{"vulnerability": "CVE-2025-23359", "sightings": [{"uuid": "023d4397-ba92-48a7-83f9-ad9c67e60109", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23359", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113986946256894513", "content": "", "creation_timestamp": "2025-02-11T19:39:29.625856Z"}, {"uuid": "10a50bdf-89c5-4449-a3ab-9c04764df13c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23359", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113988200059363819", "content": "", "creation_timestamp": "2025-02-12T00:58:21.178505Z"}, {"uuid": "61f57a06-d9a8-488e-8f5e-3dfefbfd6b10", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23359", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhwyrl4exz2z", "content": "", "creation_timestamp": "2025-02-12T01:15:58.918197Z"}, {"uuid": "01189268-1bec-4e65-9336-ce62abfdbad7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23359", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/113988633470725836", "content": "", "creation_timestamp": "2025-02-12T02:48:34.254998Z"}, {"uuid": "cee9eb79-eff4-4eb5-b464-2a9ca13b969d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23359", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lhxddbnj3f2v", "content": "", "creation_timestamp": "2025-02-12T04:24:53.470026Z"}, {"uuid": "668176d7-3469-48ee-9b20-988192868686", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23359", "type": "seen", "source": "https://bsky.app/profile/hackingne.ws/post/3lhyikqy34q2g", "content": "", "creation_timestamp": "2025-02-12T15:31:09.669853Z"}, {"uuid": "2ab939d2-10ba-4961-b111-9ffb69a92e74", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23359", "type": "seen", "source": "https://thehackernews.com/2025/02/researchers-find-new-exploit-bypassing.html", "content": "", "creation_timestamp": "2025-02-12T13:04:00.000000Z"}, {"uuid": "f93ed97e-6f1d-437f-8009-acaa11fdfdec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23359", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3li5hyh6v4323", "content": "", "creation_timestamp": "2025-02-14T15:04:14.558909Z"}, {"uuid": "4a0bfbcd-390b-4ecb-8d90-c3607078f06a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23359", "type": "seen", "source": "https://infosec.exchange/users/andersonc0d3/statuses/114002872744958710", "content": "", "creation_timestamp": "2025-02-14T15:09:48.241251Z"}, {"uuid": "4907f3e5-c136-40f8-9f18-69e36c609b3d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23359", "type": "seen", "source": "https://bsky.app/profile/andersonc0d3.bsky.social/post/3li5icrcfnc2f", "content": "", "creation_timestamp": "2025-02-14T15:10:01.593789Z"}, {"uuid": "4fa7bf4f-f064-441f-baa6-fad27f6c8439", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23359", "type": "seen", "source": "https://bsky.app/profile/arty-san.bsky.social/post/3li5vu5vh2c2a", "content": "", "creation_timestamp": "2025-02-14T19:12:24.476145Z"}, {"uuid": "6de5f392-2d95-4175-a616-e290b724264a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23359", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-67efc907-5d48de1d9f6b78a7", "content": "", "creation_timestamp": "2025-07-24T20:38:54.848082Z"}, {"uuid": "6d57cf87-d051-4cb9-8a37-057abcd26a6d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23359", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lnr3oinbr226", "content": "", "creation_timestamp": "2025-04-27T01:23:15.493430Z"}, {"uuid": "c267163f-b3cc-409a-8350-027b1b6c4edb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23359", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3li3hri72i226", "content": "", "creation_timestamp": "2025-02-13T19:55:02.204604Z"}, {"uuid": "304fa0e8-ecc2-4da8-9c54-44487fbbc415", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23359", "type": "seen", "source": "https://threatintel.cc/2025/02/13/researchers-find-new-exploit-bypassing.html", "content": "", "creation_timestamp": "2025-02-13T12:16:18.000000Z"}, {"uuid": "7b7c25c1-90fa-4232-8dde-3c34bedf0a7c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