Primary

Context

NVIDIA Container Toolkit Arbitrary Code Execution Vulnerability Allowing Privilege Escalation

Vulnerability

A vulnerability exists in the NVIDIA Container Toolkit for all platforms, specifically within certain hooks used to initialize containers. This vulnerability allows an attacker to execute arbitrary code with elevated permissions. Exploitation of this issue could result in unauthorized privilege escalation, data tampering, information disclosure, and denial-of-service conditions.

Impact

Exploitation of this vulnerability could lead to unauthorized execution of code with elevated privileges, allowing for privilege escalation, data tampering, unauthorized information access, and denial-of-service conditions.

Remediation

Users can update to NVIDIA Container Toolkit version 1.17.8. For those using the NVIDIA GPU Operator, version 25.3.1 is available. Instructions for updating both the Container Toolkit and GPU Operator can be found in the respective documentation.

Added: Jul 17, 2025, 8:44 PM

Updated: Jul 17, 2025, 9:55 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

3.3

remediation

0.0

relevance

0.3

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

3.3

remediation

0.0

relevance

0.3

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

NVIDIA Container Toolkit Arbitrary Code Execution Vulnerability Allowing Privilege Escalation

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating