Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2024-0134 (GCVE-0-2024-0134)
Vulnerability from cvelistv5 – Published: 2024-11-05 18:37 – Updated: 2024-11-05 18:52
VLAI?
EPSS
Summary
NVIDIA Container Toolkit and NVIDIA GPU Operator for Linux contain a UNIX vulnerability where a specially crafted container image can lead to the creation of unauthorized files on the host. The name and location of the files cannot be controlled by an attacker. A successful exploit of this vulnerability might lead to data tampering.
Severity ?
4.1 (Medium)
CWE
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| NVIDIA | NVIDIA Container Toolkit |
Affected:
All versions up to and including v1.16.2
|
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-0134",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-05T18:51:43.650698Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-05T18:52:00.366Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Linux"
],
"product": "NVIDIA Container Toolkit",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All versions up to and including v1.16.2"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux"
],
"product": "NVIDIA GPU Operator",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All versions up to and including 24.6.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eNVIDIA Container Toolkit and NVIDIA GPU Operator for Linux contain a UNIX vulnerability where a specially crafted container image can lead to the creation of unauthorized files on the host. The name and location of the files cannot be controlled by an attacker. A successful exploit of this vulnerability might lead to data tampering.\u003c/span\u003e"
}
],
"value": "NVIDIA Container Toolkit and NVIDIA GPU Operator for Linux contain a UNIX vulnerability where a specially crafted container image can lead to the creation of unauthorized files on the host. The name and location of the files cannot be controlled by an attacker. A successful exploit of this vulnerability might lead to data tampering."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Data tampering"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-61",
"description": "CWE-61",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-05T18:37:31.699Z",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5585"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2024-0134",
"datePublished": "2024-11-05T18:37:31.699Z",
"dateReserved": "2023-12-02T00:42:44.854Z",
"dateUpdated": "2024-11-05T18:52:00.366Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"fkie_nvd": {
"configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nvidia:nvidia_container_toolkit:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"1.17\", \"matchCriteriaId\": \"004681E6-7D96-4A27-A5B1-F9E2D7EB5617\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nvidia:nvidia_gpu_operator:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"24.9.0\", \"matchCriteriaId\": \"1338BFAB-73D4-4255-A33D-1016965C00F9\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"703AF700-7A70-47E2-BC3A-7FD03B3CA9C1\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"NVIDIA Container Toolkit and NVIDIA GPU Operator for Linux contain a UNIX vulnerability where a specially crafted container image can lead to the creation of unauthorized files on the host. The name and location of the files cannot be controlled by an attacker. A successful exploit of this vulnerability might lead to data tampering.\"}, {\"lang\": \"es\", \"value\": \" NVIDIA Container Toolkit y NVIDIA GPU Operator para Linux contienen una vulnerabilidad de UNIX en la que una imagen de contenedor especialmente manipulada puede provocar la creaci\\u00f3n de archivos no autorizados en el host. El nombre y la ubicaci\\u00f3n de los archivos no pueden ser controlados por un atacante. Una explotaci\\u00f3n exitosa de esta vulnerabilidad podr\\u00eda provocar la manipulaci\\u00f3n de datos.\"}]",
"id": "CVE-2024-0134",
"lastModified": "2024-11-08T15:53:40.200",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"psirt@nvidia.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:N\", \"baseScore\": 4.1, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"REQUIRED\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"LOW\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 2.3, \"impactScore\": 1.4}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:N\", \"baseScore\": 4.1, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"REQUIRED\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"LOW\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 2.3, \"impactScore\": 1.4}]}",
"published": "2024-11-05T19:15:05.203",
"references": "[{\"url\": \"https://nvidia.custhelp.com/app/answers/detail/a_id/5585\", \"source\": \"psirt@nvidia.com\", \"tags\": [\"Vendor Advisory\"]}]",
"sourceIdentifier": "psirt@nvidia.com",
"vulnStatus": "Analyzed",
