Serious vulnerability discovered in NVIDIA's container toolkit
What you need to know about the NVIDIA container toolkit bug and how to protect yourself
A serious vulnerability (CVE-2024-0132) in NVIDIA's Container Toolkit allows attackers to gain control over a host system. It affects versions up to 1.16.1. NVIDIA has released urgent updates to address the issue.
A critical security flaw has been discovered in NVIDIA’s Container Toolkit, a critical container management software for cloud computing and AI environments. The vulnerability, listed as CVE-2024-0132, allows attackers to escape from containers and gain full control of the host system. The issue affects all versions up to 1.16.1 of the Container Toolkit and 24.6.1 of the GPU Operator. NVIDIA promptly released a patch with the new versions 1.16.2 of the Toolkit and 24.6.2 of the Operator. A study by security firm Wiz found that approximately 33% of cloud environments use a vulnerable version of the software.
Severity and potential risks of the CVE-2024-0132 vulnerability
The CVE-2024-0132 vulnerability has a severity score of 9.0 out of 10 according to the CVSS system. NVIDIA has confirmed that the flaw could allow arbitrary code execution, denial of service attacks, privilege escalation, information leakage, and data alteration. The issue involves a Time of Check Time of Use (TOCTOU) race condition, which could allow an attacker to access unauthorized resources. To exploit this vulnerability, an attacker would need to create a specially crafted container image and run it on the target platform.
Impact of vulnerability in shared environments and attack scenarios
A single-tenant computing environment could be compromised if a user downloads a malicious container image via social engineering. In shared environments like Kubernetes, a user with permissions to deploy containers could escape the container and access data from other applications on the same node or cluster. This scenario is of particular concern for AI service providers that offer their customers the ability to run their own GPU-enabled container images. Such an attack could lead to the attacker using host machine secrets to target the cloud service’s control systems, with access to other customers’ sensitive information.
Urgent need for updates and mitigations
NVIDIA strongly recommends updating to the latest versions of Container Toolkit and GPU Operator immediately to mitigate the vulnerability. Wiz, the security firm that discovered the vulnerability, is withholding additional technical details to allow vulnerable organizations to apply the necessary patches before attackers can exploit it. With the widespread use of NVIDIA tools in the cloud and AI contexts, the potential scope of this vulnerability is considerable. Organizations using containers and NVIDIA GPUs should immediately review their installed versions and plan to update as soon as possible to prevent potential compromise of their systems.
Follow us on Twitter for more pills like this09/29/2024 17:47
Marco Verro