NVIDIA Container Toolkit for Linux Time-of-Check Time-of-Use vulnerability (CVE-2025-23359)
CVE number = CVE-2025-23359
NVIDIA Container Toolkit for Linux contains a Time-of-Check Time-of-Use (TOCTOU) vulnerability when used with default configuration, where a crafted container image could gain access to the host file system.
A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.
The following table lists the software products and versions affected, and the updated version available from nvidia.com that includes this security update.
To protect your system, install the software update as described in the installation section of the NVIDIA Container Toolkit documentation and the NVIDIA GPU Operator documentation.
| CVE IDs Addressed | Affected Products | Platform or OS | Affected Versions | Updated Version |
|---|---|---|---|---|
| CVE‑2025-23359 | NVIDIA Container Toolkit | Linux | All versions up to and including 1.17.3 | 1.17.4 |
| NVIDIA GPU Operator | Linux | All versions up to and including 24.9.1 | 24.9.2 |
Further information – https://nvidia.custhelp.com/app/answers/detail/a_id/5616
Blogger at www.systemtek.co.uk