"weaknesses": "[{\"source\": \"psirt@nvidia.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-61\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-Other\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2024-0134\",\"sourceIdentifier\":\"psirt@nvidia.com\",\"published\":\"2024-11-05T19:15:05.203\",\"lastModified\":\"2024-11-08T15:53:40.200\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"NVIDIA Container Toolkit and NVIDIA GPU Operator for Linux contain a UNIX vulnerability where a specially crafted container image can lead to the creation of unauthorized files on the host. The name and location of the files cannot be controlled by an attacker. A successful exploit of this vulnerability might lead to data tampering.\"},{\"lang\":\"es\",\"value\":\" NVIDIA Container Toolkit y NVIDIA GPU Operator para Linux contienen una vulnerabilidad de UNIX en la que una imagen de contenedor especialmente manipulada puede provocar la creaci\u00f3n de archivos no autorizados en el host. El nombre y la ubicaci\u00f3n de los archivos no pueden ser controlados por un atacante. Una explotaci\u00f3n exitosa de esta vulnerabilidad podr\u00eda provocar la manipulaci\u00f3n de datos.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"psirt@nvidia.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:N\",\"baseScore\":4.1,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.3,\"impactScore\":1.4},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:N\",\"baseScore\":4.1,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.3,\"impactScore\":1.4}]},\"weaknesses\":[{\"source\":\"psirt@nvidia.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-61\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nvidia:nvidia_container_toolkit:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.17\",\"matchCriteriaId\":\"004681E6-7D96-4A27-A5B1-F9E2D7EB5617\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nvidia:nvidia_gpu_operator:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"24.9.0\",\"matchCriteriaId\":\"1338BFAB-73D4-4255-A33D-1016965C00F9\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"703AF700-7A70-47E2-BC3A-7FD03B3CA9C1\"}]}]}],\"references\":[{\"url\":\"https://nvidia.custhelp.com/app/answers/detail/a_id/5585\",\"source\":\"psirt@nvidia.com\",\"tags\":[\"Vendor Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-0134\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-11-05T18:51:43.650698Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-11-05T18:51:56.051Z\"}}], \"cna\": {\"source\": {\"discovery\": \"UNKNOWN\"}, \"impacts\": [{\"descriptions\": [{\"lang\": \"en\", \"value\": \"Data tampering\"}]}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 4.1, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:N\", \"integrityImpact\": \"LOW\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"NONE\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"NVIDIA\", \"product\": \"NVIDIA Container Toolkit\", \"versions\": [{\"status\": \"affected\", \"version\": \"All versions up to and including v1.16.2\"}], \"platforms\": [\"Linux\"], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"NVIDIA\", \"product\": \"NVIDIA GPU Operator\", \"versions\": [{\"status\": \"affected\", \"version\": \"All versions up to and including 24.6.2\"}], \"platforms\": [\"Linux\"], \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://nvidia.custhelp.com/app/answers/detail/a_id/5585\"}], \"x_generator\": {\"engine\": \"Vulnogram 0.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"NVIDIA Container Toolkit and NVIDIA GPU Operator for Linux contain a UNIX vulnerability where a specially crafted container image can lead to the creation of unauthorized files on the host. The name and location of the files cannot be controlled by an attacker. A successful exploit of this vulnerability might lead to data tampering.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cspan style=\\\"background-color: rgb(255, 255, 255);\\\"\u003eNVIDIA Container Toolkit and NVIDIA GPU Operator for Linux contain a UNIX vulnerability where a specially crafted container image can lead to the creation of unauthorized files on the host. The name and location of the files cannot be controlled by an attacker. A successful exploit of this vulnerability might lead to data tampering.\u003c/span\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-61\", \"description\": \"CWE-61\"}]}], \"providerMetadata\": {\"orgId\": \"9576f279-3576-44b5-a4af-b9a8644b2de6\", \"shortName\": \"nvidia\", \"dateUpdated\": \"2024-11-05T18:37:31.699Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2024-0134\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-11-05T18:52:00.366Z\", \"dateReserved\": \"2023-12-02T00:42:44.854Z\", \"assignerOrgId\": \"9576f279-3576-44b5-a4af-b9a8644b2de6\", \"datePublished\": \"2024-11-05T18:37:31.699Z\", \"assignerShortName\": \"nvidia\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
SUSE-SU-2025:4187-1
Vulnerability from csaf_suse - Published: 2025-11-24 07:58 - Updated: 2025-11-24 07:58Summary
Security update for nvidia-container-toolkit
Notes
Title of the patch
Security update for nvidia-container-toolkit
Description of the patch
This update for nvidia-container-toolkit fixes the following issues:
- Update to version 1.18.0:
- This is a major release and includes the following high-level changes:
- The default mode of the NVIDIA Container Runtime has been updated to make use
of a just-in-time-generated CDI specification instead of defaulting to the legacy mode.
- Added a systemd unit to generate CDI specifications for available devices automatically. This allows
native CDI support in container engines such as Docker and Podman to be used without additional steps.
- Security issues fixed:
- CVE-2024-0133: Fixed data tampering in host file system via specially
crafted container image (bsc#1231032)
- CVE-2024-0132: Fixed time-of-check time-of-use (TOCTOU) race condition
in default configuration via specifically crafted container image
(bsc#1231033)
- CVE-2024-0134: Fixed specially-crafted container image can lead to
the creation of unauthorized files on the host (bsc#1232855)
- CVE-2024-0135: Fixed Improper Isolation or Compartmentalization in
NVIDIA Container Toolkit (bsc#1236496)
- CVE-2024-0136: Fixed Improper Isolation or Compartmentalization in
NVIDIA Container Toolkit (bsc#1236497)
- CVE-2024-0137: Fixed Improper Isolation or Compartmentalization in
NVIDIA Container Toolkit (bsc#1236498)
- CVE-2025-23359: Fixed TOCTOU Vulnerability in NVIDIA Container Toolkit
(bsc#1237085)
- CVE-2025-23267: Fixed link following can lead to container escape
(bsc#1246614)
- CVE-2025-23266: Fixed hook initialization might lead to escalation
of privileges (bsc#1246860)
Patchnames
SUSE-2025-4187,SUSE-SLE-Module-Containers-15-SP6-2025-4187,SUSE-SLE-Module-Containers-15-SP7-2025-4187,SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-4187,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-4187,SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-4187,SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-4187,SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-4187,SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-4187,SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-4187,SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-4187,SUSE-SLE-Product-SLES_SAP-15-SP3-2025-4187,SUSE-SLE-Product-SLES_SAP-15-SP4-2025-4187,SUSE-SLE-Product-SLES_SAP-15-SP5-2025-4187,SUSE-Storage-7.1-2025-4187,openSUSE-SLE-15.6-2025-4187
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for nvidia-container-toolkit",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for nvidia-container-toolkit fixes the following issues:\n\n- Update to version 1.18.0:\n - This is a major release and includes the following high-level changes:\n - The default mode of the NVIDIA Container Runtime has been updated to make use\n of a just-in-time-generated CDI specification instead of defaulting to the legacy mode.\n - Added a systemd unit to generate CDI specifications for available devices automatically. This allows\n native CDI support in container engines such as Docker and Podman to be used without additional steps.\n \n- Security issues fixed:\n - CVE-2024-0133: Fixed data tampering in host file system via specially\n crafted container image (bsc#1231032)\n - CVE-2024-0132: Fixed time-of-check time-of-use (TOCTOU) race condition\n in default configuration via specifically crafted container image\n (bsc#1231033)\n - CVE-2024-0134: Fixed specially-crafted container image can lead to\n the creation of unauthorized files on the host (bsc#1232855)\n - CVE-2024-0135: Fixed Improper Isolation or Compartmentalization in\n NVIDIA Container Toolkit (bsc#1236496)\n - CVE-2024-0136: Fixed Improper Isolation or Compartmentalization in\n NVIDIA Container Toolkit (bsc#1236497)\n - CVE-2024-0137: Fixed Improper Isolation or Compartmentalization in\n NVIDIA Container Toolkit (bsc#1236498)\n - CVE-2025-23359: Fixed TOCTOU Vulnerability in NVIDIA Container Toolkit\n (bsc#1237085)\n - CVE-2025-23267: Fixed link following can lead to container escape\n (bsc#1246614)\n - CVE-2025-23266: Fixed hook initialization might lead to escalation\n of privileges (bsc#1246860)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-4187,SUSE-SLE-Module-Containers-15-SP6-2025-4187,SUSE-SLE-Module-Containers-15-SP7-2025-4187,SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-4187,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-4187,SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-4187,SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-4187,SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-4187,SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-4187,SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-4187,SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-4187,SUSE-SLE-Product-SLES_SAP-15-SP3-2025-4187,SUSE-SLE-Product-SLES_SAP-15-SP4-2025-4187,SUSE-SLE-Product-SLES_SAP-15-SP5-2025-4187,SUSE-Storage-7.1-2025-4187,openSUSE-SLE-15.6-2025-4187",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_4187-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:4187-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20254187-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:4187-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-November/023342.html"
},
{
"category": "self",
"summary": "SUSE Bug 1231032",
"url": "https://bugzilla.suse.com/1231032"
},
{
"category": "self",
"summary": "SUSE Bug 1231033",
"url": "https://bugzilla.suse.com/1231033"
},
{
"category": "self",
"summary": "SUSE Bug 1232855",
"url": "https://bugzilla.suse.com/1232855"
},
{
"category": "self",
"summary": "SUSE Bug 1236496",
"url": "https://bugzilla.suse.com/1236496"
},
{
"category": "self",
"summary": "SUSE Bug 1236497",
"url": "https://bugzilla.suse.com/1236497"
},
{
"category": "self",
"summary": "SUSE Bug 1236498",
"url": "https://bugzilla.suse.com/1236498"
},
{
"category": "self",
"summary": "SUSE Bug 1237085",
"url": "https://bugzilla.suse.com/1237085"
},
{
"category": "self",
"summary": "SUSE Bug 1246614",
"url": "https://bugzilla.suse.com/1246614"
},
{
"category": "self",
"summary": "SUSE Bug 1246860",
