CVE-2024-0137
📋 TL;DR
NVIDIA Container Toolkit has an improper isolation vulnerability where specially crafted container images could allow untrusted code to run in the host's network namespace. This only affects systems with non-default configurations. Organizations using NVIDIA Container Toolkit with custom configurations are at risk.
💻 Affected Systems
- NVIDIA Container Toolkit
📦 What is this software?
⚠️ Risk & Real-World Impact
Worst Case
Attackers could achieve privilege escalation to root on the host system, potentially gaining full control over the host and adjacent containers.
Likely Case
Attackers could execute arbitrary code in the host network namespace, leading to denial of service and lateral movement within the container environment.
If Mitigated
With default configurations, the vulnerability is not exploitable. Proper network segmentation and container security policies would limit impact.
🎯 Exploit Status
Requires ability to run specially crafted container images and non-default configuration
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Check NVIDIA advisory for specific patched versions
Vendor Advisory: https://nvidia.custhelp.com/app/answers/detail/a_id/5599
Restart Required: Yes
Instructions:
1. Review NVIDIA advisory for patched versions
2. Update NVIDIA Container Toolkit to latest version
3. Restart container runtime services
4. Verify configuration follows security best practices
🔧 Temporary Workarounds
Revert to default configuration
linuxEnsure NVIDIA Container Toolkit uses default network isolation settings
Review and reset any custom network namespace configurations in NVIDIA Container Toolkit settings
Implement container security policies
linuxUse Pod Security Policies or similar to restrict privileged containers
Configure container runtime to enforce security policies that prevent privileged network access
🧯 If You Can't Patch
- Ensure NVIDIA Container Toolkit uses default network isolation configuration
- Implement strict container image validation and scanning to prevent malicious images
🔍 How to Verify
Check if Vulnerable:
Check NVIDIA Container Toolkit version and configuration. Review if custom network namespace settings are enabled.Check Version:
nvidia-container-toolkit --versionVerify Fix Applied:
Verify NVIDIA Container Toolkit is updated to patched version and configuration uses default network isolation.📡 Detection & Monitoring
Log Indicators:
- Unusual container network namespace activity
- Containers attempting to access host network resources
Network Indicators:
- Containers communicating with unexpected network endpoints
- Suspicious network traffic from container runtime
SIEM Query:
container.runtime=nvidia AND (event.action=network_namespace_access OR event.action=privilege_escalation)