CVE-2024-0137

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Jan 28, 2025

CWE ID 653

Summary

CVE-2024-0137 is a newly discovered vulnerability affecting NVIDIA Container Toolkit. This issue involves an improper isolation flaw that can allow a maliciously crafted container image to execute untrusted code in the host's network namespace. The risk is heightened when the NVIDIA Container Toolkit is configured in a nonstandard manner. A successful exploit could potentially result in denial-of-service attacks and privilege escalation. Users are urged to update their NVIDIA Container Toolkit to mitigate this threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Container Toolkit

Affected Vendors

NVIDIA

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/2dQ9dx
https://www.cve.org/CVERecord?id=CVE-2024-0137
https://nvd.nist.gov/vuln/detail/CVE-2024-0137

Back to Vulnerability Database