Exploits

Critical Flaw in NVIDIA Container Toolkit Allows Full Host Access

Published  ·  1 min read

A critical security vulnerability has been discovered in the NVIDIA Container Toolkit, potentially allowing attackers to escape container isolation and gain full access to the host system.

Tracked as CVE-2024-0132, the flaw has a CVSS score of 9.0, making it highly severe. The vulnerability exists in NVIDIA Container Toolkit versions 1.16.1 and earlier, as well as NVIDIA GPU Operator versions 24.6.1 and earlier, and is caused by a Time-of-Check Time-of-Use (TOCTOU) flaw in the default configuration. NVIDIA has released updates (v1.16.2 and v24.6.2) to address the issue.

Cloud security firm Wiz identified the flaw, noting that it could allow an attacker to create a malicious container image that escapes the container’s boundaries and gains full control of the host. This could happen in scenarios like supply chain attacks or shared GPU resource environments.

The attack can grant access to Container Runtime Unix sockets (like docker.sock), enabling the attacker to run arbitrary commands with root privileges, posing a severe threat to multi-tenant environments where multiple applications share the same host.

Though technical details are withheld to prevent exploitation, users are urged to apply patches immediately to avoid potential breaches.

Professional Services

Explore Our Cybersecurity Services

Our insights are backed by hands-on service delivery. If your business needs professional cybersecurity support, our UK-based specialists are ready to help.

© 2016 – 2026 Red Secure Tech Ltd. Registered in England and Wales — Company No: 15581067