Critical flaw in NVIDIA Container Toolkit allows full host takeover

A critical vulnerability in NVIDIA Container Toolkit impacts all AI applications in a cloud or on-premise environment that rely on it to access GPU resources.

The security issue is tracked as CVE-2024-0132 and allows an adversary to perform container escape attacks and gain full access to the host system, where they could execute commands or exfiltrate sensitive information.

The particular library comes pre-installed in many AI-focused platforms and virtual machine images and is the standard tool for GPU access when NVIDIA hardware is involved.

According to Wiz Research, more than 35% of cloud environments are at risk of attacks exploiting the vulnerability

Container escape flaw

The security issue CVE-2024-0132 received a critical-severity score of 9.0. It is a container escape problem that affects NVIDIA Container Toolkit 1.16.1 and earlier, and GPU Operator 24.6.1 and older.

The problem is a lack of secure isolation of the containerized GPU from the host, allowing containers to mount sensitive parts of the host filesystem or access runtime resources like Unix sockets for inter-process communication.

While most filesystems are mounted with “read-only” permissions, certain Unix sockets such as ‘docker.sock’ and ‘containerd.sock’ remain writable, allowing direct interactions with the host, including command execution.

An attacker can take advantage of this omission via a specially crafted container image and reach the host when executed.

Wiz says that such an attack could be carried out either directly, via shared GPU resources, or indirectly, when the target runs an image downloaded from a bad source.

Wiz researchers discovered the vulnerability and reported it to NVIDIA on September 1st. The GPU maker acknowledged the report a couple of days later, and released a fix on September 26th.

Impacted users are recommended to upgrade to NVIDIA Container Toolkit version 1.16.2 and NVIDIA GPU Operator 24.6.2.

Technical details for the exploiting the security issue remain private for now, to give impacted organizations time to mitigate the issue in their environments. However, the researchers are planning to release more technical information.

Bill Toulas

Kommentar verfassen Kommentieren abbrechen

London, GB

6:06 pm, Jan. 27, 2025

8°C

L: 8° | H: 9°

Fühlt sich an wie 4°C° light rain

Luftfeuchtigkeit: 80 %

Druck: 983 mb

Wind: 17 mph S

Windböe: 32 mph

UV-Index: 0

Niederschlag: 0.19 mm

Wolken: 75%

Regen Chance: 0%

Sichtbarkeit: 10 km

Sonnenaufgang: 7:45 am

Sonnenuntergang: 4:40 pm

TäglichStündlich

Tägliche VorhersageStündliche Vorhersage

Today 9:00 pm

8° | 9°°C 0 mm 0% 18 mph 76 % 983 mb 0 mm/h

Tomorrow 9:00 pm

7° | 9°°C 1 mm 100% 20 mph 87 % 994 mb 0 mm/h

Mi. Jan. 29 9:00 pm

6° | 8°°C 0.61 mm 61% 13 mph 89 % 1009 mb 0 mm/h

Do. Jan. 30 9:00 pm

4° | 7°°C 1 mm 100% 9 mph 86 % 1029 mb 0 mm/h

Fr. Jan. 31 9:00 pm

3° | 6°°C 1 mm 100% 5 mph 93 % 1034 mb 0 mm/h

Today 9:00 pm

7° | 8°°C 0 mm 0% 18 mph 76 % 983 mb 0 mm/h

Tomorrow 12:00 am

7° | 7°°C 0.2 mm 20% 20 mph 82 % 982 mb 0 mm/h

Tomorrow 3:00 am

8° | 8°°C 1 mm 100% 20 mph 85 % 980 mb 0 mm/h

Tomorrow 6:00 am

9° | 9°°C 1 mm 100% 17 mph 83 % 979 mb 0 mm/h

Tomorrow 9:00 am

9° | 9°°C 1 mm 100% 14 mph 82 % 980 mb 0 mm/h

Tomorrow 12:00 pm

8° | 8°°C 1 mm 100% 10 mph 86 % 981 mb 0 mm/h

Tomorrow 3:00 pm

8° | 8°°C 1 mm 100% 12 mph 84 % 983 mb 0 mm/h

Tomorrow 6:00 pm

7° | 7°°C 1 mm 100% 15 mph 87 % 988 mb 0 mm/h

Name	Preis	24H (%)
Bitcoin(BTC)	€94,591.68	-5.54%
Ethereum(ETH)	€2,929.58	-7.97%
XRP(XRP)	€2.78	-6.40%
Fesseln(USDT)	€0.95	-0.03%
Solana(SOL)	€216.48	-11.50%
USDC(USDC)	€0.95	0.00%
Dogecoin(DOGE)	€0.306079	-9.03%
Shiba Inu(SHIB)	€0.000017	-7.82%
Pepe(PEPE)	€0.000012	-16.26%
Peanut das Eichhörnchen(PNUT)	€0.342091	3.03%

Critical flaw in NVIDIA Container Toolkit allows full host takeover

Teilen:

Container escape flaw

Kommentar verfassen Kommentieren abbrechen

Verbindung zum Dienstprogramm

Nützlicher Link

Newsletter

Folgen Sie uns