描述
NVIDIA Container Toolkit 1.16.1 or earlier contains a vulnerability in the default mode of operation allowing a specially crafted container image to create empty files on the host file system. This does not impact use cases where CDI is used. A successful exploit of this vulnerability may lead to data tampering.
AI分析AI驱动
受影响产品
nvidianvidia_container_toolkit
linuxlinux_kernel
-
nvidianvidia_gpu_operator
linuxlinux_kernel
-
参考资料
- https://nvidia.custhelp.com/app/answers/detail/a_id/5582Vendor Advisory