CVE-2024-0135

High

Published: 28 January 2025

Published

28 January 2025

Modified

06 October 2025

KEV Added

—

Patch

—

CVSS Score 7.6 CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H

EPSS Score 0.0010 27.1th percentile

Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-0135 is a high-severity Improper Isolation or Compartmentalization (CWE-653) vulnerability in Nvidia Nvidia Container Toolkit. Its CVSS base score is 7.6 (High).

Operationally, ranked at the 27.1th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SC-39 (Process Isolation) and SI-2 (Flaw Remediation).

Threat & Defense at a Glance

What defenders deploy: see the NIST 800-53 controls recommended below.

Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-2 Flaw Remediation good match

prevent

Directly remediates the improper isolation flaw in NVIDIA Container Toolkit via timely patching, preventing exploitation by specially crafted container images.

SC-39 Process Isolation good match

prevent

Enforces process isolation between containers and host, directly countering the vulnerability that allows container images to modify host binaries.

SI-7 Software, Firmware, and Information Integrity partial match

detect

Monitors host software and firmware integrity to detect unauthorized modifications of host binaries resulting from container escape exploits.

NVD Description

NVIDIA Container Toolkit contains an improper isolation vulnerability where a specially crafted container image could lead to modification of a host binary. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, information…

disclosure, and data tampering.

Deeper analysisAI

CVE-2024-0135 is an improper isolation vulnerability in the NVIDIA Container Toolkit. The issue arises when a specially crafted container image can lead to modification of a host binary. Successful exploitation may result in code execution, denial of service, escalation of privileges, information disclosure, and data tampering. The vulnerability is rated with a CVSS v3.1 base score of 7.6 (AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H) and is associated with CWE-653.

An attacker requires high privileges (PR:H) on the target system and must convince a user to interact with a malicious container image (UI:R), such as loading or running it. The attack is feasible over the network (AV:N) but involves high complexity (AC:H). Exploitation changes the scope (S:C) and can achieve high impacts on confidentiality, integrity, and availability, including arbitrary code execution on the host and privilege escalation beyond the container's isolation.

NVIDIA has published a security advisory at https://nvidia.custhelp.com/app/answers/detail/a_id/5599 detailing the vulnerability, which was disclosed on 2025-01-28. Practitioners should consult this advisory for patch information and mitigation guidance.

Details

CWE(s): CWE-653

Affected Products

nvidia

nvidia container toolkit

≤ 1.17.3

nvidia

nvidia gpu operator

≤ 24.9.1

CVEs Like This One

CVE-2024-0136Same product: Linux Linux Kernel

CVE-2025-23359Same product: Linux Linux Kernel

CVE-2025-23243Same product: Linux Linux Kernel

CVE-2025-33230Same product: Linux Linux Kernel

CVE-2025-23242Same product: Linux Linux Kernel

CVE-2025-33206Same product: Linux Linux Kernel

CVE-2026-23440Same product: Linux Linux Kernel

CVE-2026-31694Same product: Linux Linux Kernel

CVE-2026-31641Same product: Linux Linux Kernel

CVE-2026-31698Same product: Linux Linux Kernel

References

https://nvidia.custhelp.com/app/answers/detail/a_id/5599
Mitigation, Vendor Advisory · psirt@nvidia.com