CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-0134

NVIDIA Container Toolkit and NVIDIA GPU Operator for Linux contain a UNIX vulnerability where a specially crafted container image can lead to the creation of unauthorized files on the host. The name and location of the files cannot be controlled by an attacker. A successful exploit of this vulnerability might lead to data tampering.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 30.4%

CVSS Severity

CVSS v3 Score 4.1

References

https://nvidia.custhelp.com/app/answers/detail/a_id/5585

Products affected by CVE-2024-0134

Nvidia » Nvidia Container Toolkit » Version: 1.16.0

cpe:2.3:a:nvidia:nvidia_container_toolkit:1.16.0
Nvidia » Nvidia Container Toolkit » Version: 1.16.1

cpe:2.3:a:nvidia:nvidia_container_toolkit:1.16.1
Nvidia » Nvidia Container Toolkit » Version: 1.16.2

cpe:2.3:a:nvidia:nvidia_container_toolkit:1.16.2
Nvidia » Nvidia Gpu Operator » Version: Any

cpe:2.3:a:nvidia:nvidia_gpu_operator:*
Linux » Linux Kernel » Version: N/A

cpe:2.3:o:linux:linux_kernel:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-0134

Products

Pricing

Contact Us