CVE-2025-23359

EUVD-2025-3156
NVIDIA Container Toolkit for Linux contains a Time-of-Check Time-of-Use (TOCTOU) vulnerability when used with default configuration, where a crafted container image could gain access to the host file system. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.
TOCTOU
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
8.3 HIGH
NETWORK
HIGH
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 88%
Affected Products (NVD)
VendorProductVersion
nvidianvidia_container_toolkit
𝑥
< 1.17.4
nvidianvidia_gpu_operator
𝑥
< 24.9.2
𝑥
= Vulnerable software versions
Azure Linux logo
Azure Linux Releases
Azure Package
Release
nvidia-container-toolkit
Azure Linux 3.0
0:1.17.4-1.azl3
fixed
CBL-Mariner 2.0
0:1.17.4-1.cm2
fixed