Now: Nvidia Flaws Expose AI Models, Critical Infrastructure Now: Nvidia Flaws Expose AI Models, Critical Infrastructure

A fix for a critical flaw in a tool allowing organizations to run GPU-accelerated containers did not fully mitigate the issue.

Elizabeth Montalbano, Dark Reading

April 22, 2025

1 Min Read
Image: Bloomberg

Researchers are urging enterprises that rely on Nvidia GPUs for their AI workloads to ensure that systems are ed against critical security vulnerabilities in an NVIDIA toolkit for running GPU-accelerated containers. If exploited, the bugs can allow attackers to gain access to sensitive data, steal proprietary AI models, or create operational disruptions.

NVIDIA released an update last September to  CVE-2024-0132, a time-of-check time-of-use (TOCTOU) vulnerability that earned a CVSS rating of 9 out of 10, in the NVIDIA Container Toolkit.

However, after closer inspection, researchers from Trend Micro and Wiz separately discovered a secondary flaw that the did not mitigate, so some users, even on ed systems, would still be at risk.

Researchers at Trend Micro flagged what they deemed this "incomplete" fix for CVE-2024-0132 in a recent blog post and wrote the related bug allows denial-of-service (DoS). This may have created confusion among those who thought their systems were protected once the initial was applied, security experts say.

Keep reading his article in Dark Reading, a Data Center Knowledge partner site

Read more about:

Dark Reading

About the Authors

Elizabeth Montalbano

Elizabeth Montalbano

See more from Elizabeth Montalbano
Dark Reading

Dark Reading

Long one of the most widely read cyber security news sites on the Web, Dark Reading, a sister site to Data Center Knowledge, is now the most trusted online community for security professionals like you. Dark Reading's community members include thought-leading security researchers, CISOs, and technology specialists, along with thousands of other security professionals.

See more from Dark Reading
Subscribe to the Data Center Knowledge Newsletter
Get analysis and expert insight on the latest in data center business and technology delivered to your inbox daily.
Newsletter Sign-Up

You May Also Like

Editor's Choice

Edged data center in Mesa, Arizona
Data Center Construction
New Data Center Developments: May 2025
New Data Center Developments: May 2025

May 6, 2025

Data Center Chips
Data Centers Face Growing Pains As AI Enters Its ‘2G Era’
Data Centers Face Growing Pains As AI Enters Its ‘2G Era’

May 5, 2025

behind-the-meter data center illustration
Energy & Power Supply
Data Centers Bypassing the Grid to Obtain the Power They Need
Data Centers Bypassing the Grid to Obtain the Power They Need

May 1, 2025

Exclusive DCK Resources
See all DCK Resources

Industry Voices

Deals
NTT Launches $16.5B Buyout of AI Arm in Streamlining Push
NTT Launches $16.5B Buyout of AI Arm in Streamlining Push

May 9, 2025

the word "value" spelled with clouds
Cloud
How to Determine Whether a Cloud Service Delivers Real Value
How to Determine Whether a Cloud Service Delivers Real Value

May 9, 2025

Subscribe to the Data Center Knowledge Newsletter
Get analysis and expert insight on the latest in data center business and technology delivered to your inbox daily.
Newsletter Sign-Up

Featured Technical Explainers

AI chip
Cloud
Cloud vs. On-Prem AI Accelerators: Choosing the Best Fit for Your AI Workloads
Cloud vs. On-Prem AI Accelerators: Choosing the Best Fit for Your AI Workloads
Data center server configuration command lines on a computer monitor.
Open Source Software
Optimize Text Search: Master the grep Command in Linux
Optimize Text Search: Master the grep Command in Linux
Data center ETF stock chart illustration
Investing
Data Center ETFs: An Introductory Guide to Boosting Your Portfolio
Data Center ETFs: An Introductory Guide to Boosting Your Portfolio