"url": "https://bugzilla.suse.com/1246860"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-0132 page",
"url": "https://www.suse.com/security/cve/CVE-2024-0132/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-0133 page",
"url": "https://www.suse.com/security/cve/CVE-2024-0133/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-0134 page",
"url": "https://www.suse.com/security/cve/CVE-2024-0134/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-0135 page",
"url": "https://www.suse.com/security/cve/CVE-2024-0135/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-0136 page",
"url": "https://www.suse.com/security/cve/CVE-2024-0136/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-0137 page",
"url": "https://www.suse.com/security/cve/CVE-2024-0137/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23266 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23266/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23267 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23267/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23359 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23359/"
}
],
"title": "Security update for nvidia-container-toolkit",
"tracking": {
"current_release_date": "2025-11-24T07:58:47Z",
"generator": {
"date": "2025-11-24T07:58:47Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:4187-1",
"initial_release_date": "2025-11-24T07:58:47Z",
"revision_history": [
{
"date": "2025-11-24T07:58:47Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"product": {
"name": "nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"product_id": "nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"product": {
"name": "nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"product_id": "nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "nvidia-container-toolkit-1.18.0-150200.5.17.1.s390x",
"product": {
"name": "nvidia-container-toolkit-1.18.0-150200.5.17.1.s390x",
"product_id": "nvidia-container-toolkit-1.18.0-150200.5.17.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"product": {
"name": "nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"product_id": "nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Containers 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-containers:15:sp6"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Containers 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Module for Containers 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-containers:15:sp7"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP3-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Enterprise Storage 7.1",
"product": {
"name": "SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:ses:7.1"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.6",
"product": {
"name": "openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64 as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64"
},
"product_reference": "nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le"
},
"product_reference": "nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64 as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64"
},
"product_reference": "nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64 as component of SUSE Linux Enterprise Module for Containers 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64"
},
"product_reference": "nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le as component of SUSE Linux Enterprise Module for Containers 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le"
},
"product_reference": "nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64 as component of SUSE Linux Enterprise Module for Containers 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64"
},
"product_reference": "nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64"
},
"product_reference": "nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64"
},
"product_reference": "nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64"
},
"product_reference": "nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64"
},
"product_reference": "nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64"
},
"product_reference": "nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64"
},
"product_reference": "nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64"
},
"product_reference": "nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64"
},
"product_reference": "nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64"
},
"product_reference": "nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64"
},
"product_reference": "nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64"
},
"product_reference": "nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le"
},
"product_reference": "nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64"
},
"product_reference": "nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64"
},
"product_reference": "nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le"
},
"product_reference": "nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64"
},
"product_reference": "nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64"
},
"product_reference": "nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le"
},
"product_reference": "nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64"
},
"product_reference": "nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le"
},
"product_reference": "nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64"
},
"product_reference": "nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le"
},
"product_reference": "nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64"
},
"product_reference": "nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le"
},
"product_reference": "nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64"
