDIA Container Toolkit contains an improper isolation vulnerability where a specially crafted container image could lead to modification of a host binary. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, information disclosure,...

7.6CVSS7.2AI score0.01088EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2025/01/29 4:12 a.m.4 views

SUSE CVE-2024-0136

NVIDIA Container Toolkit contains an improper isolation vulnerability where a specially crafted container image could lead to untrusted code obtaining read and write access to host devices. This vulnerability is present only when the NVIDIA Container Toolkit is configured in a nondefault way. A...

7.6CVSS7.2AI score0.0066EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2025/01/29 4:12 a.m.3 views

SUSE CVE-2024-0137

NVIDIA Container Toolkit contains an improper isolation vulnerability where a specially crafted container image could lead to untrusted code running in the host's network namespace. This vulnerability is present only when the NVIDIA Container Toolkit is configured in a nondefault way. A successfu...

5.5CVSS5.7AI score0.00318EPSS
Exploits0References4
Rows per page
Query Builder