Security News > 2024 > September > Critical NVIDIA Container Toolkit Vulnerability Could Grant Full Host Access to Attackers

Critical NVIDIA Container Toolkit Vulnerability Could Grant Full Host Access to Attackers
2024-09-27 05:54

A critical security flaw has been disclosed in the NVIDIA Container Toolkit that, if successfully exploited, could allow threat actors to break out of the confines of a container and gain full access to the underlying host. The vulnerability, tracked as CVE-2024-0132, carries a CVSS score of 9.0 out of a maximum of 10.0. It has been addressed in NVIDIA Container Toolkit version v1.16.2 and


News URL

https://thehackernews.com/2024/09/critical-nvidia-container-toolkit.html

Related news

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2024-09-26 CVE-2024-0132 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Nvidia Container Toolkit and Nvidia GPU Operator
NVIDIA Container Toolkit 1.16.1 or earlier contains a Time-of-check Time-of-Use (TOCTOU) vulnerability when used with default configuration where a specifically crafted container image may gain access to the host file system.
network
high complexity
nvidia CWE-367
8.3
8.3

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Nvidia 235 12 178 319 15 524