},
"product_reference": "nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64"
},
"product_reference": "nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64"
},
"product_reference": "nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64"
},
"product_reference": "nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le"
},
"product_reference": "nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nvidia-container-toolkit-1.18.0-150200.5.17.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.s390x"
},
"product_reference": "nvidia-container-toolkit-1.18.0-150200.5.17.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64"
},
"product_reference": "nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-0132",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-0132"
}
],
"notes": [
{
"category": "general",
"text": "NVIDIA Container Toolkit 1.16.1 or earlier contains a Time-of-check Time-of-Use (TOCTOU) vulnerability when used with default configuration where a specifically crafted container image may gain access to the host file system. This does not impact use cases where CDI is used. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.s390x",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-0132",
"url": "https://www.suse.com/security/cve/CVE-2024-0132"
},
{
"category": "external",
"summary": "SUSE Bug 1231033 for CVE-2024-0132",
"url": "https://bugzilla.suse.com/1231033"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.s390x",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.s390x",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-24T07:58:47Z",
"details": "important"
}
],
"title": "CVE-2024-0132"
},
{
"cve": "CVE-2024-0133",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-0133"
}
],
"notes": [
{
"category": "general",
"text": "NVIDIA Container Toolkit 1.16.1 or earlier contains a vulnerability in the default mode of operation allowing a specially crafted container image to create empty files on the host file system. This does not impact use cases where CDI is used. A successful exploit of this vulnerability may lead to data tampering.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.s390x",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-0133",
"url": "https://www.suse.com/security/cve/CVE-2024-0133"
},
{
"category": "external",
"summary": "SUSE Bug 1231032 for CVE-2024-0133",
"url": "https://bugzilla.suse.com/1231032"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.s390x",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.s390x",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-24T07:58:47Z",
"details": "moderate"
}
],
"title": "CVE-2024-0133"
},
{
"cve": "CVE-2024-0134",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-0134"
}
],
"notes": [
{
"category": "general",
"text": "NVIDIA Container Toolkit and NVIDIA GPU Operator for Linux contain a UNIX vulnerability where a specially crafted container image can lead to the creation of unauthorized files on the host. The name and location of the files cannot be controlled by an attacker. A successful exploit of this vulnerability might lead to data tampering.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.s390x",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-0134",
"url": "https://www.suse.com/security/cve/CVE-2024-0134"
},
{
"category": "external",
"summary": "SUSE Bug 1232855 for CVE-2024-0134",
"url": "https://bugzilla.suse.com/1232855"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.s390x",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.6,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.s390x",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-24T07:58:47Z",
"details": "low"
}
],
"title": "CVE-2024-0134"
},
{
"cve": "CVE-2024-0135",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-0135"
}
],
"notes": [
{
"category": "general",
"text": "NVIDIA Container Toolkit contains an improper isolation vulnerability where a specially crafted container image could lead to modification of a host binary. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.s390x",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-0135",
"url": "https://www.suse.com/security/cve/CVE-2024-0135"
},
{
"category": "external",
"summary": "SUSE Bug 1236496 for CVE-2024-0135",
"url": "https://bugzilla.suse.com/1236496"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.s390x",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.s390x",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-24T07:58:47Z",
"details": "important"
}
],
"title": "CVE-2024-0135"
},
{
"cve": "CVE-2024-0136",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-0136"
}
],
"notes": [
{
"category": "general",
"text": "NVIDIA Container Toolkit contains an improper isolation vulnerability where a specially crafted container image could lead to untrusted code obtaining read and write access to host devices. This vulnerability is present only when the NVIDIA Container Toolkit is configured in a nondefault way. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.s390x",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-0136",
"url": "https://www.suse.com/security/cve/CVE-2024-0136"
},
{
"category": "external",
"summary": "SUSE Bug 1236497 for CVE-2024-0136",
"url": "https://bugzilla.suse.com/1236497"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.s390x",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.s390x",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-24T07:58:47Z",
"details": "important"
}
],
"title": "CVE-2024-0136"
},
{
"cve": "CVE-2024-0137",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-0137"
}
],
"notes": [
{
"category": "general",
