Ptechhub
  • News
  • Industries
    • Enterprise IT
    • AI & ML
    • Cybersecurity
    • Finance
    • Telco
  • Brand Hub
    • Lifesight
  • Blogs
No Result
View All Result
  • News
  • Industries
    • Enterprise IT
    • AI & ML
    • Cybersecurity
    • Finance
    • Telco
  • Brand Hub
    • Lifesight
  • Blogs
No Result
View All Result
PtechHub
No Result
View All Result

Incomplete Patch in NVIDIA Toolkit Leaves CVE-2024-0132 Open to Container Escapes

The Hacker News by The Hacker News
April 10, 2025
Home Cybersecurity
Share on FacebookShare on Twitter


Apr 10, 2025Ravie LakshmananContainer Security / Vulnerability

Cybersecurity researchers have detailed a case of an incomplete patch for a previously addressed security flaw impacting the NVIDIA Container Toolkit that, if successfully exploited, could put sensitive data at risk.

The original vulnerability CVE-2024-0132 (CVSS score: 9.0) is a Time-of-Check Time-of-Use (TOCTOU) vulnerability that could lead to a container escape attack and allow for unauthorized access to the underlying host.

While this flaw was resolved by NVIDIA in September 2024, a new analysis by Trend Micro has revealed the fix to be incomplete and that there also exists a related performance flaw affecting Docker on Linux that could result in a denial-of-service (DoS) condition.

Cybersecurity

“These issues could enable attackers to escape container isolation, access sensitive host resources, and cause severe operational disruptions,” Trend Micro researcher Abdelrahman Esmail said in a new report published today.

The fact that the TOCTOU vulnerability persists means that a specially crafted container could be abused to access the host file system and execute arbitrary commands with root privileges. The flaw impacts version 1.17.4 if the feature allow-cuda-compat-libs-from-container is explicitly enabled.

“The specific flaw exists within the mount_files function,” Trend Micro said. “The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the host.”

However, for this privilege escalation to work, the attacker must have already obtained the ability to execute code within a container.

The shortcoming has been assigned the CVE identifier CVE-2025-23359 (CVSS score: 9.0), which was previously flagged by cloud security firm Wiz as also a bypass for CVE-2024-0132 back in February 2025. It has been addressed in version 1.17.4.

The cybersecurity company said it also discovered a performance issue during the analysis of the CVE-2024-0132 that could potentially lead to a DoS vulnerability on the host machine. It affects Docker instances on Linux systems.

Cybersecurity

“When a new container is created with multiple mounts configured using (bind-propagation=shared), multiple parent/child paths are established. However, the associated entries are not removed in the Linux mount table after container termination,” Esmail said.

“This leads to a rapid and uncontrollable growth of the mount table, exhausting available file descriptors (fd). Eventually, Docker is unable to create new containers due to fd exhaustion. This excessively large mount table leads to a huge performance issue, preventing users from connecting to the host (i.e., via SSH).”

To mitigate the issue, it’s advised to monitor the Linux mount table for abnormal growth, limit Docker API access to authorized personnel, enforce strong access control policies, and conduct periodic audits of container-to-host filesystem bindings, volume mounts, and socket connections.

Found this article interesting? Follow us on Twitter  and LinkedIn to read more exclusive content we post.





Source link

Tags: computer securitycyber attackscyber newscyber security newscyber security news todaycyber security updatescyber updatesdata breachhacker newshacking newshow to hackinformation securitynetwork securityransomware malwaresoftware vulnerabilitythe hacker news
The Hacker News

The Hacker News

Next Post
Cineverse Acquires U.S. Rights to Lynchian Thriller The Things You Kill; Fall Theatrical Release Planned

Cineverse Acquires U.S. Rights to Lynchian Thriller The Things You Kill; Fall Theatrical Release Planned

Recommended.

5 Companies That Came To Win This Week

5 Companies That Came To Win This Week

March 6, 2026
Starkiller Phishing Suite Uses AitM Reverse Proxy to Bypass Multi-Factor Authentication

Starkiller Phishing Suite Uses AitM Reverse Proxy to Bypass Multi-Factor Authentication

March 3, 2026

Trending.

Cloud Market Share Q1 2026: AWS, Microsoft, Google Battling In AI Era

Cloud Market Share Q1 2026: AWS, Microsoft, Google Battling In AI Era

May 4, 2026
AWS Vs. Google Cloud Vs. Microsoft Azure Q1 Earnings Face-Off

AWS Vs. Google Cloud Vs. Microsoft Azure Q1 Earnings Face-Off

May 1, 2026
AWS Solution Provider Caylent Unveils Dedicated Anthropic Claude Unit

AWS Solution Provider Caylent Unveils Dedicated Anthropic Claude Unit

April 30, 2026
Google’s 0 Million Partner Fund Targets AI Agent Era Channel Paradigm Shift

Google’s $750 Million Partner Fund Targets AI Agent Era Channel Paradigm Shift

April 24, 2026
British Space Startup Launches Longevity Lab Into Orbit

British Space Startup Launches Longevity Lab Into Orbit

July 7, 2026

PTechHub

A tech news platform delivering fresh perspectives, critical insights, and in-depth reporting — beyond the buzz. We cover innovation, policy, and digital culture with clarity, independence, and a sharp editorial edge.

Follow Us

Industries

  • AI & ML
  • Cybersecurity
  • Enterprise IT
  • Finance
  • Telco

Navigation

  • About
  • Advertise
  • Privacy & Policy
  • Contact

Subscribe to Our Newsletter

  • About
  • Advertise
  • Privacy & Policy
  • Contact

Copyright © 2025 | Powered By Porpholio

No Result
View All Result
  • News
  • Industries
    • Enterprise IT
    • AI & ML
    • Cybersecurity
    • Finance
    • Telco
  • Brand Hub
    • Lifesight
  • Blogs

Copyright © 2025 | Powered By Porpholio