Описание
NVIDIA Container Toolkit contains an improper isolation vulnerability where a specially crafted container image could lead to modification of a host binary. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.
An improper isolation vulnerability was found in the NVIDIA Container Toolkit, where a specially crafted container image could lead to modification of a host binary. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.
Отчет
Due to certain circumstances, this vulnerability in the NVIDIA Container Toolkit is not affecting Red Hat Products and is rated as Important severity rather than Critical. First, a specifically crafted container image is required for effective exploitation. Only Red Hat Signed containers are offered. Additionally, user interaction is required for exploitation, further reducing the likelihood of an attack. Most importantly, this vulnerability does not impact use cases that comply with our operating procedures by utilizing the Container Device Interface (CDI). As a result, this vulnerability does not affect Red Hat products because of the use of CDI. Furthermore, for an attacker to deploy a crafted container image, they would need an environment that permits untrusted containers, which is a scenario that is not typical for Red Hat customers.
Меры по смягчению последствий
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 9 | toolbox | Not affected |
Показывать по
Дополнительная информация
Статус:
7.6 High
CVSS3
Связанные уязвимости
NVIDIA Container Toolkit contains an improper isolation vulnerability where a specially crafted container image could lead to modification of a host binary. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.
NVIDIA Container Toolkit contains an improper isolation vulnerability where a specially crafted container image could lead to modification of a host binary. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.
Уязвимость программного обеспечения для создания и запуска контейнеров NVIDIA Container Toolkit, связанная с недостаточным пространственным разделением, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации
7.6 High
CVSS3