Описание
NVIDIA Container Toolkit for all platforms contains a vulnerability in some hooks used to initialize the container, where an attacker could execute arbitrary code with elevated permissions. A successful exploit of this vulnerability might lead to escalation of privileges, data tampering, information disclosure, and denial of service.
A flaw was found in the NVIDIA Container Toolkit. This vulnerability allows execution of arbitrary code with elevated permissions via improperly secured container initialization hooks. This can potentially lead to privilege escalation, data tampering, information disclosure, and denial of service.
Отчет
RHEL AI is not affected because it uses CDI mode with NVIDIA Container Toolkit versions later than 1.17.5, which are not vulnerable, and does not rely on the enable-cuda-compat hook, thereby eliminating the attack vector entirely. This vulnerability is marked as Important rather than Critical primarily due to its attack prerequisites and execution context, despite its high CVSS score. While the vulnerability allows privilege escalation via the enable-cuda-compat hook in the NVIDIA Container Toolkit, it is not exploitable remotely—it requires local access and low privileges within a containerized environment. This significantly reduces its initial attack surface compared to a truly critical vulnerability that could be exploited over the network without authentication.
Меры по смягчению последствий
No mitigation is currently available that meets Red Hat Product Security’s standards for usability, deployment, applicability, or stability.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux AI (RHEL AI) | rhelai1/bootc-amd-rhel9 | Not affected | ||
| Red Hat Enterprise Linux AI (RHEL AI) | rhelai1/bootc-aws-nvidia-rhel9 | Not affected | ||
| Red Hat Enterprise Linux AI (RHEL AI) | rhelai1/bootc-azure-amd-rhel9 | Not affected | ||
| Red Hat Enterprise Linux AI (RHEL AI) | rhelai1/bootc-azure-nvidia-rhel9 | Not affected | ||
| Red Hat Enterprise Linux AI (RHEL AI) | rhelai1/bootc-gcp-nvidia-rhel9 | Not affected | ||
| Red Hat Enterprise Linux AI (RHEL AI) | rhelai1/bootc-intel-rhel9 | Not affected | ||
| Red Hat Enterprise Linux AI (RHEL AI) | rhelai1/bootc-nvidia-rhel9 | Not affected | ||
| Red Hat Enterprise Linux AI (RHEL AI) | rhelai1/granite-3.1-8b-lab-v2.1 | Not affected | ||
| Red Hat Enterprise Linux AI (RHEL AI) | rhelai1/granite-3.1-8b-starter-v2.1 | Not affected | ||
| Red Hat Enterprise Linux AI (RHEL AI) | rhelai1/instructlab-amd-rhel9 | Not affected |
Показывать по
Дополнительная информация
Статус:
9 Critical
CVSS3
Связанные уязвимости
NVIDIA Container Toolkit for all platforms contains a vulnerability in some hooks used to initialize the container, where an attacker could execute arbitrary code with elevated permissions. A successful exploit of this vulnerability might lead to escalation of privileges, data tampering, information disclosure, and denial of service.
NVIDIA Container Toolkit for all platforms contains a vulnerability in some hooks used to initialize the container, where an attacker could execute arbitrary code with elevated permissions. A successful exploit of this vulnerability might lead to escalation of privileges, data tampering, information disclosure, and denial of service.
Уязвимость функции enable-cuda-compat программного обеспечения для создания и запуска контейнеров NVIDIA Container Toolkit и программного средства для управления ресурсами NVIDIA GPU Operator, позволяющая нарушителю выполнить произвольный код, повысить свои привилегии, получить несанкционированный доступ на чтение и изменение защищаемой информации или вызвать отказ в обслуживании
9 Critical
CVSS3