Bug 2314824 (CVE-2024-0132)

A flaw was found in the NVIDIA Container Toolkit. Affected versions contain a Time-of-check Time-of-Use (TOCTOU) vulnerability when used with the default configuration, where a specifically crafted container image may gain access to the host file system. This issue does not impact use cases where CDI is used. The original fix for the vulnerability shipped by upstream was incomplete. The fix has been continued on CVE-2025-23359. The Container Device Interface (CDI) provides a standardized way to expose hardware devices like GPUs to containers, enabling more secure and predictable deployments. By clearly separating device access from the underlying container runtime, CDI helps contain the impact of bugs or vulnerabilities in device drivers. This isolation extends across container layers, so even if another container is built on top of one that implements CDI, hardware access remains controlled and protected, preserving security in derivative workloads. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.