Incomplete Patch in NVIDIA Toolkit Leaves CVE-2024-0132 Open to Container Escapes

Apr 10, 2025Ravie LakshmananContainer Security / Vulnerability

Cybersecurity researchers have detailed a case of an incomplete patch for a previously addressed security flaw impacting the NVIDIA Container Toolkit that, if successfully exploited, could put sensitive data at risk.

The original vulnerability CVE-2024-0132 (CVSS score: 9.0) is a Time-of-Check Time-of-Use (TOCTOU) vulnerability that could lead to a container escape attack and allow for unauthorized access to the underlying host.

While this flaw was resolved by NVIDIA in September 2024, a new analysis by Trend Micro has revealed the fix to be incomplete and that there also exists a related performance flaw affecting Docker on Linux that could result in a denial-of-service (DoS) condition.

“These issues could enable attackers to escape container isolation, access sensitive host resources, and cause severe operational disruptions,” Trend Micro researcher Abdelrahman Esmail said in a new report published today.

The fact that the TOCTOU vulnerability persists means that a specially crafted container could be abused to access the host file system and execute arbitrary commands with root privileges. The flaw impacts version 1.17.4 if the feature allow-cuda-compat-libs-from-container is explicitly enabled.

“The specific flaw exists within the mount_files function,” Trend Micro said. “The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the host.”

However, for this privilege escalation to work, the attacker must have already obtained the ability to execute code within a container.

The shortcoming has been assigned the CVE identifier CVE-2025-23359 (CVSS score: 9.0), which was previously flagged by cloud security firm Wiz as also a bypass for CVE-2024-0132 back in February 2025. It has been addressed in version 1.17.4.

The cybersecurity company said it also discovered a performance issue during the analysis of the CVE-2024-0132 that could potentially lead to a DoS vulnerability on the host machine. It affects Docker instances on Linux systems.

“When a new container is created with multiple mounts configured using (bind-propagation=shared), multiple parent/child paths are established. However, the associated entries are not removed in the Linux mount table after container termination,” Esmail said.

“This leads to a rapid and uncontrollable growth of the mount table, exhausting available file descriptors (fd). Eventually, Docker is unable to create new containers due to fd exhaustion. This excessively large mount table leads to a huge performance issue, preventing users from connecting to the host (i.e., via SSH).”

To mitigate the issue, it’s advised to monitor the Linux mount table for abnormal growth, limit Docker API access to authorized personnel, enforce strong access control policies, and conduct periodic audits of container-to-host filesystem bindings, volume mounts, and socket connections.

Upgrade your audio game with the Logitech for Creators Blue Yeti USB Microphone. With over 33,730 ratings and an impressive 4.6 out of 5 stars, it’s no wonder this is an Amazon’s Choice product. Recently, 5K+ units were purchased in the past month.

Available in five stunning colors: Teal, Silver, Pink Dawn, Midnight Blue, and Blackout, this microphone is perfect for creators looking to produce exceptional audio. Priced at only $84.99, it’s a deal you can’t afford to miss.

Elevate your recordings with clear broadcast-quality sound and explore your creativity with enhanced effects, advanced modulation, and HD audio samples. Order now for just $84.99 on Amazon!

Help Power Techcratic’s Future – Scan To Support

If Techcratic’s content and insights have helped you, consider giving back by supporting the platform with crypto. Every contribution makes a difference, whether it’s for high-quality content, server maintenance, or future updates. Techcratic is constantly evolving, and your support helps drive that progress.

As a solo operator who wears all the hats, creating content, managing the tech, and running the site, your support allows me to stay focused on delivering valuable resources. Your support keeps everything running smoothly and enables me to continue creating the content you love. I’m deeply grateful for your support, it truly means the world to me! Thank you!