Primary

Context

NVIDIA Container Toolkit Improper Isolation Vulnerability Allowing Host Binary Modification

Vulnerability

An improper isolation vulnerability has been identified in the NVIDIA Container Toolkit. A specially crafted container image could modify a host binary, potentially leading to code execution, denial of service, privilege escalation, information disclosure, and data tampering. This vulnerability affects all versions of the NVIDIA Container Toolkit up to and including v1.17.2.

Impact

Exploitation of this vulnerability could result in unauthorized modification of host binaries, allowing for code execution, denial of service, privilege escalation, information disclosure, and data tampering.

Remediation

Users should upgrade to NVIDIA Container Toolkit v1.17.3. Instructions for updating can be found in the NVIDIA Container Toolkit documentation. Additionally, for those using NVIDIA GPU Operator, the updated version 24.9.1 should be installed.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

2.8

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

2.8

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

NVIDIA Container Toolkit Improper Isolation Vulnerability Allowing Host Binary Modification

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating