{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-0137", "assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6", "state": "PUBLISHED", "assignerShortName": "nvidia", "dateReserved": "2023-12-02T00:42:48.032Z", "datePublished": "2025-01-28T03:10:36.813Z", "dateUpdated": "2025-01-28T15:15:38.917Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "platforms": ["Linux"], "product": "NVIDIA Container Toolkit", "vendor": "NVIDIA", "versions": [{"status": "affected", "version": "All versions up to and including v1.17.0"}]}, {"defaultStatus": "unaffected", "platforms": ["Linux"], "product": "NVIDIA GPU Operator", "vendor": "NVIDIA", "versions": [{"status": "affected", "version": "All versions up to and including 24.9.0"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">\n\n<span style=\"background-color: rgb(255, 255, 255);\">\n\n<span style=\"background-color: rgb(255, 255, 255);\">NVIDIA Container Toolkit contains an improper isolation vulnerability where a specially crafted container image could lead to untrusted code running in the host\u2019s network namespace. This vulnerability is present only when the NVIDIA Container Toolkit is configured in a nondefault way. A successful exploit of this vulnerability may lead to denial of service and escalation of privileges.</span>\n\n</span>\n\n</span>"}], "value": "NVIDIA Container Toolkit contains an improper isolation vulnerability where a specially crafted container image could lead to untrusted code running in the host\u2019s network namespace. This vulnerability is present only when the NVIDIA Container Toolkit is configured in a nondefault way. A successful exploit of this vulnerability may lead to denial of service and escalation of privileges."}], "impacts": [{"descriptions": [{"lang": "en", "value": "Denial of service, escalation of privileges"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-653", "description": "CWE-653", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6", "shortName": "nvidia", "dateUpdated": "2025-01-28T03:10:36.813Z"}, "references": [{"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5599"}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-01-28T14:53:20.208800Z", "id": "CVE-2024-0137", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-01-28T15:15:38.917Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-0137", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-01-28T14:53:20.208800Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-01-28T14:46:53.850Z"}}], "cna": {"source": {"discovery": "UNKNOWN"}, "impacts": [{"descriptions": [{"lang": "en", "value": "Denial of service, escalation of privileges"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "HIGH", "availabilityImpact": "LOW", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "NVIDIA", "product": "NVIDIA Container Toolkit", "versions": [{"status": "affected", "version": "All versions up to and including v1.17.0"}], "platforms": ["Linux"], "defaultStatus": "unaffected"}, {"vendor": "NVIDIA", "product": "NVIDIA GPU Operator", "versions": [{"status": "affected", "version": "All versions up to and including 24.9.0"}], "platforms": ["Linux"], "defaultStatus": "unaffected"}], "references": [{"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5599"}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "NVIDIA Container Toolkit contains an improper isolation vulnerability where a specially crafted container image could lead to untrusted code running in the host\u2019s network namespace. This vulnerability is present only when the NVIDIA Container Toolkit is configured in a nondefault way. A successful exploit of this vulnerability may lead to denial of service and escalation of privileges.", "supportingMedia": [{"type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">\n\n<span style=\"background-color: rgb(255, 255, 255);\">\n\n<span style=\"background-color: rgb(255, 255, 255);\">NVIDIA Container Toolkit contains an improper isolation vulnerability where a specially crafted container image could lead to untrusted code running in the host\u2019s network namespace. This vulnerability is present only when the NVIDIA Container Toolkit is configured in a nondefault way. A successful exploit of this vulnerability may lead to denial of service and escalation of privileges.</span>\n\n</span>\n\n</span>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-653", "description": "CWE-653"}]}], "providerMetadata": {"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6", "shortName": "nvidia", "dateUpdated": "2025-01-28T03:10:36.813Z"}}}, "cveMetadata": {"cveId": "CVE-2024-0137", "state": "PUBLISHED", "dateUpdated": "2025-01-28T15:15:38.917Z", "dateReserved": "2023-12-02T00:42:48.032Z", "assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6", "datePublished": "2025-01-28T03:10:36.813Z", "assignerShortName": "nvidia"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:nvidia:nvidia_container_toolkit:*:*:*:*:*:*:*:*", "matchCriteriaId": "80E54D22-0E59-4CE5-827F-4E9CF632E2F2", "versionEndExcluding": "1.17.3", "vulnerable": true}, {"criteria": "cpe:2.3:a:nvidia:nvidia_gpu_operator:*:*:*:*:*:*:*:*", "matchCriteriaId": "182A2529-0B26-4CD2-A869-72296F440DDF", "versionEndExcluding": "24.9.1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "NVIDIA Container Toolkit contains an improper isolation vulnerability where a specially crafted container image could lead to untrusted code running in the host\u2019s network namespace. This vulnerability is present only when the NVIDIA Container Toolkit is configured in a nondefault way. A successful exploit of this vulnerability may lead to denial of service and escalation of privileges."}, {"lang": "es", "value": "NVIDIA Container Toolkit contiene una vulnerabilidad de aislamiento inapropiado en la que una imagen de contenedor manipulado especial podr\u00eda provocar la ejecuci\u00f3n de c\u00f3digo no confiable en el espacio de nombres de red del host. Esta vulnerabilidad solo est\u00e1 presente cuando NVIDIA Container Toolkit est\u00e1 configurado de una manera no predeterminada. Una explotaci\u00f3n exitosa de esta vulnerabilidad puede provocar la denegaci\u00f3n de servicio y la escalada de privilegios."}], "id": "CVE-2024-0137", "lastModified": "2025-10-06T14:08:34.033", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 1.3, "impactScore": 3.7, "source": "psirt@nvidia.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 2.3, "impactScore": 3.7, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2025-01-28T03:15:07.567", "references": [{"source": "psirt@nvidia.com", "tags": ["Vendor Advisory", "Mitigation"], "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5599"}], "sourceIdentifier": "psirt@nvidia.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-653"}], "source": "psirt@nvidia.com", "type": "Primary"}]}

{"bugzilla": {"description": "nvidia-container-toolkit: Improper Isolation or Compartmentalization in NVIDIA Container Toolkit", "id": "2342480", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2342480"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L", "status": "draft"}, "cwe": "CWE-653", "details": ["NVIDIA Container Toolkit contains an improper isolation vulnerability where a specially crafted container image could lead to untrusted code running in the host\u2019s network namespace. This vulnerability is present only when the NVIDIA Container Toolkit is configured in a nondefault way. A successful exploit of this vulnerability may lead to denial of service and escalation of privileges.", "A flaw was found in the NVIDIA Container Toolkit. NVIDIA Container Toolkit contains an improper isolation vulnerability where a specially crafted container image could lead to untrusted code running in the host\u2019s network namespace. This vulnerability is present only when the NVIDIA Container Toolkit is configured in a non-default way. A successful exploit of this vulnerability may lead to denial of service and escalation of privileges."], "name": "CVE-2024-0137", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "toolbox", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2025-01-28T03:10:36Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-0137\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-0137\nhttps://nvidia.custhelp.com/app/answers/detail/a_id/5599"], "threat_severity": "Moderate"}

{"created": "2025-07-12T22:23:43.504196+00:00", "updated": "2025-07-12T22:23:43.504265+00:00", "vendors": ["nvidia", "nvidia$PRODUCT$container_toolkit"]}