Critical severity9.0NVD Advisory· Published Jul 17, 2025· Updated Apr 15, 2026
CVE-2025-23266
CVE-2025-23266
Description
NVIDIA Container Toolkit for all platforms contains a vulnerability in some hooks used to initialize the container, where an attacker could execute arbitrary code with elevated permissions. A successful exploit of this vulnerability might lead to escalation of privileges, data tampering, information disclosure, and denial of service.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
github.com/NVIDIA/nvidia-container-toolkitGo | < 1.17.8 | 1.17.8 |
github.com/NVIDIA/k8s-device-pluginGo | < 0.17.3 | 0.17.3 |
github.com/NVIDIA/gpu-operatorGo | < 25.3.2 | 25.3.2 |
github.com/NVIDIA/mig-partedGo | < 0.12.2 | 0.12.2 |
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
10- github.com/advisories/GHSA-vmg3-7v43-9g23ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2025-23266ghsaADVISORY
- kidbomb.github.io/posts/nvidia-container-escape-cve-2025-23266ghsaWEB
- kidbomb.github.io/posts/nvidia-container-escape-cve-2025-23266-part-2ghsaWEB
- news.ycombinator.com/itemnvdWEB
- nvidia.custhelp.com/app/answers/detail/a_id/5659nvdWEB
- pkg.go.dev/vuln/GO-2025-3992ghsaWEB
- www.wiz.io/blog/nvidia-ai-vulnerability-cve-2025-23266-nvidiascapenvdWEB
- kidbomb.github.io/posts/nvidia-container-escape-cve-2025-23266-part-2/nvd
- kidbomb.github.io/posts/nvidia-container-escape-cve-2025-23266/nvd
News mentions
0No linked articles in our index yet.