What is the CVSS score of CVE-2024-0135?

CVE-2024-0135 has a CVSS 3.1 base score of 7.6 (High). CVSS vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H. EPSS exploitation probability: 0.1%.

Which versions of Nvidia Container Toolkit are affected by CVE-2024-0135?

Organizations using NVIDIA Container Toolkit face notable risk from CVE-2024-0135 rated CVSS 7.6. Exploitation could compromise the security of affected deployments.. A patch is available.

How to fix or mitigate CVE-2024-0135?

Within 30 days: Identify all affected systems and apply vendor patches as part of regular patch cycle. Monitor vendor channels for patch availability.

Nvidia Container Toolkit CVE-2024-0135

HIGH

Improper Isolation or Compartmentalization (CWE-653)

2025-01-28 psirt@nvidia.com

RCE Denial Of Service Information Disclosure Red Hat Nvidia Suse Nvidia Container Toolkit Nvidia Gpu Operator

7.6

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

High

Privileges Required

High

User Interaction

Required

Scope

Changed

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Patch released

Apr 02, 2026 - 08:30 nvd

Patch available

Analysis Generated

Mar 28, 2026 - 18:06 vuln.today

CVE Published

Jan 28, 2025 - 03:15 nvd

HIGH 7.6

DescriptionNVD

NVIDIA Container Toolkit contains an improper isolation vulnerability where a specially crafted container image could lead to modification of a host binary. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.

AnalysisAI

NVIDIA Container Toolkit contains an improper isolation vulnerability where a specially crafted container image could lead to modification of a host binary. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable. No vendor patch available.

Technical ContextAI

This vulnerability is classified under CWE-653. NVIDIA Container Toolkit contains an improper isolation vulnerability where a specially crafted container image could lead to modification of a host binary. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering. Affected products include: Nvidia Nvidia Container Toolkit, Nvidia Nvidia Gpu Operator.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.