- Description
- NVIDIA Container Toolkit for Linux contains a Time-of-Check Time-of-Use (TOCTOU) vulnerability when used with default configuration, where a crafted container image could gain access to the host file system. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.
- Source
- psirt@nvidia.com
- NVD status
- Received
CVSS 3.1
- Type
- Secondary
- Base score
- 8.3
- Impact score
- 6
- Exploitability score
- 1.6
- Vector string
- CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
- Severity
- HIGH
- psirt@nvidia.com
- CWE-367
- Hype score
- Not currently trending
⚠️ Vulnerability Alert: NVIDIA Container Toolkit mount_files Time-Of-Check Time-Of-Use Race Condition Privilege Escalation Vulnerability 📅 Timeline: Disclosure: 2025-02-04, Patch: 2025-02-11 🆔cveId: CVE-2025-23359 📊baseScore: 8.3 📏cvssMetrics:… https://t.co/1JyI5HHYhz
@syedaquib77
19 Feb 2025
16 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
“NVIDIA” məhsullarında boşluq (CVE-2025-23359) aşkar olunub #ETX #certaz #cybersecurity #kibertəhlükəsizlik #xəbərdarlıq https://t.co/xGGHljAqhp
@CERTAzerbaijan
18 Feb 2025
45 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
⚠️ นักวิจัยพบ #Exploit ใหม่ บน #NVIDIA Container Toolkit (CVE-2025-23359) ที่สามารถ Bypass Isolation และเข้าถึง host system ได้โดยตรง เสี่ยงต่อ AI และ HPC workloads อัปเดตระบบของคุณด่วน! อ่านรายละเอียด: https://t.co/sFbXsM7Sk4 #Cybersecurity . Credit - https://t.co/37qgHM73Hx .
@commencenow
17 Feb 2025
4 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
엔비디아(Nvidia) GPU 도구 최고 등급 취약점 발견(CVE-2025-23359) https://t.co/u5jHPAEVl4 #Nvidia #엔비디아 #취약점
@sakaijjang
16 Feb 2025
16 Impressions
0 Retweets
0 Likes
1 Bookmark
0 Replies
0 Quotes
CVE-2025-23359: Nvidia-container-toolkit: GPU Container Escape (CVE-2024-0132 fix bypass) https://t.co/nZmShQehjW libnvidia-container mount is susceptible to symlink attacks, which can lead to arbitrary host directories being mounted
@oss_security
15 Feb 2025
454 Impressions
0 Retweets
3 Likes
1 Bookmark
0 Replies
0 Quotes
⚠️ Vulnerability Alert: NVIDIA Container Toolkit Vulnerable to Code Execution Attacks 📅 Timeline: Disclosure: 2025-02-11, Patch: 2025-02-12 📌 Attribution: Wiz Research 🆔cveId: CVE-2025-23359 📊baseScore: 8.3 📏cvssMetrics: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvssSeverity:…
@syedaquib77
14 Feb 2025
17 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-23359: Nvidia-container-toolkit: GPU Container Escape (CVE-2024-0132 fix bypass) https://t.co/QBTOa3nWto
@andersonc0d3
14 Feb 2025
31 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 A critical vulnerability (CVE-2025-23359) in NVIDIA's Container Toolkit could allow attackers to escape container isolation and access the host’s entire file system. With a CVSS score of 8.3, this flaw underscores the importance of staying updated! 🌐🔒 #CyberSecurity
@eilonh1
12 Feb 2025
2 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
CVE-2025-23359 NVIDIA Container Toolkit for Linux contains a Time-of-Check Time-of-Use (TOCTOU) vulnerability when used with default configuration, where a crafted container image c… https://t.co/ry48pNLUSZ
@CVEnew
12 Feb 2025
324 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes