Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2025-23359 (GCVE-0-2025-23359)
Vulnerability from cvelistv5 – Published: 2025-02-12 00:52 – Updated: 2025-04-11 13:24
VLAI?
EPSS
Summary
NVIDIA Container Toolkit for Linux contains a Time-of-Check Time-of-Use (TOCTOU) vulnerability when used with default configuration, where a crafted container image could gain access to the host file system. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.
Severity ?
8.3 (High)
CWE
- CWE-367 - Time-of-check Time-of-use (TOCTOU) Race Condition
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| NVIDIA | Container Toolkit |
Affected:
All versions up to and including 1.17.3
|
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-23359",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-11T13:20:19.602945Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-11T13:24:14.643Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"media-coverage",
"exploit"
],
"url": "https://thehackernews.com/2025/04/incomplete-patch-in-nvidia-toolkit.html"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Linux"
],
"product": "Container Toolkit",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All versions up to and including 1.17.3"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux"
],
"product": "GPU Operator",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All versions up to and including 24.9.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eNVIDIA Container Toolkit for Linux contains a Time-of-Check Time-of-Use (TOCTOU) vulnerability when used with default configuration, where a crafted container image could gain access to the host file system. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.\u003c/span\u003e"
}
],
"value": "NVIDIA Container Toolkit for Linux contains a Time-of-Check Time-of-Use (TOCTOU) vulnerability when used with default configuration, where a crafted container image could gain access to the host file system. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Code execution, denial of service, escalation of privileges, information disclosure, data tampering"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-367",
"description": "CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-12T00:52:43.646Z",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5616"
}
],
"source": {
"discovery": "UNKNOWN"
},
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003eThis vulnerability does not impact use cases where CDI is used.\u003c/div\u003e\u003cdiv\u003e\u003cbr\u003eThe fix for this vulnerability changes the default behavior of the NVIDIA Container Toolkit. By default the NVIDIA CUDA compatibility libraries from /usr/local/cuda/compat in the container are no longer mounted to the default library path in the container being run. This may affect certain applications that depend on this behavior.\u003c/div\u003e\u003cdiv\u003e\u003cbr\u003eA feature flag, allow-cuda-compat-libs-from-container was included in the NVIDIA Container Toolkit to allow users to opt-in to the previous behavior if required.\u003cbr\u003eWarning: Opting-in to the previous behavior will remove protection against this vulnerability and is not recommended.\u003c/div\u003e\u003cdiv\u003e\u003cbr\u003eTo set the feature flag ensure that the NVIDIA Container Toolkit config file at /etc/nvidia-container-runtime/config.toml includes:\u003cbr\u003e\u003cbr\u003e[features]\u003cbr\u003e\u0026nbsp; allow-cuda-compat-libs-from-container = true\u003c/div\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;\u003c/span\u003e\u003cdiv\u003eSetting the value above to false or removing the config file entry will disable the feature.\u003c/div\u003e\u003cdiv\u003e\u003cbr\u003eIn the case of the NVIDIA GPU Operator the feature flag can be set by including the following in the NVIDIA GPU Operator helm install command:\u003c/div\u003e\u003cdiv\u003e--set \"toolkit.env[0].name=NVIDIA_CONTAINER_TOOLKIT_OPT_IN_FEATURES\" --set \"toolkit.env[0].value=allow-cuda-compat-libs-from-container\"\u003c/div\u003e\u003cdiv\u003e\u0026nbsp;\u003c/div\u003e\u003cdiv\u003eFor users who know that their application needs CUDA Forward Compatibility the following workaround can be used:\u003c/div\u003e\u003cdiv\u003e\u003cbr\u003eSetting the LD_LIBRARY_PATH environment variable to include /usr/local/cuda/compat\u003c/div\u003e\u003cdiv\u003e\u003cbr\u003eThis may cause portability issues for some containers when running across multiple driver versions \u2013 especially when these are more recent than the compatibility libraries in the container.\u003c/div\u003e\n\n\u003cbr\u003e"
}
],
"value": "This vulnerability does not impact use cases where CDI is used.\n\n\nThe fix for this vulnerability changes the default behavior of the NVIDIA Container Toolkit. By default the NVIDIA CUDA compatibility libraries from /usr/local/cuda/compat in the container are no longer mounted to the default library path in the container being run. This may affect certain applications that depend on this behavior.\n\n\nA feature flag, allow-cuda-compat-libs-from-container was included in the NVIDIA Container Toolkit to allow users to opt-in to the previous behavior if required.\nWarning: Opting-in to the previous behavior will remove protection against this vulnerability and is not recommended.\n\n\nTo set the feature flag ensure that the NVIDIA Container Toolkit config file at /etc/nvidia-container-runtime/config.toml includes:\n\n[features]\n\u00a0 allow-cuda-compat-libs-from-container = true\n\n\u00a0Setting the value above to false or removing the config file entry will disable the feature.\n\n\nIn the case of the NVIDIA GPU Operator the feature flag can be set by including the following in the NVIDIA GPU Operator helm install command:\n\n--set \"toolkit.env[0].name=NVIDIA_CONTAINER_TOOLKIT_OPT_IN_FEATURES\" --set \"toolkit.env[0].value=allow-cuda-compat-libs-from-container\"\n\n\u00a0\n\nFor users who know that their application needs CUDA Forward Compatibility the following workaround can be used:\n\n\nSetting the LD_LIBRARY_PATH environment variable to include /usr/local/cuda/compat\n\n\nThis may cause portability issues for some containers when running across multiple driver versions \u2013 especially when these are more recent than the compatibility libraries in the container."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2025-23359",
"datePublished": "2025-02-12T00:52:43.646Z",
"dateReserved": "2025-01-14T01:07:26.681Z",
"dateUpdated": "2025-04-11T13:24:14.643Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2025-23359\",\"sourceIdentifier\":\"psirt@nvidia.com\",\"published\":\"2025-02-12T01:15:09.230\",\"lastModified\":\"2025-09-25T13:50:04.687\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"NVIDIA Container Toolkit for Linux contains a Time-of-Check Time-of-Use (TOCTOU) vulnerability when used with default configuration, where a crafted container image could gain access to the host file system. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.\"},{\"lang\":\"es\",\"value\":\"NVIDIA Container Toolkit para Linux contiene una vulnerabilidad de tipo Time-of-Check Time-of-Use (TOCTOU) cuando se utiliza con la configuraci\u00f3n predeterminada, donde una imagen de contenedor manipulado podr\u00eda obtener acceso al archivo host sistema. Una explotaci\u00f3n exitosa de esta vulnerabilidad podr\u00eda provocar la ejecuci\u00f3n de c\u00f3digo, la denegaci\u00f3n de servicio, la escalada de privilegios, la divulgaci\u00f3n de informaci\u00f3n y la manipulaci\u00f3n de datos.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"psirt@nvidia.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H\",\"baseScore\":8.3,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.6,\"impactScore\":6.0},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.1,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.2,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"psirt@nvidia.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-367\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nvidia:nvidia_container_toolkit:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.17.4\",\"matchCriteriaId\":\"A771528B-FD02-4B98-BA64-BFAEA7BF71F4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nvidia:nvidia_gpu_operator:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"24.9.2\",\"matchCriteriaId\":\"FC194752-D788-4CCC-A4D2-01EB74232EE9\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"703AF700-7A70-47E2-BC3A-7FD03B3CA9C1\"}]}]}],\"references\":[{\"url\":\"https://nvidia.custhelp.com/app/answers/detail/a_id/5616\",\"source\":\"psirt@nvidia.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://thehackernews.com/2025/04/incomplete-patch-in-nvidia-toolkit.html\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"tags\":[\"Exploit\",\"Press/Media Coverage\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-23359\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-04-11T13:20:19.602945Z\"}}}], \"references\": [{\"url\": \"https://thehackernews.com/2025/04/incomplete-patch-in-nvidia-toolkit.html\", \"tags\": [\"media-coverage\", \"exploit\"]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-02-12T15:59:37.487Z\"}}], \"cna\": {\"source\": {\"discovery\": \"UNKNOWN\"}, \"impacts\": [{\"descriptions\": [{\"lang\": \"en\", \"value\": \"Code execution, denial of service, escalation of privileges, information disclosure, data tampering\"}]}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 8.3, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"NVIDIA\", \"product\": \"Container Toolkit\", \"versions\": [{\"status\": \"affected\", \"version\": \"All versions up to and including 1.17.3\"}], \"platforms\": [\"Linux\"], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"NVIDIA\", \"product\": \"GPU Operator\", \"versions\": [{\"status\": \"affected\", \"version\": \"All versions up to and including 24.9.1\"}], \"platforms\": [\"Linux\"], \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://nvidia.custhelp.com/app/answers/detail/a_id/5616\"}], \"workarounds\": [{\"lang\": \"en\", \"value\": \"This vulnerability does not impact use cases where CDI is used.\\n\\n\\nThe fix for this vulnerability changes the default behavior of the NVIDIA Container Toolkit. By default the NVIDIA CUDA compatibility libraries from /usr/local/cuda/compat in the container are no longer mounted to the default library path in the container being run. This may affect certain applications that depend on this behavior.\\n\\n\\nA feature flag, allow-cuda-compat-libs-from-container was included in the NVIDIA Container Toolkit to allow users to opt-in to the previous behavior if required.\\nWarning: Opting-in to the previous behavior will remove protection against this vulnerability and is not recommended.\\n\\n\\nTo set the feature flag ensure that the NVIDIA Container Toolkit config file at /etc/nvidia-container-runtime/config.toml includes:\\n\\n[features]\\n\\u00a0 allow-cuda-compat-libs-from-container = true\\n\\n\\u00a0Setting the value above to false or removing the config file entry will disable the feature.\\n\\n\\nIn the case of the NVIDIA GPU Operator the feature flag can be set by including the following in the NVIDIA GPU Operator helm install command:\\n\\n--set \\\"toolkit.env[0].name=NVIDIA_CONTAINER_TOOLKIT_OPT_IN_FEATURES\\\" --set \\\"toolkit.env[0].value=allow-cuda-compat-libs-from-container\\\"\\n\\n\\u00a0\\n\\nFor users who know that their application needs CUDA Forward Compatibility the following workaround can be used:\\n\\n\\nSetting the LD_LIBRARY_PATH environment variable to include /usr/local/cuda/compat\\n\\n\\nThis may cause portability issues for some containers when running across multiple driver versions \\u2013 especially when these are more recent than the compatibility libraries in the container.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cdiv\u003eThis vulnerability does not impact use cases where CDI is used.\u003c/div\u003e\u003cdiv\u003e\u003cbr\u003eThe fix for this vulnerability changes the default behavior of the NVIDIA Container Toolkit. By default the NVIDIA CUDA compatibility libraries from /usr/local/cuda/compat in the container are no longer mounted to the default library path in the container being run. This may affect certain applications that depend on this behavior.\u003c/div\u003e\u003cdiv\u003e\u003cbr\u003eA feature flag, allow-cuda-compat-libs-from-container was included in the NVIDIA Container Toolkit to allow users to opt-in to the previous behavior if required.\u003cbr\u003eWarning: Opting-in to the previous behavior will remove protection against this vulnerability and is not recommended.\u003c/div\u003e\u003cdiv\u003e\u003cbr\u003eTo set the feature flag ensure that the NVIDIA Container Toolkit config file at /etc/nvidia-container-runtime/config.toml includes:\u003cbr\u003e\u003cbr\u003e[features]\u003cbr\u003e\u0026nbsp; allow-cuda-compat-libs-from-container = true\u003c/div\u003e\u003cspan style=\\\"background-color: rgb(255, 255, 255);\\\"\u003e\u0026nbsp;\u003c/span\u003e\u003cdiv\u003eSetting the value above to false or removing the config file entry will disable the feature.\u003c/div\u003e\u003cdiv\u003e\u003cbr\u003eIn the case of the NVIDIA GPU Operator the feature flag can be set by including the following in the NVIDIA GPU Operator helm install command:\u003c/div\u003e\u003cdiv\u003e--set \\\"toolkit.env[0].name=NVIDIA_CONTAINER_TOOLKIT_OPT_IN_FEATURES\\\" --set \\\"toolkit.env[0].value=allow-cuda-compat-libs-from-container\\\"\u003c/div\u003e\u003cdiv\u003e\u0026nbsp;\u003c/div\u003e\u003cdiv\u003eFor users who know that their application needs CUDA Forward Compatibility the following workaround can be used:\u003c/div\u003e\u003cdiv\u003e\u003cbr\u003eSetting the LD_LIBRARY_PATH environment variable to include /usr/local/cuda/compat\u003c/div\u003e\u003cdiv\u003e\u003cbr\u003eThis may cause portability issues for some containers when running across multiple driver versions \\u2013 especially when these are more recent than the compatibility libraries in the container.\u003c/div\u003e\\n\\n\u003cbr\u003e\", \"base64\": false}]}], \"x_generator\": {\"engine\": \"Vulnogram 0.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"NVIDIA Container Toolkit for Linux contains a Time-of-Check Time-of-Use (TOCTOU) vulnerability when used with default configuration, where a crafted container image could gain access to the host file system. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cspan style=\\\"background-color: rgb(255, 255, 255);\\\"\u003eNVIDIA Container Toolkit for Linux contains a Time-of-Check Time-of-Use (TOCTOU) vulnerability when used with default configuration, where a crafted container image could gain access to the host file system. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.\u003c/span\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-367\", \"description\": \"CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition\"}]}], \"providerMetadata\": {\"orgId\": \"9576f279-3576-44b5-a4af-b9a8644b2de6\", \"shortName\": \"nvidia\", \"dateUpdated\": \"2025-02-12T00:52:43.646Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-23359\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-04-11T13:24:14.643Z\", \"dateReserved\": \"2025-01-14T01:07:26.681Z\", \"assignerOrgId\": \"9576f279-3576-44b5-a4af-b9a8644b2de6\", \"datePublished\": \"2025-02-12T00:52:43.646Z\", \"assignerShortName\": \"nvidia\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
FKIE_CVE-2025-23359
Vulnerability from fkie_nvd - Published: 2025-02-12 01:15 - Updated: 2025-09-25 13:50
Severity ?
8.3 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
8.1 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
8.1 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
NVIDIA Container Toolkit for Linux contains a Time-of-Check Time-of-Use (TOCTOU) vulnerability when used with default configuration, where a crafted container image could gain access to the host file system. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.
References
| URL | Tags | ||
|---|---|---|---|
| psirt@nvidia.com | https://nvidia.custhelp.com/app/answers/detail/a_id/5616 | Vendor Advisory | |
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | https://thehackernews.com/2025/04/incomplete-patch-in-nvidia-toolkit.html | Exploit, Press/Media Coverage |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| nvidia | nvidia_container_toolkit | * | |
| nvidia | nvidia_gpu_operator | * | |
| linux | linux_kernel | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nvidia:nvidia_container_toolkit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A771528B-FD02-4B98-BA64-BFAEA7BF71F4",
"versionEndExcluding": "1.17.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nvidia:nvidia_gpu_operator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FC194752-D788-4CCC-A4D2-01EB74232EE9",
"versionEndExcluding": "24.9.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "NVIDIA Container Toolkit for Linux contains a Time-of-Check Time-of-Use (TOCTOU) vulnerability when used with default configuration, where a crafted container image could gain access to the host file system. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering."
},
{
"lang": "es",
"value": "NVIDIA Container Toolkit para Linux contiene una vulnerabilidad de tipo Time-of-Check Time-of-Use (TOCTOU) cuando se utiliza con la configuraci\u00f3n predeterminada, donde una imagen de contenedor manipulado podr\u00eda obtener acceso al archivo host sistema. Una explotaci\u00f3n exitosa de esta vulnerabilidad podr\u00eda provocar la ejecuci\u00f3n de c\u00f3digo, la denegaci\u00f3n de servicio, la escalada de privilegios, la divulgaci\u00f3n de informaci\u00f3n y la manipulaci\u00f3n de datos."
}
],
"id": "CVE-2025-23359",
"lastModified": "2025-09-25T13:50:04.687",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.6,
"impactScore": 6.0,
"source": "psirt@nvidia.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2025-02-12T01:15:09.230",
"references": [
{
"source": "psirt@nvidia.com",
"tags": [
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5616"
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit",
"Press/Media Coverage"
],
"url": "https://thehackernews.com/2025/04/incomplete-patch-in-nvidia-toolkit.html"
}
],
"sourceIdentifier": "psirt@nvidia.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-367"
}
],
"source": "psirt@nvidia.com",
"type": "Secondary"
}
]
}
MSRC_CVE-2025-23359
Vulnerability from csaf_microsoft - Published: 2025-02-02 00:00 - Updated: 2025-03-14 00:00Summary
NVIDIA Container Toolkit for Linux contains a Time-of-Check Time-of-Use (TOCTOU) vulnerability when used with default configuration, where a crafted container image could gain access to the host file system. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.
Notes
Additional Resources
To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle
Disclaimer
The information provided in the Microsoft Knowledge Base is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.
{
"document": {
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Public",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
"title": "Disclaimer"
}
],
"publisher": {
"category": "vendor",
"contact_details": "secure@microsoft.com",
"name": "Microsoft Security Response Center",
"namespace": "https://msrc.microsoft.com"
},
"references": [
{
"category": "self",
"summary": "CVE-2025-23359 NVIDIA Container Toolkit for Linux contains a Time-of-Check Time-of-Use (TOCTOU) vulnerability when used with default configuration, where a crafted container image could gain access to the host file system. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering. - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2025/msrc_cve-2025-23359.json"
},
{
"category": "external",
"summary": "Microsoft Support Lifecycle",
"url": "https://support.microsoft.com/lifecycle"
},
{
"category": "external",
"summary": "Common Vulnerability Scoring System",
"url": "https://www.first.org/cvss"
}
],
"title": "NVIDIA Container Toolkit for Linux contains a Time-of-Check Time-of-Use (TOCTOU) vulnerability when used with default configuration, where a crafted container image could gain access to the host file system. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.",
"tracking": {
"current_release_date": "2025-03-14T00:00:00.000Z",
"generator": {
"date": "2025-10-20T02:58:29.040Z",
"engine": {
"name": "MSRC Generator",
"version": "1.0"
}
},
"id": "msrc_CVE-2025-23359",
"initial_release_date": "2025-02-02T00:00:00.000Z",
"revision_history": [
{
"date": "2025-02-23T00:00:00.000Z",
"legacy_version": "1",
"number": "1",
"summary": "Information published."
},
{
"date": "2025-03-14T00:00:00.000Z",
"legacy_version": "2",
"number": "2",
"summary": "Information published."
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "2.0",
"product": {
"name": "CBL Mariner 2.0",
"product_id": "17086"
}
},
{
"category": "product_version",
"name": "3.0",
"product": {
"name": "Azure Linux 3.0",
"product_id": "17084"
}
}
],
"category": "product_name",
"name": "Azure Linux"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003ccbl2 nvidia-container-toolkit 1.17.3-1",
"product": {
"name": "\u003ccbl2 nvidia-container-toolkit 1.17.3-1",
"product_id": "1"
}
},
{
"category": "product_version",
"name": "cbl2 nvidia-container-toolkit 1.17.3-1",
"product": {
"name": "cbl2 nvidia-container-toolkit 1.17.3-1",
"product_id": "20156"
}
},
{
"category": "product_version_range",
"name": "\u003ccbl2 nvidia-container-toolkit 1.17.4-1",
"product": {
"name": "\u003ccbl2 nvidia-container-toolkit 1.17.4-1",
"product_id": "4"
}
},
{
"category": "product_version",
"name": "cbl2 nvidia-container-toolkit 1.17.4-1",
"product": {
"name": "cbl2 nvidia-container-toolkit 1.17.4-1",
"product_id": "19356"
}
},
{
"category": "product_version_range",
"name": "\u003cazl3 nvidia-container-toolkit 1.17.4-1",
"product": {
"name": "\u003cazl3 nvidia-container-toolkit 1.17.4-1",
"product_id": "3"
}
},
{
"category": "product_version",
"name": "azl3 nvidia-container-toolkit 1.17.4-1",
"product": {
"name": "azl3 nvidia-container-toolkit 1.17.4-1",
"product_id": "19357"
}
},
{
"category": "product_version_range",
"name": "\u003cazl3 nvidia-container-toolkit 1.17.3-1",
"product": {
"name": "\u003cazl3 nvidia-container-toolkit 1.17.3-1",
"product_id": "2"
}
},
{
"category": "product_version",
"name": "azl3 nvidia-container-toolkit 1.17.3-1",
"product": {
"name": "azl3 nvidia-container-toolkit 1.17.3-1",
"product_id": "20151"
}
}
],
"category": "product_name",
"name": "nvidia-container-toolkit"
}
],
"category": "vendor",
"name": "Microsoft"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003ccbl2 nvidia-container-toolkit 1.17.3-1 as a component of CBL Mariner 2.0",
"product_id": "17086-1"
},
"product_reference": "1",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 nvidia-container-toolkit 1.17.3-1 as a component of CBL Mariner 2.0",
"product_id": "20156-17086"
},
"product_reference": "20156",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003ccbl2 nvidia-container-toolkit 1.17.4-1 as a component of CBL Mariner 2.0",
"product_id": "17086-4"
},
"product_reference": "4",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 nvidia-container-toolkit 1.17.4-1 as a component of CBL Mariner 2.0",
"product_id": "19356-17086"
},
"product_reference": "19356",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003cazl3 nvidia-container-toolkit 1.17.4-1 as a component of Azure Linux 3.0",
"product_id": "17084-3"
},
"product_reference": "3",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 nvidia-container-toolkit 1.17.4-1 as a component of Azure Linux 3.0",
"product_id": "19357-17084"
},
"product_reference": "19357",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003cazl3 nvidia-container-toolkit 1.17.3-1 as a component of Azure Linux 3.0",
"product_id": "17084-2"
},
"product_reference": "2",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 nvidia-container-toolkit 1.17.3-1 as a component of Azure Linux 3.0",
"product_id": "20151-17084"
},
"product_reference": "20151",
"relates_to_product_reference": "17084"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-23359",
"cwe": {
"id": "CWE-367",
"name": "Time-of-check Time-of-use (TOCTOU) Race Condition"
},
"notes": [
{
"category": "general",
"text": "nvidia",
"title": "Assigning CNA"
}
],
"product_status": {
"fixed": [
"20156-17086",
"19356-17086",
"19357-17084",
"20151-17084"
],
"known_affected": [
"17086-1",
"17086-4",
"17084-3",
"17084-2"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-23359 NVIDIA Container Toolkit for Linux contains a Time-of-Check Time-of-Use (TOCTOU) vulnerability when used with default configuration, where a crafted container image could gain access to the host file system. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering. - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2025/msrc_cve-2025-23359.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"date": "2025-02-23T00:00:00.000Z",
"details": "1.17.4-1:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17086-1",
"17086-4",
"17084-3",
"17084-2"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalsScore": 0.0,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"temporalScore": 8.3,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"17086-1",
"17086-4",
"17084-3",
"17084-2"
]
}
],
"title": "NVIDIA Container Toolkit for Linux contains a Time-of-Check Time-of-Use (TOCTOU) vulnerability when used with default configuration, where a crafted container image could gain access to the host file system. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering."
}
]
}
SUSE-SU-2025:4187-1
Vulnerability from csaf_suse - Published: 2025-11-24 07:58 - Updated: 2025-11-24 07:58Summary
Security update for nvidia-container-toolkit
Notes
Title of the patch
Security update for nvidia-container-toolkit
Description of the patch
This update for nvidia-container-toolkit fixes the following issues:
- Update to version 1.18.0:
- This is a major release and includes the following high-level changes:
- The default mode of the NVIDIA Container Runtime has been updated to make use
of a just-in-time-generated CDI specification instead of defaulting to the legacy mode.
- Added a systemd unit to generate CDI specifications for available devices automatically. This allows
native CDI support in container engines such as Docker and Podman to be used without additional steps.
- Security issues fixed:
- CVE-2024-0133: Fixed data tampering in host file system via specially
crafted container image (bsc#1231032)
- CVE-2024-0132: Fixed time-of-check time-of-use (TOCTOU) race condition
in default configuration via specifically crafted container image
(bsc#1231033)
- CVE-2024-0134: Fixed specially-crafted container image can lead to
the creation of unauthorized files on the host (bsc#1232855)
- CVE-2024-0135: Fixed Improper Isolation or Compartmentalization in
NVIDIA Container Toolkit (bsc#1236496)
- CVE-2024-0136: Fixed Improper Isolation or Compartmentalization in
NVIDIA Container Toolkit (bsc#1236497)
- CVE-2024-0137: Fixed Improper Isolation or Compartmentalization in
NVIDIA Container Toolkit (bsc#1236498)
- CVE-2025-23359: Fixed TOCTOU Vulnerability in NVIDIA Container Toolkit
(bsc#1237085)
- CVE-2025-23267: Fixed link following can lead to container escape
(bsc#1246614)
- CVE-2025-23266: Fixed hook initialization might lead to escalation
of privileges (bsc#1246860)
Patchnames
SUSE-2025-4187,SUSE-SLE-Module-Containers-15-SP6-2025-4187,SUSE-SLE-Module-Containers-15-SP7-2025-4187,SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-4187,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-4187,SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-4187,SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-4187,SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-4187,SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-4187,SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-4187,SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-4187,SUSE-SLE-Product-SLES_SAP-15-SP3-2025-4187,SUSE-SLE-Product-SLES_SAP-15-SP4-2025-4187,SUSE-SLE-Product-SLES_SAP-15-SP5-2025-4187,SUSE-Storage-7.1-2025-4187,openSUSE-SLE-15.6-2025-4187
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for nvidia-container-toolkit",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for nvidia-container-toolkit fixes the following issues:\n\n- Update to version 1.18.0:\n - This is a major release and includes the following high-level changes:\n - The default mode of the NVIDIA Container Runtime has been updated to make use\n of a just-in-time-generated CDI specification instead of defaulting to the legacy mode.\n - Added a systemd unit to generate CDI specifications for available devices automatically. This allows\n native CDI support in container engines such as Docker and Podman to be used without additional steps.\n \n- Security issues fixed:\n - CVE-2024-0133: Fixed data tampering in host file system via specially\n crafted container image (bsc#1231032)\n - CVE-2024-0132: Fixed time-of-check time-of-use (TOCTOU) race condition\n in default configuration via specifically crafted container image\n (bsc#1231033)\n - CVE-2024-0134: Fixed specially-crafted container image can lead to\n the creation of unauthorized files on the host (bsc#1232855)\n - CVE-2024-0135: Fixed Improper Isolation or Compartmentalization in\n NVIDIA Container Toolkit (bsc#1236496)\n - CVE-2024-0136: Fixed Improper Isolation or Compartmentalization in\n NVIDIA Container Toolkit (bsc#1236497)\n - CVE-2024-0137: Fixed Improper Isolation or Compartmentalization in\n NVIDIA Container Toolkit (bsc#1236498)\n - CVE-2025-23359: Fixed TOCTOU Vulnerability in NVIDIA Container Toolkit\n (bsc#1237085)\n - CVE-2025-23267: Fixed link following can lead to container escape\n (bsc#1246614)\n - CVE-2025-23266: Fixed hook initialization might lead to escalation\n of privileges (bsc#1246860)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-4187,SUSE-SLE-Module-Containers-15-SP6-2025-4187,SUSE-SLE-Module-Containers-15-SP7-2025-4187,SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-4187,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-4187,SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-4187,SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-4187,SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-4187,SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-4187,SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-4187,SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-4187,SUSE-SLE-Product-SLES_SAP-15-SP3-2025-4187,SUSE-SLE-Product-SLES_SAP-15-SP4-2025-4187,SUSE-SLE-Product-SLES_SAP-15-SP5-2025-4187,SUSE-Storage-7.1-2025-4187,openSUSE-SLE-15.6-2025-4187",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_4187-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:4187-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20254187-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:4187-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-November/023342.html"
},
{
"category": "self",
"summary": "SUSE Bug 1231032",
"url": "https://bugzilla.suse.com/1231032"
},
{
"category": "self",
"summary": "SUSE Bug 1231033",
"url": "https://bugzilla.suse.com/1231033"
},
{
"category": "self",
"summary": "SUSE Bug 1232855",
"url": "https://bugzilla.suse.com/1232855"
},
{
"category": "self",
"summary": "SUSE Bug 1236496",
"url": "https://bugzilla.suse.com/1236496"
},
{
"category": "self",
"summary": "SUSE Bug 1236497",
"url": "https://bugzilla.suse.com/1236497"
},
{
"category": "self",
"summary": "SUSE Bug 1236498",
"url": "https://bugzilla.suse.com/1236498"
},
{
"category": "self",
"summary": "SUSE Bug 1237085",
"url": "https://bugzilla.suse.com/1237085"
},
{
"category": "self",
"summary": "SUSE Bug 1246614",
"url": "https://bugzilla.suse.com/1246614"
},
{
"category": "self",
"summary": "SUSE Bug 1246860",
"url": "https://bugzilla.suse.com/1246860"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-0132 page",
"url": "https://www.suse.com/security/cve/CVE-2024-0132/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-0133 page",
"url": "https://www.suse.com/security/cve/CVE-2024-0133/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-0134 page",
"url": "https://www.suse.com/security/cve/CVE-2024-0134/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-0135 page",
"url": "https://www.suse.com/security/cve/CVE-2024-0135/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-0136 page",
"url": "https://www.suse.com/security/cve/CVE-2024-0136/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-0137 page",
"url": "https://www.suse.com/security/cve/CVE-2024-0137/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23266 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23266/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23267 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23267/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23359 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23359/"
}
],
"title": "Security update for nvidia-container-toolkit",
"tracking": {
"current_release_date": "2025-11-24T07:58:47Z",
"generator": {
"date": "2025-11-24T07:58:47Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:4187-1",
"initial_release_date": "2025-11-24T07:58:47Z",
"revision_history": [
{
"date": "2025-11-24T07:58:47Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"product": {
"name": "nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"product_id": "nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"product": {
"name": "nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"product_id": "nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "nvidia-container-toolkit-1.18.0-150200.5.17.1.s390x",
"product": {
"name": "nvidia-container-toolkit-1.18.0-150200.5.17.1.s390x",
"product_id": "nvidia-container-toolkit-1.18.0-150200.5.17.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"product": {
"name": "nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"product_id": "nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Containers 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-containers:15:sp6"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Containers 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Module for Containers 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-containers:15:sp7"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP3-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Enterprise Storage 7.1",
"product": {
"name": "SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:ses:7.1"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.6",
"product": {
"name": "openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64 as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64"
},
"product_reference": "nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le"
},
"product_reference": "nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64 as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64"
},
"product_reference": "nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64 as component of SUSE Linux Enterprise Module for Containers 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64"
},
"product_reference": "nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le as component of SUSE Linux Enterprise Module for Containers 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le"
},
"product_reference": "nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64 as component of SUSE Linux Enterprise Module for Containers 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64"
},
"product_reference": "nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64"
},
"product_reference": "nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64"
},
"product_reference": "nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64"
},
"product_reference": "nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64"
},
"product_reference": "nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64"
},
"product_reference": "nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64"
},
"product_reference": "nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64"
},
"product_reference": "nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64"
},
"product_reference": "nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64"
},
"product_reference": "nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64"
},
"product_reference": "nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64"
},
"product_reference": "nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le"
},
"product_reference": "nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64"
},
"product_reference": "nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64"
},
"product_reference": "nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le"
},
"product_reference": "nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64"
},
"product_reference": "nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64"
},
"product_reference": "nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le"
},
"product_reference": "nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64"
},
"product_reference": "nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le"
},
"product_reference": "nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64"
},
"product_reference": "nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le"
},
"product_reference": "nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64"
},
"product_reference": "nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le"
},
"product_reference": "nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64"
},
"product_reference": "nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64"
},
"product_reference": "nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64"
},
"product_reference": "nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64"
},
"product_reference": "nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le"
},
"product_reference": "nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nvidia-container-toolkit-1.18.0-150200.5.17.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.s390x"
},
"product_reference": "nvidia-container-toolkit-1.18.0-150200.5.17.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64"
},
"product_reference": "nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-0132",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-0132"
}
],
"notes": [
{
"category": "general",
"text": "NVIDIA Container Toolkit 1.16.1 or earlier contains a Time-of-check Time-of-Use (TOCTOU) vulnerability when used with default configuration where a specifically crafted container image may gain access to the host file system. This does not impact use cases where CDI is used. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.s390x",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-0132",
"url": "https://www.suse.com/security/cve/CVE-2024-0132"
},
{
"category": "external",
"summary": "SUSE Bug 1231033 for CVE-2024-0132",
"url": "https://bugzilla.suse.com/1231033"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.s390x",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.s390x",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-24T07:58:47Z",
"details": "important"
}
],
"title": "CVE-2024-0132"
},
{
"cve": "CVE-2024-0133",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-0133"
}
],
"notes": [
{
"category": "general",
"text": "NVIDIA Container Toolkit 1.16.1 or earlier contains a vulnerability in the default mode of operation allowing a specially crafted container image to create empty files on the host file system. This does not impact use cases where CDI is used. A successful exploit of this vulnerability may lead to data tampering.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.s390x",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-0133",
"url": "https://www.suse.com/security/cve/CVE-2024-0133"
},
{
"category": "external",
"summary": "SUSE Bug 1231032 for CVE-2024-0133",
"url": "https://bugzilla.suse.com/1231032"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.s390x",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.s390x",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-24T07:58:47Z",
"details": "moderate"
}
],
"title": "CVE-2024-0133"
},
{
"cve": "CVE-2024-0134",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-0134"
}
],
"notes": [
{
"category": "general",
"text": "NVIDIA Container Toolkit and NVIDIA GPU Operator for Linux contain a UNIX vulnerability where a specially crafted container image can lead to the creation of unauthorized files on the host. The name and location of the files cannot be controlled by an attacker. A successful exploit of this vulnerability might lead to data tampering.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.s390x",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-0134",
"url": "https://www.suse.com/security/cve/CVE-2024-0134"
},
{
"category": "external",
"summary": "SUSE Bug 1232855 for CVE-2024-0134",
"url": "https://bugzilla.suse.com/1232855"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.s390x",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.6,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.s390x",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-24T07:58:47Z",
