ГлавнаяУязвимости → CVE-2024-0135
7.6высокая

CVE-2024-0135

Описание

NVIDIA Container Toolkit contains an improper isolation vulnerability where a specially crafted container image could lead to modification of a host binary. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.

Затрагиваемое ПО
Nvidia Nvidia container toolkitNvidia Nvidia gpu operatorLinux Linux kernel
CVSS
Балл7.6 — высокая
ВекторCVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H
Источники
https://nvidia.custhelp.com/app/answers/detail/a_id/5599