Recent research from Trend Micro has revealed critical vulnerabilities stemming from an incomplete patch issued by NVIDIA for its Container Toolkit, combined with a separate flaw in Docker, reports Hackread. These issues expose containerized environments to container escape and denial-of-service (DoS) attacks—risks that could severely impact organizations running AI workloads or cloud infrastructure.
At the center of the concern is CVE-2024-0132, a time-of-check time-of-use (TOCTOU) flaw that remains exploitable even after a September 2024 update. If a certain feature is enabled, attackers can exploit this weakness to escape the container and access the host file system. This could allow malicious actors to interfere with sensitive host operations or compromise AI models stored within the environment.
In parallel, a separate vulnerability in Docker’s mount handling mechanism on Linux introduces a denial-of-service risk. When containers stop, Docker fails to clean up mount connections, causing an unchecked expansion of the mount table. This behavior eventually consumes all available file descriptors, disrupting container operations and potentially halting key services.
To reduce risk, Trend Micro advises organizations to apply updates, disable non-essential features, and regularly audit container-host interactions. In environments where AI models and high-performance computing are in play, these safeguards are especially critical. As proof-of-concept exploits are already circulating, timely action could make the difference between a secure deployment and a compromised system.