"details": "low"
}
],
"title": "CVE-2024-0134"
},
{
"cve": "CVE-2024-0135",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-0135"
}
],
"notes": [
{
"category": "general",
"text": "NVIDIA Container Toolkit contains an improper isolation vulnerability where a specially crafted container image could lead to modification of a host binary. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.s390x",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-0135",
"url": "https://www.suse.com/security/cve/CVE-2024-0135"
},
{
"category": "external",
"summary": "SUSE Bug 1236496 for CVE-2024-0135",
"url": "https://bugzilla.suse.com/1236496"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.s390x",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.s390x",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-24T07:58:47Z",
"details": "important"
}
],
"title": "CVE-2024-0135"
},
{
"cve": "CVE-2024-0136",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-0136"
}
],
"notes": [
{
"category": "general",
"text": "NVIDIA Container Toolkit contains an improper isolation vulnerability where a specially crafted container image could lead to untrusted code obtaining read and write access to host devices. This vulnerability is present only when the NVIDIA Container Toolkit is configured in a nondefault way. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.s390x",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-0136",
"url": "https://www.suse.com/security/cve/CVE-2024-0136"
},
{
"category": "external",
"summary": "SUSE Bug 1236497 for CVE-2024-0136",
"url": "https://bugzilla.suse.com/1236497"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.s390x",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.s390x",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-24T07:58:47Z",
"details": "important"
}
],
"title": "CVE-2024-0136"
},
{
"cve": "CVE-2024-0137",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-0137"
}
],
"notes": [
{
"category": "general",
"text": "NVIDIA Container Toolkit contains an improper isolation vulnerability where a specially crafted container image could lead to untrusted code running in the host\u0027s network namespace. This vulnerability is present only when the NVIDIA Container Toolkit is configured in a nondefault way. A successful exploit of this vulnerability may lead to denial of service and escalation of privileges.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.s390x",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-0137",
"url": "https://www.suse.com/security/cve/CVE-2024-0137"
},
{
"category": "external",
"summary": "SUSE Bug 1236498 for CVE-2024-0137",
"url": "https://bugzilla.suse.com/1236498"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.s390x",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.s390x",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-24T07:58:47Z",
"details": "moderate"
}
],
"title": "CVE-2024-0137"
},
{
"cve": "CVE-2025-23266",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23266"
}
],
"notes": [
{
"category": "general",
"text": "NVIDIA Container Toolkit for all platforms contains a vulnerability in some hooks used to initialize the container, where an attacker could execute arbitrary code with elevated permissions. A successful exploit of this vulnerability might lead to escalation of privileges, data tampering, information disclosure, and denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.s390x",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23266",
"url": "https://www.suse.com/security/cve/CVE-2025-23266"
},
{
"category": "external",
"summary": "SUSE Bug 1246860 for CVE-2025-23266",
"url": "https://bugzilla.suse.com/1246860"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.s390x",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.s390x",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-24T07:58:47Z",
"details": "critical"
}
],
"title": "CVE-2025-23266"
},
{
"cve": "CVE-2025-23267",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23267"
}
],
"notes": [
{
"category": "general",
"text": "NVIDIA Container Toolkit for all platforms contains a vulnerability in the update-ldcache hook, where an attacker could cause a link following by using a specially crafted container image. A successful exploit of this vulnerability might lead to data tampering and denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.s390x",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23267",
"url": "https://www.suse.com/security/cve/CVE-2025-23267"
},
{
"category": "external",
"summary": "SUSE Bug 1246614 for CVE-2025-23267",
"url": "https://bugzilla.suse.com/1246614"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.s390x",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.s390x",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-24T07:58:47Z",
"details": "important"
}
],
"title": "CVE-2025-23267"
},
{
"cve": "CVE-2025-23359",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23359"
}
],
"notes": [
{
"category": "general",
"text": "NVIDIA Container Toolkit for Linux contains a Time-of-Check Time-of-Use (TOCTOU) vulnerability when used with default configuration, where a crafted container image could gain access to the host file system. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.s390x",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23359",
"url": "https://www.suse.com/security/cve/CVE-2025-23359"
},
{
"category": "external",
"summary": "SUSE Bug 1237085 for CVE-2025-23359",
"url": "https://bugzilla.suse.com/1237085"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.s390x",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Enterprise Storage 7.1:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP7:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.aarch64",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.ppc64le",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.s390x",
"openSUSE Leap 15.6:nvidia-container-toolkit-1.18.0-150200.5.17.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-24T07:58:47Z",
"details": "important"
}
],
"title": "CVE-2025-23359"
}
]
}
GHSA-4HMH-PM5P-9J7J
Vulnerability from github – Published: 2025-02-12 03:31 – Updated: 2025-04-11 15:32
VLAI?
Details
NVIDIA Container Toolkit for Linux contains a Time-of-Check Time-of-Use (TOCTOU) vulnerability when used with default configuration, where a crafted container image could gain access to the host file system. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.
Severity ?
8.3 (High)
{
"affected": [],
"aliases": [
"CVE-2025-23359"
],
"database_specific": {
"cwe_ids": [
"CWE-367"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-02-12T01:15:09Z",
"severity": "HIGH"
},
"details": "NVIDIA Container Toolkit for Linux contains a Time-of-Check Time-of-Use (TOCTOU) vulnerability when used with default configuration, where a crafted container image could gain access to the host file system. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.",
"id": "GHSA-4hmh-pm5p-9j7j",
"modified": "2025-04-11T15:32:26Z",
"published": "2025-02-12T03:31:14Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-23359"
},
{
"type": "WEB",
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5616"
},
{
"type": "WEB",
"url": "https://thehackernews.com/2025/04/incomplete-patch-in-nvidia-toolkit.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…