September 27, 2024 at 02:48AM
A security flaw in NVIDIA Container Toolkit (CVE-2024-0132) allows threat actors to escape container confines and access the underlying host. The vulnerability affects NVIDIA Container Toolkit v1.16.1 and earlier, and NVIDIA GPU Operator up to 24.6.1. Addressed in versions v1.16.2 and 24.6.2, the flaw poses potential risks and requires immediate patching.
Key Takeaways from the Meeting Notes:
– A critical security flaw, tracked as CVE-2024-0132 and carrying a CVSS score of 9.0, has been disclosed in the NVIDIA Container Toolkit. This flaw allows threat actors to break out of containers and gain full access to the underlying host.
– The vulnerability has been addressed in NVIDIA Container Toolkit version v1.16.2 and NVIDIA GPU Operator version 24.6.2, with the issue affecting all versions of NVIDIA Container Toolkit up to and including v1.16.1, and Nvidia GPU Operator up to and including 24.6.1.
– Cloud security firm Wiz discovered and reported the flaw to NVIDIA on September 1, 2024, explaining that it would allow an attacker who controls the container images run by the Toolkit to perform a container escape and gain full access to the underlying host.
– The attack scenario could materialize in the form of a supply chain attack or via services that allow shared GPU resources, enabling the attacker to execute arbitrary commands on the host system with root privileges.
– The problem poses a severe risk to orchestrated, multi-tenant environments, potentially allowing an attacker to escape the container and obtain access to data and secrets of other applications running on the same node and cluster.
– To prevent exploitation efforts, technical details of the attack have been withheld at this stage. Users are highly recommended to apply the patches to safeguard against potential threats.
– The researchers emphasize the importance of prioritizing and protecting against “old-school” infrastructure vulnerabilities in the AI tech stack, in addition to futuristic AI-based attacks.
If there are any additional details needed or specific actions to be taken, please let me know.