{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-0132", "assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6", "state": "PUBLISHED", "assignerShortName": "nvidia", "dateReserved": "2023-12-02T00:42:43.107Z", "datePublished": "2024-09-26T05:18:33.211Z", "dateUpdated": "2024-09-27T03:55:16.649Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "platforms": ["Linux"], "product": "Container Toolkit", "vendor": "NVIDIA", "versions": [{"status": "affected", "version": "All versions up to and including v1.16.1"}]}, {"defaultStatus": "unaffected", "platforms": ["Linux"], "product": "GPU Operator", "vendor": "NVIDIA", "versions": [{"status": "affected", "version": "All versions up to and including 24.6.1"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">NVIDIA Container Toolkit 1.16.1 or earlier contains a Time-of-check Time-of-Use (TOCTOU) vulnerability when used with default configuration where a specifically crafted container image may gain access to the host file system. This does not impact use cases where CDI is used. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.</span>"}], "value": "NVIDIA Container Toolkit 1.16.1 or earlier contains a Time-of-check Time-of-Use (TOCTOU) vulnerability when used with default configuration where a specifically crafted container image may gain access to the host file system. This does not impact use cases where CDI is used. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering."}], "impacts": [{"descriptions": [{"lang": "en", "value": "Code execution, denial of service, escalation of privileges, information disclosure, data tampering"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-367", "description": "CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6", "shortName": "nvidia", "dateUpdated": "2024-09-26T05:18:33.211Z"}, "references": [{"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5582"}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"affected": [{"vendor": "nvidia", "product": "container_toolkit", "cpes": ["cpe:2.3:a:nvidia:container_toolkit:*:*:*:*:*:*:*:*"], "defaultStatus": "unaffected", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "1.16.1", "versionType": "custom"}]}, {"vendor": "nvidia", "product": "gpu_operator", "cpes": ["cpe:2.3:a:nvidia:gpu_operator:*:*:*:*:*:*:*:*"], "defaultStatus": "unaffected", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "24.6.1", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-09-26T00:00:00+00:00", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3", "id": "CVE-2024-0132"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-27T03:55:16.649Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-0132", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-09-26T13:31:20.975682Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:nvidia:container_toolkit:*:*:*:*:*:*:*:*"], "vendor": "nvidia", "product": "container_toolkit", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "1.16.1"}], "defaultStatus": "unaffected"}, {"cpes": ["cpe:2.3:a:nvidia:gpu_operator:*:*:*:*:*:*:*:*"], "vendor": "nvidia", "product": "gpu_operator", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "24.6.1"}], "defaultStatus": "unaffected"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-26T13:36:21.851Z"}}], "cna": {"source": {"discovery": "UNKNOWN"}, "impacts": [{"descriptions": [{"lang": "en", "value": "Code execution, denial of service, escalation of privileges, information disclosure, data tampering"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 9, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "NVIDIA", "product": "Container Toolkit", "versions": [{"status": "affected", "version": "All versions up to and including v1.16.1"}], "platforms": ["Linux"], "defaultStatus": "unaffected"}, {"vendor": "NVIDIA", "product": "GPU Operator", "versions": [{"status": "affected", "version": "All versions up to and including 24.6.1"}], "platforms": ["Linux"], "defaultStatus": "unaffected"}], "references": [{"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5582"}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "NVIDIA Container Toolkit 1.16.1 or earlier contains a Time-of-check Time-of-Use (TOCTOU) vulnerability when used with default configuration where a specifically crafted container image may gain access to the host file system. This does not impact use cases where CDI is used. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.", "supportingMedia": [{"type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">NVIDIA Container Toolkit 1.16.1 or earlier contains a Time-of-check Time-of-Use (TOCTOU) vulnerability when used with default configuration where a specifically crafted container image may gain access to the host file system. This does not impact use cases where CDI is used. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.