"text": "NVIDIA Container Toolkit contains an improper isolation vulnerability where a specially crafted container image could lead to untrusted code running in the host\u0027s network namespace. This vulnerability is present only when the NVIDIA Container Toolkit is configured in a nondefault way. A successful exploit of this vulnerability may lead to denial of service and escalation of privileges.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.s390x",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-0137",
"url": "https://www.suse.com/security/cve/CVE-2024-0137"
},
{
"category": "external",
"summary": "SUSE Bug 1236498 for CVE-2024-0137",
"url": "https://bugzilla.suse.com/1236498"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.s390x",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.s390x",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-24T07:58:47Z",
"details": "moderate"
}
],
"title": "CVE-2024-0137"
},
{
"cve": "CVE-2025-23266",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23266"
}
],
"notes": [
{
"category": "general",
"text": "NVIDIA Container Toolkit for all platforms contains a vulnerability in some hooks used to initialize the container, where an attacker could execute arbitrary code with elevated permissions. A successful exploit of this vulnerability might lead to escalation of privileges, data tampering, information disclosure, and denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.s390x",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23266",
"url": "https://www.suse.com/security/cve/CVE-2025-23266"
},
{
"category": "external",
"summary": "SUSE Bug 1246860 for CVE-2025-23266",
"url": "https://bugzilla.suse.com/1246860"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.s390x",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.s390x",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-24T07:58:47Z",
"details": "critical"
}
],
"title": "CVE-2025-23266"
},
{
"cve": "CVE-2025-23267",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23267"
}
],
"notes": [
{
"category": "general",
"text": "NVIDIA Container Toolkit for all platforms contains a vulnerability in the update-ldcache hook, where an attacker could cause a link following by using a specially crafted container image. A successful exploit of this vulnerability might lead to data tampering and denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.s390x",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23267",
"url": "https://www.suse.com/security/cve/CVE-2025-23267"
},
{
"category": "external",
"summary": "SUSE Bug 1246614 for CVE-2025-23267",
"url": "https://bugzilla.suse.com/1246614"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.s390x",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.s390x",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-24T07:58:47Z",
"details": "important"
}
],
"title": "CVE-2025-23267"
},
{
"cve": "CVE-2025-23359",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23359"
}
],
"notes": [
{
"category": "general",
"text": "NVIDIA Container Toolkit for Linux contains a Time-of-Check Time-of-Use (TOCTOU) vulnerability when used with default configuration, where a crafted container image could gain access to the host file system. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.s390x",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23359",
"url": "https://www.suse.com/security/cve/CVE-2025-23359"
},
{
"category": "external",
"summary": "SUSE Bug 1237085 for CVE-2025-23359",
"url": "https://bugzilla.suse.com/1237085"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.s390x",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.s390x",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-24T07:58:47Z",
"details": "important"
}
],
"title": "CVE-2025-23359"
}
]
}
GHSA-7JM9-XPWX-V999
Vulnerability from github – Published: 2024-11-05 21:30 – Updated: 2024-11-05 21:30
VLAI?
Details
NVIDIA Container Toolkit and NVIDIA GPU Operator for Linux contain a UNIX vulnerability where a specially crafted container image can lead to the creation of unauthorized files on the host. The name and location of the files cannot be controlled by an attacker. A successful exploit of this vulnerability might lead to data tampering.
Severity ?
4.1 (Medium)
{
"affected": [],
"aliases": [
"CVE-2024-0134"
],
"database_specific": {
"cwe_ids": [
"CWE-61"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-11-05T19:15:05Z",
"severity": "MODERATE"
},
"details": "NVIDIA Container Toolkit and NVIDIA GPU Operator for Linux contain a UNIX vulnerability where a specially crafted container image can lead to the creation of unauthorized files on the host. The name and location of the files cannot be controlled by an attacker. A successful exploit of this vulnerability might lead to data tampering.",
"id": "GHSA-7jm9-xpwx-v999",
"modified": "2024-11-05T21:30:43Z",
"published": "2024-11-05T21:30:43Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-0134"
},
{
"type": "WEB",
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5585"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:N",
"type": "CVSS_V3"
}
]
}
FKIE_CVE-2024-0134
Vulnerability from fkie_nvd - Published: 2024-11-05 19:15 - Updated: 2024-11-08 15:53
Severity ?
4.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:N
4.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:N
4.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:N
Summary
NVIDIA Container Toolkit and NVIDIA GPU Operator for Linux contain a UNIX vulnerability where a specially crafted container image can lead to the creation of unauthorized files on the host. The name and location of the files cannot be controlled by an attacker. A successful exploit of this vulnerability might lead to data tampering.
