Critical Nvidia Container Flaw Exposes Cloud AI Systems to Host Takeover

A critical vulnerability in Nvidia’s Container Toolkit, widely used across cloud environments and AI workloads, can be exploited to escape containers and take control of the underlying host system.

That’s the stark warning from researchers at Wiz after discovering a TOCTOU (Time-of-check Time-of-Use) vulnerability that exposes enterprise cloud environments to code execution, information disclosure and data tampering attacks.

The flaw, tagged as CVE-2024-0132, affects Nvidia Container Toolkit 1.16.1 when used with default configuration where a specifically crafted container image may gain access to the host file system.

“A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering,” Nvidia said in an advisory with a CVSS severity score of 9/10.

According to documentation from Wiz, the flaw threatens more than 35% of cloud environments using Nvidia GPUs, allowing attackers to escape containers and take ...