https://www.wiz.io/blog/wiz-research-critical-nvidia-ai-vulnerability

A severe security flaw has been discovered in Nvidia’s Container Toolkit, a widely used tool for running AI applications in containerized environments. The vulnerability, designated CVE-2024-0132, could allow attackers to escape containers and gain full control of the host system.

Wiz researchers identified a Time-of-check Time-of-Use (TOCTOU) vulnerability that could be exploited to execute code, steal data, or tamper with systems. The flaw impacts Nvidia Container Toolkit version 1.16.1 when used with default settings, leaving cloud environments vulnerable to attacks.

Nvidia has acknowledged the severity of the issue, assigning it a CVSS score of 9/10. The vulnerability poses a significant threat to over 35% of cloud environments using Nvidia GPUs, according to Wiz.

This vulnerability is particularly concerning in orchestrated environments where GPUs are shared among multiple workloads. Malicious actors could introduce a compromised container, break free of it, and leverage the host system’s secrets to infiltrate other services. Cloud service providers and organizations using third-party container images or AI models are especially vulnerable.

Nvidia has released patches to address the vulnerability. Organizations using Nvidia Container Toolkit are advised to update to the latest version as soon as possible.