High severity8.5GHSA Advisory· Published Jul 17, 2025· Updated Apr 15, 2026
CVE-2025-23267
CVE-2025-23267
Description
NVIDIA Container Toolkit for all platforms contains a vulnerability in the update-ldcache hook, where an attacker could cause a link following by using a specially crafted container image. A successful exploit of this vulnerability might lead to data tampering and denial of service.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
github.com/NVIDIA/nvidia-container-toolkitGo | < 1.17.8 | 1.17.8 |
github.com/NVIDIA/k8s-device-pluginGo | < 0.17.3 | 0.17.3 |
github.com/NVIDIA/gpu-operatorGo | < 25.3.2 | 25.3.2 |
github.com/NVIDIA/mig-partedGo | < 0.12.2 | 0.12.2 |
Affected products
23- Range: < 0.12.2
- ghsa-coords22 versionspkg:golang/github.com/nvidia/gpu-operatorpkg:golang/github.com/nvidia/k8s-device-pluginpkg:golang/github.com/nvidia/mig-partedpkg:golang/github.com/nvidia/nvidia-container-toolkitpkg:rpm/opensuse/govulncheck-vulndb&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/govulncheck-vulndb&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/nvidia-container-toolkit&distro=openSUSE%20Leap%2015.6pkg:rpm/suse/govulncheck-vulndb&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP6pkg:rpm/suse/nvidia-container-toolkit&distro=SUSE%20Enterprise%20Storage%207.1pkg:rpm/suse/nvidia-container-toolkit&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSSpkg:rpm/suse/nvidia-container-toolkit&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOSpkg:rpm/suse/nvidia-container-toolkit&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSSpkg:rpm/suse/nvidia-container-toolkit&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-ESPOSpkg:rpm/suse/nvidia-container-toolkit&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-LTSSpkg:rpm/suse/nvidia-container-toolkit&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Containers%2015%20SP6pkg:rpm/suse/nvidia-container-toolkit&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Containers%2015%20SP7pkg:rpm/suse/nvidia-container-toolkit&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSSpkg:rpm/suse/nvidia-container-toolkit&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSSpkg:rpm/suse/nvidia-container-toolkit&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP5-LTSSpkg:rpm/suse/nvidia-container-toolkit&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3pkg:rpm/suse/nvidia-container-toolkit&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4pkg:rpm/suse/nvidia-container-toolkit&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP5
< 25.3.2+ 21 more
- (no CPE)range: < 25.3.2
- (no CPE)range: < 0.17.3
- (no CPE)range: < 0.12.2
- (no CPE)range: < 1.17.8
- (no CPE)range: < 0.0.20251023T162509-150000.1.110.1
- (no CPE)range: < 0.0.20251023T162509-1.1
- (no CPE)range: < 1.18.0-150200.5.17.1
- (no CPE)range: < 0.0.20251023T162509-150000.1.110.1
- (no CPE)range: < 1.18.0-150200.5.17.1
- (no CPE)range: < 1.18.0-150200.5.17.1
- (no CPE)range: < 1.18.0-150200.5.17.1
- (no CPE)range: < 1.18.0-150200.5.17.1
- (no CPE)range: < 1.18.0-150200.5.17.1
- (no CPE)range: < 1.18.0-150200.5.17.1
- (no CPE)range: < 1.18.0-150200.5.17.1
- (no CPE)range: < 1.18.0-150200.5.17.1
- (no CPE)range: < 1.18.0-150200.5.17.1
- (no CPE)range: < 1.18.0-150200.5.17.1
- (no CPE)range: < 1.18.0-150200.5.17.1
- (no CPE)range: < 1.18.0-150200.5.17.1
- (no CPE)range: < 1.18.0-150200.5.17.1
- (no CPE)range: < 1.18.0-150200.5.17.1
Patches
Vulnerability mechanics
References
5News mentions
0No linked articles in our index yet.