Vulnerabilities > CVE-2024-0134 - Unspecified vulnerability in Nvidia Container Toolkit and Nvidia GPU Operator

CVSS 4.1 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

NONE

Integrity impact

LOW

Availability impact

NONE

network

low complexity

nvidia

NVD

Published: 2024-11-05

Updated: 2024-11-08

Summary

NVIDIA Container Toolkit and NVIDIA GPU Operator for Linux contain a UNIX vulnerability where a specially crafted container image can lead to the creation of unauthorized files on the host. The name and location of the files cannot be controlled by an attacker. A successful exploit of this vulnerability might lead to data tampering.

Vulnerable Configurations

Part	Description	Count
Application	Nvidia Nvidia Nvidia Container Toolkit * Nvidia Nvidia GPU Operator *	2
OS	Linux Linux Linux Kernel -	1

References

https://nvidia.custhelp.com/app/answers/detail/a_id/5585