- • A critical vulnerability in the NVIDIA Container Toolkit, CVE-2025-23266 (NVIDIAScape), allows container escape and root access on host systems, rated 9.0 on the CVSS scale.
- • The flaw affects all NVIDIA Container Toolkit versions up to 1.17.7 and NVIDIA GPU Operator versions up to 25.3.1, posing a significant risk to multi-tenant AI cloud services.
- • Exploits leveraging this vulnerability have been released, increasing the urgency for organizations to address the issue immediately.
- • Immediate action required: upgrade to NVIDIA Container Toolkit version 1.17.8 or later and NVIDIA GPU Operator version 25.3.2 or later to mitigate risks.
- • The vulnerability stems from misconfigurations in OCI hook handling, emphasizing the need for proper configuration management in containerized environments.
A severe vulnerability, CVE-2025-23266, has been identified in the NVIDIA Container Toolkit, allowing malicious containers to escape isolation and gain root access to host systems. This flaw affects versions up to 1.17.7 of the toolkit and 25.3.1 of the GPU Operator, posing serious risks to shared AI cloud services. Organizations must immediately upgrade to versions 1.17.8 and 25.3.2, respectively, to mitigate potential exploits, which have already been released. Security teams should also review container configurations and monitor for any unauthorized access attempts to safeguard sensitive data across multi-tenant environments.