NVIDIA has recently addressed a critical security flaw, CVE-2024-0132 [1] [2] [3] [4] [5] [6] [7] [8] [9] [10], in its Container Toolkit and GPU Operator [3] [7], identified by cybersecurity researchers at Wiz [1] [3].
Description
This vulnerability, rated with a severity score of 9 out of 10, could potentially allow threat actors to exploit a Time-of-Check Time-of-Use (TOCTOU) vulnerability, gaining access to the host’s file system and potentially performing a container escape to gain full root privileges on the underlying host system. The flaw has been patched in versions up to 1.16.2 for the NVIDIA Container Toolkit and 24.6.2 for the NVIDIA GPU Operator. This vulnerability poses a serious risk to AI applications on cloud and on-premises platforms, with threat actors able to escape container environments and compromise the underlying host system, jeopardizing sensitive data and infrastructure [7]. Over 35 percent of cloud environments [7], particularly in shared environments like Kubernetes clusters [2] [10], could be impacted. NVIDIA has released patches for both vulnerabilities [7], urging affected organizations to update to the latest versions [10]. Wiz researchers recommend prioritizing patching efforts for hosts likely to run containers from untrusted sources [7], emphasizing the need for enhanced security measures in AI infrastructures [10]. Mitigation through upgrading to v1.16.2 and v24.6.2 is advised [1], especially in environments allowing third-party container images [1] [3] [7] [10], with potential attack vectors including social engineering and supply chain attacks [1]. Trend Vision One™ offers proactive protection against attacks attempting to exploit this vulnerability and can help detect vulnerabilities, malware [6], and compliance violations within container images [6].
Conclusion
This security flaw poses significant risks to AI applications on cloud and on-premises platforms, with potential impacts on sensitive data and infrastructure. Organizations are urged to update to the latest versions to mitigate the risk of exploitation. Enhanced security measures and proactive protection tools are recommended to safeguard against potential attacks in the future.
References
[1] https://techmonitor.ai/technology/cybersecurity/cybersecurity-flaw-in-nvidia-container-toolkit-affects-cloud-and-ai-systems-warns-wiz
[2] https://www.csoonline.com/article/3541912/a-critical-nvidia-container-toolkit-bug-can-allow-a-complete-host-takeover.html
[3] https://www.techradar.com/pro/security/nvidia-container-toolkit-found-to-have-worrying-security-flaws
[4] https://success.trendmicro.com/en-US/solution/KA-0017897
[5] https://dailysecurityreview.com/security-spotlight/critical-flaw-in-nvidia-container/
[6] https://www.trendmicro.com/en_in/research/24/i/nvidia-ai-container-toolkit-vulnerability-fix.html
[7] https://www.crn.com/news/ai/2024/5-things-to-know-on-critical-nvidia-ai-vulnerability
[8] https://thenimblenerd.com/article/nvidia-toolkit-security-flaw-a-container-catastrophe-waiting-to-happen/
[9] https://thehackernews.com/2024/09/critical-nvidia-container-toolkit.html
[10] https://www.infosecurity-magazine.com/news/nvidia-ai-toolkit-vulnerability/
