Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
6.5
CVE-2024-0137: NVIDIA Container Toolkit: Untrusted Code Running on Host Network
CVE-2024-0137
Summary
A misconfigured NVIDIA Container Toolkit can allow untrusted code in a container to access the host's network settings. This could lead to a denial of service or allow unauthorized access to the host. To mitigate this risk, ensure the NVIDIA Container Toolkit is configured securely and review your container setup.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions |
|---|---|---|
| nvidia | nvidia_container_toolkit |
< 1.17.3 cpe:2.3:a:nvidia:nvidia_container_toolkit:*:*:*:*:*:*:*:* |
| nvidia | nvidia_gpu_operator |
< 24.9.1 cpe:2.3:a:nvidia:nvidia_gpu_operator:*:*:*:*:*:*:*:* |
Original title
NVIDIA Container Toolkit contains an improper isolation vulnerability where a specially crafted container image could lead to untrusted code running in the host’s network namespace. This vulnerabil...
Original description
NVIDIA Container Toolkit contains an improper isolation vulnerability where a specially crafted container image could lead to untrusted code running in the host’s network namespace. This vulnerability is present only when the NVIDIA Container Toolkit is configured in a nondefault way. A successful exploit of this vulnerability may lead to denial of service and escalation of privileges.
nvd CVSS3.1
6.5
Vulnerability type
CWE-653
- https://nvidia.custhelp.com/app/answers/detail/a_id/5599 Mitigation Vendor Advisory
Published: 28 Jan 2025 · Updated: 15 Jun 2026 · First seen: 7 Mar 2026