CVE-2025-23266
Description
NVIDIA Container Toolkit for all platforms contains a vulnerability in some hooks used to initialize the container, where an attacker could execute arbitrary code with elevated permissions. A successful exploit of this vulnerability might lead to escalation of privileges, data tampering, information disclosure, and denial of service.
Risk Information
Base Score
9.0
MODERATE
Vector
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.058
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| (RHSA-2025:13673)Important: security update RHSA-2025:13673 toolbox-tests-0.2-1.el9_6.x86_64.rpm | Linux |
| (RHSA-2025:13673)Important: security update RHSA-2025:13673 toolbox-0.2-1.el9_6.x86_64.rpm | Linux |
| (RHSA-2025:13674)Important: security update RHSA-2025:13674 toolbox-0.2-1.el10_0.x86_64.rpm | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234