Essential NVIDIA Container Toolkit Vulnerability May Grant Full Host Entry to Attackers

Sep 27, 2024Ravie LakshmananContainer Safety / Cloud Computing

A crucial safety flaw has been disclosed within the NVIDIA Container Toolkit that, if efficiently exploited, may permit risk actors to interrupt out of the confines of a container and achieve full entry to the underlying host.

The vulnerability, tracked as CVE-2024-0132, carries a CVSS rating of 9.0 out of a most of 10.0. It has been addressed in NVIDIA Container Toolkit model v1.16.2 and NVIDIA GPU Operator model 24.6.2.

“NVIDIA Container Toolkit 1.16.1 or earlier contains a Time-of-check Time-of-Use (TOCTOU) vulnerability when used with default configuration where a specifically crafted container image may gain access to the host file system,” NVIDIA stated in an advisory.

Cybersecurity

“A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.”

The problem impacts all variations of NVIDIA Container Toolkit as much as and together with v1.16.1, and Nvidia GPU Operator as much as and together with 24.6.1. Nonetheless, it doesn’t have an effect on use instances the place Container Machine Interface (CDI) is used.

Cloud safety agency Wiz, which found and reported the flaw to NVIDIA on September 1, 2024, stated it could permit an attacker who controls the container pictures run by the Toolkit to carry out a container escape and achieve full entry to the underlying host.

In an hypothetical assault state of affairs, a risk actor may weaponize the shortcoming by making a rogue container picture that, when run on the goal platform both straight or not directly, grants them full entry to the file system.

This might materialize within the type of a provide chain assault the place the sufferer is tricked into working the malicious picture, or, alternatively, through companies that permit shared GPU sources.

“With this access, the attacker can now reach the Container Runtime Unix sockets (docker.sock/containerd.sock),” safety researchers Shir Tamari, Ronen Shustin, and Andres Riancho stated.

“These sockets can be used to execute arbitrary commands on the host system with root privileges, effectively taking control of the machine.”

Cybersecurity

The issue poses a extreme danger to orchestrated, multi-tenant environments, because it may allow an attacker to flee the container and acquire entry to knowledge and secrets and techniques of different functions working on the identical node, and even the identical cluster.

Technical facets of the assault have been withheld at this stage to stop exploitation efforts. It is extremely advisable that customers take steps to use the patches to safeguard in opposition to potential threats.

“While the hype concerning AI security risks tends to focus on futuristic AI-based attacks, ‘old-school’ infrastructure vulnerabilities in the ever-growing AI tech stack remain the immediate risk that security teams should prioritize and protect against,” the researchers stated.

Discovered this text attention-grabbing? Comply with us on Twitter and LinkedIn to learn extra unique content material we submit.

Recent articles

Patch Alert: Essential Apache Struts Flaw Discovered, Exploitation Makes an attempt Detected

Dec 18, 2024Ravie LakshmananCyber Assault / Vulnerability Risk actors are...

Meta Fined €251 Million for 2018 Knowledge Breach Impacting 29 Million Accounts

Dec 18, 2024Ravie LakshmananKnowledge Breach / Privateness Meta Platforms, the...