Skip to content

CVE-2024-0132: Time-of-check Time-of-Use Vulnerability in NVIDIA Container Toolkit 1.16.1 or earlier #4587

New issue
Jump to bottom
New issue
Jump to bottom
Open
Open
CVE-2024-0132: Time-of-check Time-of-Use Vulnerability in NVIDIA Container Toolkit 1.16.1 or earlier#4587
Assignees
sdesai345
Labels
announcementbugsecurity
@sdesai345

Description

@sdesai345
sdesai345
opened on Oct 11, 2024

It was discovered that the NVIDIA Container Toolkit version 1.16.1 or earlier contains a vulnerability when used with the default configuration, such that a hacker can create a specifically crafted container image to gain to access to the host file system.

Learn more: https://nvd.nist.gov/vuln/detail/CVE-2024-0132

AKS Information

Upgrade your Ubuntu node image to version 202410.09.0, which is finalizing the global rollout to all Azure regions around 10/25/2024.

Upgrade your Azure Linux node image to version 202410.15.0, which will finalize the global rollout to all Azure regions around 11/1/2024.

Windows is not vulnerable to this specific CVE.

Activity

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Metadata

Assignees

Labels

announcementbugsecurity

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions