CVE-2024-0135

Published Jan 28, 2025

Last updated a month ago

CVSS high 7.6

Overview

Description
NVIDIA Container Toolkit contains an improper isolation vulnerability where a specially crafted container image could lead to modification of a host binary. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.
Source
psirt@nvidia.com
NVD status
Received

Risk scores

CVSS 3.1

Type
Secondary
Base score
7.6
Impact score
6
Exploitability score
1
Vector string
CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H
Severity
HIGH

Weaknesses

psirt@nvidia.com
CWE-653

Social media

Hype score
Not currently trending

  1. CVE-2024-0135 NVIDIA Container Toolkit contains an improper isolation vulnerability where a specially crafted container image could lead to modification of a host binary. A successfu… https://t.co/KhdKPin2r5

    @CVEnew

    28 Jan 2025

    39 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. NVIDIA Container Toolkit/GPU Operator の脆弱性 CVE-2024-0135/0136/0137 が FIX:直ちにパッチを! https://t.co/CgYYRwyacj NVIDIA Container Toolkit/GPU Operator に存在する、3件の脆弱性が FIX しました。また、コンフィグによる緩和策も提供されていますので、ご確認ください。… https://t.co/SuKURNUKDs

    @iototsecnews

    27 Jan 2025

    23 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. CVE-2024-0135 Get Conversion Status GET /api/v1/status/{job_id} ### Video Search API ```bash # Search Video Content POST /api/v1/search Content-Type https://t.co/5IJjSCPQnj

    @VulmonFeeds

    20 Jan 2025

    99 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  4. Attention, developers & IT pros! 🚨 @nvidia just dropped a critical security update for its Container Toolkit and GPU Operator—and it’s a BIG deal. Here's why you NEED to act now: 1️⃣ A vulnerability (CVE-2024-0135) could allow attackers to MODIFY host binaries from a

    @abdussaboor_com

    19 Jan 2025

    35 Impressions

    1 Retweet

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  5. NVIDIA has released a security update for its Container Toolkit and GPU Operator to address critical vulnerabilities, including CVE-2024-0135, allowing harmful code execution. 🛡️💻 #NVIDIA #TechUpdate #USA #CybersecurityNews link: https://t.co/e2g756a4b9 https://t.co/Ihj1v9NON9

    @TweetThreatNews

    18 Jan 2025

    48 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  6. 2/9 @nvidia fixed three Linux tool flaws (CVE-2024-0135, CVE-2024-0136, CVE-2024-0137) that could lead to code execution & data tampering. Update to versions 1.17.1 & 24.9.1! #NvidiaSecurity #LinuxVulnerabilities

    @Eth1calHackrZ

    18 Jan 2025

    11 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  7. 🚨 Critical Security Updates Released 🚨 NVIDIA, Zoom, and Zyxel have patched high-severity vulnerabilities: 🔐 NVIDIA: CVE-2024-0135 and CVE-2024-0136, affecting Container Toolkit and GPU Operator for Linux. 🎥 Zoom: CVE-2025-0147, privilege escalation risk in Workplace app… h

    @arunpratap786

    16 Jan 2025

    32 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References