On September 26, NVIDIA released updates to address two vulnerabilities in NVIDIA Container Toolkit and GPU Operator. Wiz Research detected the issues. Both flaws are Time-of-check Time-of-Use (TOCTOU) race condition vulnerabilities. One on the flaws, CVE-2024-0132, is rated. Critical and could be exploited to achieve code execution, denial-of-service conditions, privilege elevation, information disclosure, and data tampering. The second, CVE-2024-0133, is rated medium severity and could be exploited to achieve data tampering. Ref https://www.wiz.io/blog/wiz-research-critical-nvidia-ai-vulnerability
