CVE-2024-0136

CVSS 3.1 Score 7.6 of 10 (high)

Details

Published Jan 28, 2025

CWE ID 653

Summary

CVE-2024-0136 is a vulnerability affecting NVIDIA Container Toolkit. This issue involves an improper isolation problem, allowing a specifically crafted container image to grant untrusted code unauthorized read and write access to host devices. The risk is heightened when the NVIDIA Container Toolkit is configured in a non-default mode. Successful exploitation of this weakness could result in code execution, denial of service, privilege escalation, information disclosure, and data tampering.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/2dQ9dv
https://www.cve.org/CVERecord?id=CVE-2024-0136
https://nvd.nist.gov/vuln/detail/CVE-2024-0136

Back to Vulnerability Database

CVE-2024-0136

CVSS 3.1 Score 7.6 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations