Sunday, October 13, 2024
HomeCyber SecurityEssential NVIDIA Container Toolkit Vulnerability Might Grant Full Host Entry to Attackers

Essential NVIDIA Container Toolkit Vulnerability Might Grant Full Host Entry to Attackers


Sep 27, 2024Ravie LakshmananContainer Safety / Cloud Computing

Essential NVIDIA Container Toolkit Vulnerability Might Grant Full Host Entry to Attackers

A vital safety flaw has been disclosed within the NVIDIA Container Toolkit that, if efficiently exploited, might permit menace actors to interrupt out of the confines of a container and achieve full entry to the underlying host.

The vulnerability, tracked as CVE-2024-0132, carries a CVSS rating of 9.0 out of a most of 10.0. It has been addressed in NVIDIA Container Toolkit model v1.16.2 and NVIDIA GPU Operator model 24.6.2.

“NVIDIA Container Toolkit 1.16.1 or earlier accommodates a Time-of-Test Time-of-Use (TOCTOU) vulnerability when used with default configuration the place a particularly crafted container picture might achieve entry to the host file system,” NVIDIA mentioned in an advisory.

Cybersecurity

“A profitable exploit of this vulnerability might result in code execution, denial of service, escalation of privileges, info disclosure, and information tampering.”

The difficulty impacts all variations of NVIDIA Container Toolkit as much as and together with v1.16.1, and Nvidia GPU Operator as much as and together with 24.6.1. Nonetheless, it doesn’t have an effect on use circumstances the place Container Machine Interface (CDI) is used.

Cloud safety agency Wiz, which found and reported the flaw to NVIDIA on September 1, 2024, mentioned it might permit an attacker who controls the container photos run by the Toolkit to carry out a container escape and achieve full entry to the underlying host.

In an hypothetical assault state of affairs, a menace actor might weaponize the shortcoming by making a rogue container picture that, when run on the goal platform both immediately or not directly, grants them full entry to the file system.

This might materialize within the type of a provide chain assault the place the sufferer is tricked into operating the malicious picture, or, alternatively, by way of providers that permit shared GPU assets.

“With this entry, the attacker can now attain the Container Runtime Unix sockets (docker.sock/containerd.sock),” safety researchers Shir Tamari, Ronen Shustin, and Andres Riancho mentioned.

“These sockets can be utilized to execute arbitrary instructions on the host system with root privileges, successfully taking management of the machine.”

Cybersecurity

The issue poses a extreme danger to orchestrated, multi-tenant environments, because it might allow an attacker to flee the container and procure entry to information and secrets and techniques of different purposes operating on the identical node, and even the identical cluster.

Technical elements of the assault have been withheld at this stage to forestall exploitation efforts. It is extremely really useful that customers take steps to use the patches to safeguard towards potential threats.

“Whereas the hype regarding AI safety dangers tends to concentrate on futuristic AI-based assaults, ‘old-school’ infrastructure vulnerabilities within the ever-growing AI tech stack stay the quick danger that safety groups ought to prioritize and shield towards,” the researchers mentioned.

Discovered this text attention-grabbing? Observe us on Twitter and LinkedIn to learn extra unique content material we submit.



RELATED ARTICLES

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Most Popular

Recent Comments