Hackers Could Exploit NVIDIA GPU Toolkit Flaw to Hijack Host Systems

A newly discovered vulnerability in the NVIDIA Container Toolkit impacts all AI applications utilizing it to access GPU resources, affecting both cloud and on-premise environments.

CVE-2024-0132: Threat to Cloud and AI Platforms

The flaw, tracked as CVE-2024-0132, allows attackers to escape from containers and gain full control over the host system, enabling the execution of commands or exfiltration of sensitive data. This toolkit is widely used in AI-focused platforms and comes pre-installed on many virtual machine images that rely on NVIDIA hardware.

According to Wiz Research, 35% of cloud environments could be at risk of attacks exploiting this vulnerability.

Project popularity on GitHub
Source: Wiz

Discover your weakest link. Be proactive, not reactive. Cybercriminals need just one flaw to strike.

Container Escape Flaw

The vulnerability has been assigned a critical-severity score of 9.0. It affects NVIDIA Container Toolkit 1.16.1 and earlier versions, as well as GPU Operator 24.6.1 and older.

This flaw arises from the lack of secure isolation between the GPU and the host system, enabling attackers to mount sensitive parts of the host filesystem or access runtime resources such as Unix sockets.

While most filesystems are mounted with read-only permissions, writable Unix sockets like ‘docker.sock’ and ‘containerd.sock’ remain accessible, allowing attackers to execute commands on the host.

An attacker could exploit this flaw using a malicious container image and gain control over the host, either by sharing GPU resources or running a compromised image.

Are u a security researcher? Or a company that writes articles about Cyber Security, Offensive Security (related to information security in general) that match with our specific audience and is worth sharing? If you want to express your idea in an article contact us here for a quote: [email protected]

Source: bleepingcomputer.com

Source Link