Metrics
Affected Vendors & Products
Solution
No solution given by the vendor.
Workaround
This vulnerability does not impact use cases where CDI is used. The fix for this vulnerability changes the default behavior of the NVIDIA Container Toolkit. By default the NVIDIA CUDA compatibility libraries from /usr/local/cuda/compat in the container are no longer mounted to the default library path in the container being run. This may affect certain applications that depend on this behavior. A feature flag, allow-cuda-compat-libs-from-container was included in the NVIDIA Container Toolkit to allow users to opt-in to the previous behavior if required. Warning: Opting-in to the previous behavior will remove protection against this vulnerability and is not recommended. To set the feature flag ensure that the NVIDIA Container Toolkit config file at /etc/nvidia-container-runtime/config.toml includes: [features] allow-cuda-compat-libs-from-container = true Setting the value above to false or removing the config file entry will disable the feature. In the case of the NVIDIA GPU Operator the feature flag can be set by including the following in the NVIDIA GPU Operator helm install command: --set "toolkit.env[0].name=NVIDIA_CONTAINER_TOOLKIT_OPT_IN_FEATURES" --set "toolkit.env[0].value=allow-cuda-compat-libs-from-container" For users who know that their application needs CUDA Forward Compatibility the following workaround can be used: Setting the LD_LIBRARY_PATH environment variable to include /usr/local/cuda/compat This may cause portability issues for some containers when running across multiple driver versions – especially when these are more recent than the compatibility libraries in the container.
Thu, 25 Sep 2025 14:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Linux
Linux linux Kernel Nvidia nvidia Container Toolkit Nvidia nvidia Gpu Operator |
|
CPEs | cpe:2.3:a:nvidia:nvidia_container_toolkit:*:*:*:*:*:*:*:* cpe:2.3:a:nvidia:nvidia_gpu_operator:*:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* |
|
Vendors & Products |
Linux
Linux linux Kernel Nvidia nvidia Container Toolkit Nvidia nvidia Gpu Operator |
Sat, 12 Jul 2025 13:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
epss
|
epss
|
Fri, 11 Jul 2025 13:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
epss
|
epss
|
Fri, 11 Apr 2025 14:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
| |
Metrics |
ssvc
|
ssvc
|
Wed, 12 Feb 2025 16:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Wed, 12 Feb 2025 13:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Title | nvidia-container-toolkit: TOCTOU Vulnerability in NVIDIA Container Toolkit | |
References |
| |
Metrics |
threat_severity
|
threat_severity
|
Wed, 12 Feb 2025 01:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | NVIDIA Container Toolkit for Linux contains a Time-of-Check Time-of-Use (TOCTOU) vulnerability when used with default configuration, where a crafted container image could gain access to the host file system. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering. | |
Weaknesses | CWE-367 | |
References |
| |
Metrics |
cvssV3_1
|

Status: PUBLISHED
Assigner: nvidia
Published:
Updated: 2025-04-11T13:24:14.643Z
Reserved: 2025-01-14T01:07:26.681Z
Link: CVE-2025-23359

Updated: 2025-02-12T15:59:37.487Z

Status : Analyzed
Published: 2025-02-12T01:15:09.230
Modified: 2025-09-25T13:50:04.687
Link: CVE-2025-23359


Updated: 2025-07-13T11:07:13Z