NVIDIA has addressed a critical vulnerability in Container Toolkit, a library used to access NVIDIA GPU hardware, which comes pre-installed on as many as 35% of cloud environments.
The flaw, designated CVE-2024-0132, is due to insufficient isolation of the containerized GPU from the host. Specifically, certain Unix sockets remain writable, allowing direct interactions with the underlying host, including remote command execution (RCE) and data exfiltration.
Exploitation of CVE-2024-0132 can be conducted using two different methods – directly, via shared GPU resources, or indirectly, by getting the target to download a specially crafted image. However, the researchers who discovered the flaw have kept further technical details regarding its exploitation private until impacted users have adequate time to secure their systems.
NVIDIA advises impacted users to upgrade to version 1.16.2 of Container Toolkit and version 24.6.2 of GPU Operator as soon as possible to mitigate the risk CVE-2024-0132 poses.
Source: Bleeping Computer
Analysis
Any vulnerability that could allow threat actors to access the underlying host of virtual machines can have a significant impact, especially in multi-tenant environments. Once a threat actor escapes the container, they could potentially obtain access to data used by other applications or even other cloud customers.
Fortunately, CVE-2024-0132 was discovered by responsible researchers who disclosed it to NVIDIA and only released enough details regarding its exploitation to demonstrate its severity. Thus, impacted users must take advantage of this window to secure their system before further information is released that allows threat actors to begin targeting unpatched systems.
Mitigation
Field Effect’s Security Intelligence professionals constantly monitor the cyber threat landscape for vulnerabilities discovered in libraries like Container Toolkit. Field Effect MDR users were automatically notified if a vulnerable version of Container Toolkit was detected in their environment and are encouraged to review these AROs as quickly as possible via the Field Effect Portal.
Field Effect strongly recommends that impacted users update to the latest version of Container Toolkit and GPU Operator as soon as possible, in accordance with the advisory.
Related Articles
