rpm package
suse/nvidia-container-toolkit&distro=SUSE Linux Enterprise Server 15 SP3-LTSS
pkg:rpm/suse/nvidia-container-toolkit&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSS
Vulnerabilities (9)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-23267 | Hig | 8.5 | < 1.18.0-150200.5.17.1 | 1.18.0-150200.5.17.1 | Jul 17, 2025 | NVIDIA Container Toolkit for all platforms contains a vulnerability in the update-ldcache hook, where an attacker could cause a link following by using a specially crafted container image. A successful exploit of this vulnerability might lead to data tampering and denial of servi | |
| CVE-2025-23266 | Cri | 9.0 | < 1.18.0-150200.5.17.1 | 1.18.0-150200.5.17.1 | Jul 17, 2025 | NVIDIA Container Toolkit for all platforms contains a vulnerability in some hooks used to initialize the container, where an attacker could execute arbitrary code with elevated permissions. A successful exploit of this vulnerability might lead to escalation of privileges, data ta | |
| CVE-2025-23359 | — | < 1.18.0-150200.5.17.1 | 1.18.0-150200.5.17.1 | Feb 12, 2025 | NVIDIA Container Toolkit for Linux contains a Time-of-Check Time-of-Use (TOCTOU) vulnerability when used with default configuration, where a crafted container image could gain access to the host file system. A successful exploit of this vulnerability might lead to code execution, | ||
| CVE-2024-0137 | — | < 1.18.0-150200.5.17.1 | 1.18.0-150200.5.17.1 | Jan 28, 2025 | NVIDIA Container Toolkit contains an improper isolation vulnerability where a specially crafted container image could lead to untrusted code running in the host’s network namespace. This vulnerability is present only when the NVIDIA Container Toolkit is configured in a nondefault | ||
| CVE-2024-0136 | — | < 1.18.0-150200.5.17.1 | 1.18.0-150200.5.17.1 | Jan 28, 2025 | NVIDIA Container Toolkit contains an improper isolation vulnerability where a specially crafted container image could lead to untrusted code obtaining read and write access to host devices. This vulnerability is present only when the NVIDIA Container Toolkit is configured in a no | ||
| CVE-2024-0135 | — | < 1.18.0-150200.5.17.1 | 1.18.0-150200.5.17.1 | Jan 28, 2025 | NVIDIA Container Toolkit contains an improper isolation vulnerability where a specially crafted container image could lead to modification of a host binary. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, informa | ||
| CVE-2024-0134 | — | < 1.18.0-150200.5.17.1 | 1.18.0-150200.5.17.1 | Nov 5, 2024 | NVIDIA Container Toolkit and NVIDIA GPU Operator for Linux contain a UNIX vulnerability where a specially crafted container image can lead to the creation of unauthorized files on the host. The name and location of the files cannot be controlled by an attacker. A successful explo | ||
| CVE-2024-0133 | — | < 1.18.0-150200.5.17.1 | 1.18.0-150200.5.17.1 | Sep 26, 2024 | NVIDIA Container Toolkit 1.16.1 or earlier contains a vulnerability in the default mode of operation allowing a specially crafted container image to create empty files on the host file system. This does not impact use cases where CDI is used. A successful exploit of this vulnerab | ||
| CVE-2024-0132 | — | < 1.18.0-150200.5.17.1 | 1.18.0-150200.5.17.1 | Sep 26, 2024 | NVIDIA Container Toolkit 1.16.1 or earlier contains a Time-of-check Time-of-Use (TOCTOU) vulnerability when used with default configuration where a specifically crafted container image may gain access to the host file system. This does not impact use cases where CDI is used. A su |
- affected < 1.18.0-150200.5.17.1fixed 1.18.0-150200.5.17.1
NVIDIA Container Toolkit for all platforms contains a vulnerability in the update-ldcache hook, where an attacker could cause a link following by using a specially crafted container image. A successful exploit of this vulnerability might lead to data tampering and denial of servi
- affected < 1.18.0-150200.5.17.1fixed 1.18.0-150200.5.17.1
NVIDIA Container Toolkit for all platforms contains a vulnerability in some hooks used to initialize the container, where an attacker could execute arbitrary code with elevated permissions. A successful exploit of this vulnerability might lead to escalation of privileges, data ta
- CVE-2025-23359Feb 12, 2025affected < 1.18.0-150200.5.17.1fixed 1.18.0-150200.5.17.1
NVIDIA Container Toolkit for Linux contains a Time-of-Check Time-of-Use (TOCTOU) vulnerability when used with default configuration, where a crafted container image could gain access to the host file system. A successful exploit of this vulnerability might lead to code execution,
- CVE-2024-0137Jan 28, 2025affected < 1.18.0-150200.5.17.1fixed 1.18.0-150200.5.17.1
NVIDIA Container Toolkit contains an improper isolation vulnerability where a specially crafted container image could lead to untrusted code running in the host’s network namespace. This vulnerability is present only when the NVIDIA Container Toolkit is configured in a nondefault
- CVE-2024-0136Jan 28, 2025affected < 1.18.0-150200.5.17.1fixed 1.18.0-150200.5.17.1
NVIDIA Container Toolkit contains an improper isolation vulnerability where a specially crafted container image could lead to untrusted code obtaining read and write access to host devices. This vulnerability is present only when the NVIDIA Container Toolkit is configured in a no
- CVE-2024-0135Jan 28, 2025affected < 1.18.0-150200.5.17.1fixed 1.18.0-150200.5.17.1
NVIDIA Container Toolkit contains an improper isolation vulnerability where a specially crafted container image could lead to modification of a host binary. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, informa
- CVE-2024-0134Nov 5, 2024affected < 1.18.0-150200.5.17.1fixed 1.18.0-150200.5.17.1
NVIDIA Container Toolkit and NVIDIA GPU Operator for Linux contain a UNIX vulnerability where a specially crafted container image can lead to the creation of unauthorized files on the host. The name and location of the files cannot be controlled by an attacker. A successful explo
- CVE-2024-0133Sep 26, 2024affected < 1.18.0-150200.5.17.1fixed 1.18.0-150200.5.17.1
NVIDIA Container Toolkit 1.16.1 or earlier contains a vulnerability in the default mode of operation allowing a specially crafted container image to create empty files on the host file system. This does not impact use cases where CDI is used. A successful exploit of this vulnerab
- CVE-2024-0132Sep 26, 2024affected < 1.18.0-150200.5.17.1fixed 1.18.0-150200.5.17.1
NVIDIA Container Toolkit 1.16.1 or earlier contains a Time-of-check Time-of-Use (TOCTOU) vulnerability when used with default configuration where a specifically crafted container image may gain access to the host file system. This does not impact use cases where CDI is used. A su