CVE-2024-0135
📋 TL;DR
NVIDIA Container Toolkit has an improper isolation vulnerability where malicious container images can modify host binaries. This affects systems using NVIDIA Container Toolkit to run GPU-accelerated containers. Attackers could exploit this to compromise the host system from within a container.
💻 Affected Systems
- NVIDIA Container Toolkit
📦 What is this software?
⚠️ Risk & Real-World Impact
Worst Case
Full host compromise with code execution, privilege escalation, data theft, and denial of service through host binary modification.
Likely Case
Privilege escalation and data tampering within affected container environments, potentially leading to lateral movement.
If Mitigated
Limited impact with proper container security controls, network segmentation, and least privilege principles.
🎯 Exploit Status
Requires ability to run or create container images, but no authentication needed once container execution is possible.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Latest version from NVIDIA's repositories
Vendor Advisory: https://nvidia.custhelp.com/app/answers/detail/a_id/5599
Restart Required: No
Instructions:
1. Update NVIDIA Container Toolkit using your package manager. 2. For Ubuntu/Debian: sudo apt update && sudo apt install nvidia-container-toolkit. 3. For RHEL/CentOS: sudo yum update nvidia-container-toolkit. 4. Verify installation with nvidia-ctk --version.
🔧 Temporary Workarounds
Disable NVIDIA Container Toolkit
allTemporarily disable GPU acceleration for containers until patching is possible
sudo systemctl stop nvidia-container-toolkit
sudo systemctl disable nvidia-container-toolkit
Restrict container image sources
allOnly allow trusted container registries and enforce image signing
🧯 If You Can't Patch
- Implement strict container image policies allowing only signed images from trusted sources
- Apply network segmentation to isolate container environments and limit lateral movement potential
🔍 How to Verify
Check if Vulnerable:
Check if NVIDIA Container Toolkit is installed and compare version against patched releaseCheck Version:
nvidia-ctk --versionVerify Fix Applied:
Verify nvidia-container-toolkit package version matches latest from NVIDIA repositories📡 Detection & Monitoring
Log Indicators:
- Unexpected modifications to host binaries from container processes
- Container escape attempts in system logs
Network Indicators:
- Suspicious container image pulls from untrusted sources
- Unexpected outbound connections from container hosts
SIEM Query:
source="docker" OR source="containerd" AND (event="binary_modification" OR event="privilege_escalation")