</span>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-367", "description": "CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition"}]}], "providerMetadata": {"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6", "shortName": "nvidia", "dateUpdated": "2024-09-26T05:18:33.211Z"}}}, "cveMetadata": {"cveId": "CVE-2024-0132", "state": "PUBLISHED", "dateUpdated": "2024-09-27T03:55:16.649Z", "dateReserved": "2023-12-02T00:42:43.107Z", "assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6", "datePublished": "2024-09-26T05:18:33.211Z", "assignerShortName": "nvidia"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:nvidia:nvidia_container_toolkit:*:*:*:*:*:*:*:*", "matchCriteriaId": "55455A6E-4257-4750-9A18-8D8A5EA029B7", "versionEndExcluding": "1.16.2", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:nvidia:nvidia_gpu_operator:*:*:*:*:*:*:*:*", "matchCriteriaId": "28B17317-5E43-4842-BB41-6E459FAD3D40", "versionEndExcluding": "24.6.2", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "NVIDIA Container Toolkit 1.16.1 or earlier contains a Time-of-check Time-of-Use (TOCTOU) vulnerability when used with default configuration where a specifically crafted container image may gain access to the host file system. This does not impact use cases where CDI is used. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering."}, {"lang": "es", "value": "NVIDIA Container Toolkit 1.16.1 o versiones anteriores contienen una vulnerabilidad de tipo TOCTOU (Time-of-check Time-of-Use) cuando se utiliza con la configuraci\u00f3n predeterminada, en la que una imagen de contenedor manipulada espec\u00edficamente puede obtener acceso al sistema de archivos del host. Esto no afecta a los casos de uso en los que se utiliza CDI. Una explotaci\u00f3n exitosa de esta vulnerabilidad puede provocar la ejecuci\u00f3n de c\u00f3digo, la denegaci\u00f3n de servicio, la escalada de privilegios, la divulgaci\u00f3n de informaci\u00f3n y la manipulaci\u00f3n de datos."}], "id": "CVE-2024-0132", "lastModified": "2024-10-02T14:45:36.160", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.3, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.6, "impactScore": 6.0, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.0, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.3, "impactScore": 6.0, "source": "psirt@nvidia.com", "type": "Secondary"}]}, "published": "2024-09-26T06:15:02.397", "references": [{"source": "psirt@nvidia.com", "tags": ["Vendor Advisory"], "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5582"}], "sourceIdentifier": "psirt@nvidia.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-367"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-367"}], "source": "psirt@nvidia.com", "type": "Secondary"}]}

{"bugzilla": {"description": "nvidia-container-toolkit: Time-of-check Time-of-use (TOCTOU) Race Condition in NVIDIA Container toolkit", "id": "2314824", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2314824"}, "csaw": false, "cvss3": {"cvss3_base_score": "8.3", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H", "status": "draft"}, "cwe": "CWE-367", "details": ["NVIDIA Container Toolkit 1.16.1 or earlier contains a Time-of-check Time-of-Use (TOCTOU) vulnerability when used with default configuration where a specifically crafted container image may gain access to the host file system. This does not impact use cases where CDI is used. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.", "A flaw was found in the NVIDIA Container Toolkit. Affected versions contain a Time-of-check Time-of-Use (TOCTOU) vulnerability when used with the default configuration, where a specifically crafted container image may gain access to the host file system. This issue does not impact use cases where CDI is used.\nThe original fix for the vulnerability shipped by upstream was incomplete. The fix has been continued on CVE-2025-23359.\nThe Container Device Interface (CDI) provides a standardized way to expose hardware devices like GPUs to containers, enabling more secure and predictable deployments. By clearly separating device access from the underlying container runtime, CDI helps contain the impact of bugs or vulnerabilities in device drivers. This isolation extends across container layers, so even if another container is built on top of one that implements CDI, hardware access remains controlled and protected, preserving security in derivative workloads.\nA successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2024-0132", "package_state": [{"cpe": "cpe:/a:redhat:enterprise_linux_ai:1", "fix_state": "Not affected", "package_name": "rhelai1/bootc-nvidia-rhel9", "product_name": "Red Hat Enterprise Linux AI (RHEL AI)"}], "public_date": "2024-09-26T06:15:02Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-0132\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-0132\nhttps://nvidia.custhelp.com/app/answers/detail/a_id/5582"], "statement": "No Red Hat containers are vulnerable because they all implement CDI.\nDue to specific prerequisites, this vulnerability in the NVIDIA Container Toolkit does not affect Red Hat Products and is rated as Important severity rather than Critical. First, a specifically crafted container image is required for effective exploitation. Red Hat signs all containers to ensure their authenticity, integrity and security. If such a container is used either on its own or as a lower layer, this bug can not be exploited. Additionally, this vulnerability is not zero touch, and needs active user interaction to work, further reducing the likelihood of an attack. Most importantly, this vulnerability does not impact use cases that comply with our operating procedures by utilizing the Container Device Interface (CDI). Furthermore, for an attacker to deploy a crafted container image, they would need an environment that permits untrusted containers, which is a scenario that is not typical for Red Hat customers.", "threat_severity": "Important"}

{}