About Remote Code Execution – NVIDIA Container Toolkit (CVE-2024-0132) vulnerability. NVIDIA’s bulletin was released on September 25. The vulnerability was found by researchers from Wiz.
Container Toolkit provides containerized AI applications with access to GPU resources. AI is now almost impossible without the use of video cards. 😏 Therefore, this component is very common.
The essence of the vulnerability is that a launched malicious container image can gain access to the host file system, which, in turn, can lead to the attacker’s code execution, denial of service, escalation of privileges, information disclosure, and data tampering.
If an attacker gains access to a desktop in this way, it’s not so bad, but what if he gains access to Kubernetes nodes or a cluster? 🫣 AI service providers (a la Hugging Face) that launch untrusted images are at risk.
Hi! My name is Alexander and I am a Vulnerability Management specialist. You can read more about me here. Currently, the best way to follow me is my Telegram channel @avleonovcom. I update it more often than this site. If you haven’t used Telegram yet, give it a try. It’s great. You can discuss my posts or ask questions at @avleonovchat.
А всех русскоязычных я приглашаю в ещё один телеграмм канал @avleonovrus, первым делом теперь пишу туда.