Friend
Professional
- Messages
- 2,653
- Reaction score
- 851
- Points
- 113
The TOCTOU mechanism has become the Achilles heel of NVIDIA products.
A critical vulnerability was recently discovered in NVIDIA's Container Toolkit that could allow attackers to extend beyond the container and gain full access to the host system. The vulnerability has been assigned the identifier CVE-2024-0132 and a CVSS rating of 9.0 out of 10.
The issue affects all versions of NVIDIA Container Toolkit up to v1.16.1 and NVIDIA GPU Operator up to version 24.6.1. The cause of the vulnerability was the Time-of-Check Time-of-Use (TOCTOU) mechanism.
When using a tool with default settings, a specially crafted container image can access the host file system. Successful exploitation of the vulnerability could lead to arbitrary code execution, denial of service, privilege escalation, information disclosure, and data modification. This issue does not affect cases where the Container Device Interface (CDI) is used.
Wiz is responsible for discovering the vulnerability, which notified NVIDIA on September 1 of this year. According to the researchers, the attack is possible if the attacker has control over the container images launched through the Toolkit. A potential attacker can then perform a so-called "container escape" and gain access to the host system.
A possible attack scenario involves the creation of a malicious container image. If this image is run on the target platform directly or through services that allow GPU sharing, an attacker can gain full access to the host's file system, allowing them to attack the supply chain or exploit shared services.
With access to the Container Runtime sockets (docker.sock/containerd.sock), an attacker will be able to execute arbitrary commands on the host system with root privileges, effectively gaining full control of the device.
This vulnerability is particularly dangerous for orchestrated multi-tenant environments, where an attacker can go beyond the container and gain access to the data and secrets of other applications running on the same node or cluster.
The vulnerability has been fixed in NVIDIA Container Toolkit v1.16.2 and NVIDIA GPU Operator v24.6.2. In order to prevent exploitation, the technical details of the attack have not yet been disclosed. Users are urged to apply the available updates as soon as possible.
Source
A critical vulnerability was recently discovered in NVIDIA's Container Toolkit that could allow attackers to extend beyond the container and gain full access to the host system. The vulnerability has been assigned the identifier CVE-2024-0132 and a CVSS rating of 9.0 out of 10.
The issue affects all versions of NVIDIA Container Toolkit up to v1.16.1 and NVIDIA GPU Operator up to version 24.6.1. The cause of the vulnerability was the Time-of-Check Time-of-Use (TOCTOU) mechanism.
When using a tool with default settings, a specially crafted container image can access the host file system. Successful exploitation of the vulnerability could lead to arbitrary code execution, denial of service, privilege escalation, information disclosure, and data modification. This issue does not affect cases where the Container Device Interface (CDI) is used.
Wiz is responsible for discovering the vulnerability, which notified NVIDIA on September 1 of this year. According to the researchers, the attack is possible if the attacker has control over the container images launched through the Toolkit. A potential attacker can then perform a so-called "container escape" and gain access to the host system.
A possible attack scenario involves the creation of a malicious container image. If this image is run on the target platform directly or through services that allow GPU sharing, an attacker can gain full access to the host's file system, allowing them to attack the supply chain or exploit shared services.
With access to the Container Runtime sockets (docker.sock/containerd.sock), an attacker will be able to execute arbitrary commands on the host system with root privileges, effectively gaining full control of the device.
This vulnerability is particularly dangerous for orchestrated multi-tenant environments, where an attacker can go beyond the container and gain access to the data and secrets of other applications running on the same node or cluster.
The vulnerability has been fixed in NVIDIA Container Toolkit v1.16.2 and NVIDIA GPU Operator v24.6.2. In order to prevent exploitation, the technical details of the attack have not yet been disclosed. Users are urged to apply the available updates as soon as possible.
Source
