Описание
NVIDIA Container Toolkit for all platforms contains a vulnerability in the update-ldcache hook, where an attacker could cause a link following by using a specially crafted container image. A successful exploit of this vulnerability might lead to data tampering and denial of service.
A flaw was found in nvidia-container-toolkit. The update-ldcache hook contains a vulnerability allowing an attacker to trigger link following via a specially crafted container image. This issue allows a local attacker to potentially cause data corruption. The root cause is the improper handling of container image paths during the link cache update process, which may result in data loss.
Отчет
RHEL AI is not affected because it uses CDI mode with NVIDIA Container Toolkit versions later than 1.17.5, which are not vulnerable, and does not rely on the enable-cuda-compat hook, thereby eliminating the attack vector entirely. This vulnerability is rated as Important instead of Critical because, while it involves a symlink attack via the update-ldcache hook in the NVIDIA Container Toolkit, it has limited impact and specific requirements. The attacker needs low privileges inside a container and must use a specially crafted image to trigger the issue. It does not lead to code execution or privilege escalation, and it has no impact on confidentiality—only potential data tampering or denial of service. Additionally, the vulnerability affects only setups using this specific hook and can be easily mitigated by disabling it.
Меры по смягчению последствий
This vulnerability can be mitigated by opting out using the enable-cuda-compat hook. When using the NVIDIA Container Runtime in legacy mode, you can opt out of using the enable-cuda-compat hook by editing the /etc/nvidia-container-toolkit/config.toml file to set the features.disable-cuda-compat-lib-hook feature flag to true: [features] disable-cuda-compat-lib-hook = true
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 10 | toolbox | Not affected | ||
| Red Hat Enterprise Linux 9 | toolbox | Not affected | ||
| Red Hat Enterprise Linux AI (RHEL AI) | rhelai1/bootc-amd-rhel9 | Not affected | ||
| Red Hat Enterprise Linux AI (RHEL AI) | rhelai1/bootc-aws-nvidia-rhel9 | Not affected | ||
| Red Hat Enterprise Linux AI (RHEL AI) | rhelai1/bootc-azure-amd-rhel9 | Not affected | ||
| Red Hat Enterprise Linux AI (RHEL AI) | rhelai1/bootc-azure-nvidia-rhel9 | Not affected | ||
| Red Hat Enterprise Linux AI (RHEL AI) | rhelai1/bootc-gcp-nvidia-rhel9 | Not affected | ||
| Red Hat Enterprise Linux AI (RHEL AI) | rhelai1/bootc-intel-rhel9 | Not affected | ||
| Red Hat Enterprise Linux AI (RHEL AI) | rhelai1/bootc-nvidia-rhel9 | Not affected | ||
| Red Hat Enterprise Linux AI (RHEL AI) | rhelai1/granite-3.1-8b-lab-v2.1 | Not affected |
Показывать по
Дополнительная информация
Статус:
8.5 High
CVSS3
Связанные уязвимости
NVIDIA Container Toolkit for all platforms contains a vulnerability in the update-ldcache hook, where an attacker could cause a link following by using a specially crafted container image. A successful exploit of this vulnerability might lead to data tampering and denial of service.
NVIDIA Container Toolkit for all platforms contains a vulnerability in the update-ldcache hook, where an attacker could cause a link following by using a specially crafted container image. A successful exploit of this vulnerability might lead to data tampering and denial of service.
Уязвимость функции update-ldcache программного обеспечения для создания и запуска контейнеров NVIDIA Container Toolkit и программного средства для управления ресурсами NVIDIA GPU Operator, позволяющая нарушителю получить несанкционированный доступ на изменение защищаемой информации или вызвать отказ в обслуживании
8.5 High
CVSS3