Researchers Find New Exploit Bypassing Patched NVIDIA Container Toolkit Vulnerability thehackernews.com/2025/02/r…

Cybersecurity researchers have discovered a bypass for a now-patched security vulnerability in the NVIDIA Container Toolkit that could be exploited to break out of a container’s isolation protections and gain complete access to the underlying host.

The new vulnerability is being tracked as CVE-2025-23359 (CVSS score: 8.3). It affects the following versions -

NVIDIA Container Toolkit (All versions up to and including 1.17.3) - Fixed in version 1.17.4 NVIDIA GPU Operator (All versions up to and including 24.9.1) - Fixed in version 24.9.2

Cloud security firm Wiz, which shared additional technical specifics of the flaw, said it’s a bypass for another vulnerability (CVE-2024-0132, CVSS score: 9.0) that was addressed by NVIDIA in September 2024.

In a nutshell, the vulnerability enables bad actors to mount the host’s root file system into a container, granting them unfettered access to all files. Furthermore, the access can be leveraged to launch privileged containers and achieve full host compromise via the runtime Unix socket.