References
| URL | Tags | ||
|---|---|---|---|
| psirt@nvidia.com | https://nvidia.custhelp.com/app/answers/detail/a_id/5585 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| nvidia | nvidia_container_toolkit | * | |
| nvidia | nvidia_gpu_operator | * | |
| linux | linux_kernel | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nvidia:nvidia_container_toolkit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "004681E6-7D96-4A27-A5B1-F9E2D7EB5617",
"versionEndExcluding": "1.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nvidia:nvidia_gpu_operator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1338BFAB-73D4-4255-A33D-1016965C00F9",
"versionEndExcluding": "24.9.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "NVIDIA Container Toolkit and NVIDIA GPU Operator for Linux contain a UNIX vulnerability where a specially crafted container image can lead to the creation of unauthorized files on the host. The name and location of the files cannot be controlled by an attacker. A successful exploit of this vulnerability might lead to data tampering."
},
{
"lang": "es",
"value": " NVIDIA Container Toolkit y NVIDIA GPU Operator para Linux contienen una vulnerabilidad de UNIX en la que una imagen de contenedor especialmente manipulada puede provocar la creaci\u00f3n de archivos no autorizados en el host. El nombre y la ubicaci\u00f3n de los archivos no pueden ser controlados por un atacante. Una explotaci\u00f3n exitosa de esta vulnerabilidad podr\u00eda provocar la manipulaci\u00f3n de datos."
}
],
"id": "CVE-2024-0134",
"lastModified": "2024-11-08T15:53:40.200",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 1.4,
"source": "psirt@nvidia.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-11-05T19:15:05.203",
"references": [
{
"source": "psirt@nvidia.com",
"tags": [
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5585"
}
],
"sourceIdentifier": "psirt@nvidia.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-61"
}
],
"source": "psirt@nvidia.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
GSD-2024-0134
Vulnerability from gsd - Updated: 2023-12-13 01:21Details
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2024-0134",
"id": "GSD-2024-0134"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2024-0134"
],
"id": "GSD-2024-0134",
"modified": "2023-12-13T01:21:42.528455Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2024-0134",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
}
}
MSRC_CVE-2024-0134
Vulnerability from csaf_microsoft - Published: 2024-11-02 00:00 - Updated: 2024-12-12 00:00Summary
NVIDIA Container Toolkit and NVIDIA GPU Operator for Linux contain a UNIX vulnerability where a specially crafted container image can lead to the creation of unauthorized files on the host.
Notes
Additional Resources
To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle
Disclaimer
The information provided in the Microsoft Knowledge Base is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.
{
"document": {
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Public",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
"title": "Disclaimer"
}
],
"publisher": {
"category": "vendor",
"contact_details": "secure@microsoft.com",
"name": "Microsoft Security Response Center",
"namespace": "https://msrc.microsoft.com"
},
"references": [
{
"category": "self",
"summary": "CVE-2024-0134 NVIDIA Container Toolkit and NVIDIA GPU Operator for Linux contain a UNIX vulnerability where a specially crafted container image can lead to the creation of unauthorized files on the host. - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2024/msrc_cve-2024-0134.json"
},
{
"category": "external",
"summary": "Microsoft Support Lifecycle",
"url": "https://support.microsoft.com/lifecycle"
},
{
"category": "external",
"summary": "Common Vulnerability Scoring System",
"url": "https://www.first.org/cvss"
}
],
"title": "NVIDIA Container Toolkit and NVIDIA GPU Operator for Linux contain a UNIX vulnerability where a specially crafted container image can lead to the creation of unauthorized files on the host.",
"tracking": {
"current_release_date": "2024-12-12T00:00:00.000Z",
"generator": {
"date": "2025-10-20T02:32:18.841Z",
"engine": {
"name": "MSRC Generator",
"version": "1.0"
}
},
"id": "msrc_CVE-2024-0134",
"initial_release_date": "2024-11-02T00:00:00.000Z",
"revision_history": [
{
"date": "2024-12-07T00:00:00.000Z",
"legacy_version": "1",
"number": "1",
"summary": "Information published."
