Summary: NVIDIA has issued a security update to fix multiple vulnerabilities in its Container Toolkit and GPU Operator software, which could allow attackers to execute malicious code and escalate privileges. The most critical vulnerability, CVE-2024-0135, enables a specially crafted container image to alter a host binary, leading to severe security risks. Users are strongly advised to update their software to the latest versions to mitigate these risks.
Threat Actor: Unknown | unknown
Victim: NVIDIA | NVIDIA
Keypoints :
- NVIDIA has released updates for its Container Toolkit and GPU Operator to address three critical vulnerabilities.
- CVE-2024-0135 allows attackers to modify host binaries, leading to code execution and privilege escalation.
- Users are encouraged to follow the installation guidelines in the NVIDIA documentation to implement the updates and mitigate risks.
Source: https://securityonline.info/nvidia-releases-security-update-for-container-toolkit-and-gpu-operator/