CVE-2024-0132: Critical Vulnerability in NVIDIA Container Toolkit

Overview:

A critical security vulnerability has been disclosed in NVIDIA Container Toolkit v1.16.2 and NVIDIA GPU Operator v24.6.2. The critical security flaw, if exploited could allow threat actors to break out of the confines of a container and gain full access to the host machine.

CVECVE-2024-0132
CVE-2024-0133
CVSS v3Highest 9.0
Publish Date09-Sep-2024
Impacted Software<=v1.16.1 for NVIDIA Container Toolkit
<=v24.6.1 for NVIDIA GPU Operator
Exploit availabilityNO as on post date

CVE-2024-0132 is discovered by WIZ research team. CVE exploit Time-of-check Time-of-use (TOCTOU) Race Condition


Comments

Leave a Reply

Your email address will not be published. Required fields are marked *