},
{
"date": "2024-12-12T00:00:00.000Z",
"legacy_version": "1.1",
"number": "2",
"summary": "Added nvidia-container-toolkit to CBL-Mariner 2.0\nAdded nvidia-container-toolkit to Azure Linux 3.0"
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "2.0",
"product": {
"name": "CBL Mariner 2.0",
"product_id": "17086"
}
},
{
"category": "product_version",
"name": "3.0",
"product": {
"name": "Azure Linux 3.0",
"product_id": "17084"
}
}
],
"category": "product_name",
"name": "Azure Linux"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003ccbl2 nvidia-container-toolkit 1.17.1-1",
"product": {
"name": "\u003ccbl2 nvidia-container-toolkit 1.17.1-1",
"product_id": "4"
}
},
{
"category": "product_version",
"name": "cbl2 nvidia-container-toolkit 1.17.1-1",
"product": {
"name": "cbl2 nvidia-container-toolkit 1.17.1-1",
"product_id": "17186"
}
},
{
"category": "product_version_range",
"name": "\u003cazl3 nvidia-container-toolkit 1.17.1-1",
"product": {
"name": "\u003cazl3 nvidia-container-toolkit 1.17.1-1",
"product_id": "3"
}
},
{
"category": "product_version",
"name": "azl3 nvidia-container-toolkit 1.17.1-1",
"product": {
"name": "azl3 nvidia-container-toolkit 1.17.1-1",
"product_id": "17576"
}
},
{
"category": "product_version_range",
"name": "\u003cazl3 nvidia-container-toolkit 1.16.2-1",
"product": {
"name": "\u003cazl3 nvidia-container-toolkit 1.16.2-1",
"product_id": "2"
}
},
{
"category": "product_version",
"name": "azl3 nvidia-container-toolkit 1.16.2-1",
"product": {
"name": "azl3 nvidia-container-toolkit 1.16.2-1",
"product_id": "17611"
}
},
{
"category": "product_version_range",
"name": "\u003ccbl2 nvidia-container-toolkit 1.16.2-1",
"product": {
"name": "\u003ccbl2 nvidia-container-toolkit 1.16.2-1",
"product_id": "1"
}
},
{
"category": "product_version",
"name": "cbl2 nvidia-container-toolkit 1.16.2-1",
"product": {
"name": "cbl2 nvidia-container-toolkit 1.16.2-1",
"product_id": "19862"
}
}
],
"category": "product_name",
"name": "nvidia-container-toolkit"
}
],
"category": "vendor",
"name": "Microsoft"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003ccbl2 nvidia-container-toolkit 1.17.1-1 as a component of CBL Mariner 2.0",
"product_id": "17086-4"
},
"product_reference": "4",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 nvidia-container-toolkit 1.17.1-1 as a component of CBL Mariner 2.0",
"product_id": "17186-17086"
},
"product_reference": "17186",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003cazl3 nvidia-container-toolkit 1.17.1-1 as a component of Azure Linux 3.0",
"product_id": "17084-3"
},
"product_reference": "3",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 nvidia-container-toolkit 1.17.1-1 as a component of Azure Linux 3.0",
"product_id": "17576-17084"
},
"product_reference": "17576",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003cazl3 nvidia-container-toolkit 1.16.2-1 as a component of Azure Linux 3.0",
"product_id": "17084-2"
},
"product_reference": "2",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 nvidia-container-toolkit 1.16.2-1 as a component of Azure Linux 3.0",
"product_id": "17611-17084"
},
"product_reference": "17611",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003ccbl2 nvidia-container-toolkit 1.16.2-1 as a component of CBL Mariner 2.0",
"product_id": "17086-1"
},
"product_reference": "1",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 nvidia-container-toolkit 1.16.2-1 as a component of CBL Mariner 2.0",
"product_id": "19862-17086"
},
"product_reference": "19862",
"relates_to_product_reference": "17086"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-0134",
"cwe": {
"id": "CWE-61",
"name": "UNIX Symbolic Link (Symlink) Following"
},
"notes": [
{
"category": "general",
"text": "nvidia",
"title": "Assigning CNA"
}
],
"product_status": {
"fixed": [
"17186-17086",
"17576-17084",
"17611-17084",
"19862-17086"
],
"known_affected": [
"17086-4",
"17084-3",
"17084-2",
"17086-1"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-0134 NVIDIA Container Toolkit and NVIDIA GPU Operator for Linux contain a UNIX vulnerability where a specially crafted container image can lead to the creation of unauthorized files on the host. - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2024/msrc_cve-2024-0134.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"date": "2024-12-07T00:00:00.000Z",
"details": "1.17.1-1:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17086-4",
"17084-3",
"17084-2",
"17086-1"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalsScore": 0.0,
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"temporalScore": 4.1,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"17086-4",
"17084-3",
"17084-2",
"17086-1"
]
}
],
"title": "NVIDIA Container Toolkit and NVIDIA GPU Operator for Linux contain a UNIX vulnerability where a specially crafted container image can lead to the creation of unauthorized files on the host."
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…