A critical #vulnerability in the #Nvidia Container Toolkit, tracked as CVE-2024-0132 , poses a significant risk to #AI爆发 applications using this toolkit for #GPU access. This flaw allows adversaries to perform container escape attacks, gaining full control of the host system, which could lead to command execution and data exfiltration. The issue affects versions 1.16.1 and earlier of the NVIDIA Container Toolkit and 24.6.1 and earlier of the GPU Operator.

The vulnerability stems from inadequate isolation between the containerized GPU and the host, enabling containers to access sensitive parts of the host filesystem and writable Unix sockets. This security risk is prevalent in over 35% of cloud environments, particularly as many AI platforms come pre-installed with the affected library.

Wiz Research reported the issue to NVIDIA on September 1st, and NVIDIA acknowledged it shortly after, releasing a fix on September 26th. Users are advised to upgrade to version 1.16.2 of the NVIDIA Container Toolkit and 24.6.2 of the GPU Operator. Technical details for exploiting this vulnerability will be released later to allow organizations time to mitigate the issue by Bill Toulas