23359", "type": "seen", "source": "https://bsky.app/profile/sakaijjang.bsky.social/post/3libqqxuswk22", "content": "", "creation_timestamp": "2025-02-16T07:51:52.154431Z"}, {"uuid": "18d848db-cf87-4f46-8ea9-fb85ae8e4f03", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23359", "type": "seen", "source": "http://www.zerodayinitiative.com/advisories/ZDI-25-087/", "content": "", "creation_timestamp": "2025-02-19T05:00:00.000000Z"}, {"uuid": "0ff215cc-564b-4f77-a73f-86388d2178ef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23359", "type": "seen", "source": "MISP/a1f4de80-fff0-4971-8020-da8f70ab57ea", "content": "", "creation_timestamp": "2025-09-10T07:00:38.000000Z"}, {"uuid": "c4496812-48e3-4219-946f-02f155fabe67", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23359", "type": "seen", "source": "https://t.me/cvedetector/17795", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-23359 - NVIDIA Container Toolkit TOCTOU File System Access Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-23359 \nPublished : Feb. 12, 2025, 1:15 a.m. | 1\u00a0hour, 16\u00a0minutes ago \nDescription : NVIDIA Container Toolkit for Linux contains a Time-of-Check Time-of-Use (TOCTOU) vulnerability when used with default configuration, where a crafted container image could gain access to the host file system. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering. \nSeverity: 8.3 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"12 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-12T04:19:17.000000Z"}, {"uuid": "34e7375e-d8a7-424c-8d56-5b580fe946f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23359", "type": "seen", "source": "MISP/a1f4de80-fff0-4971-8020-da8f70ab57ea", "content": "", "creation_timestamp": "2025-08-09T17:25:37.000000Z"}, {"uuid": "1a2d6d8c-feb2-4ca7-a0ca-092c6df63a93", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23359", "type": "seen", "source": "https://t.me/itsec_news/5391", "content": "\u200b\u26a1\ufe0fCVE-2025-23359: \u043d\u043e\u0432\u0430\u044f \u043b\u0430\u0437\u0435\u0439\u043a\u0430 \u0432 \u0441\u043e\u0444\u0442\u0435 Nvidia \u043f\u043e\u0441\u0442\u0430\u0432\u0438\u043b\u0430 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u043e\u0432 \u043f\u043e\u0434 \u0443\u0434\u0430\u0440\n\n\ud83d\udcac \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0432 \u043e\u0431\u043b\u0430\u0441\u0442\u0438 \u043a\u0438\u0431\u0435\u0440\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u043d\u043e\u0432\u044b\u0439 \u0441\u043f\u043e\u0441\u043e\u0431 \u043e\u0431\u0445\u043e\u0434\u0430 \u043d\u0435\u0434\u0430\u0432\u043d\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 NVIDIA Container Toolkit, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u044c \u0438\u0437\u043e\u043b\u044f\u0446\u0438\u044e \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u0430 \u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043f\u043e\u043b\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0445\u043e\u0441\u0442\u0443. \u041d\u043e\u0432\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440 CVE-2025-23359 \u0438 \u043e\u0446\u0435\u043d\u043a\u0443 8.3 \u0431\u0430\u043b\u043b\u0430 \u043f\u043e \u0448\u043a\u0430\u043b\u0435 CVSS.\n\n\u041e\u0448\u0438\u0431\u043a\u0430 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432:\n\nNVIDIA Container Toolkit \u2014 \u0432\u0441\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 \u0434\u043e 1.17.3 (\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043e \u0432 1.17.4)\nNVIDIA GPU Operator \u2014 \u0432\u0441\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 \u0434\u043e 24.9.1 (\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043e \u0432 24.9.2)\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f NVIDIA \u0432 \u0441\u0432\u043e\u0451\u043c \u043e\u0444\u0438\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u043c \u0443\u0432\u0435\u0434\u043e\u043c\u043b\u0435\u043d\u0438\u0438 \u0443\u043a\u0430\u0437\u0430\u043b\u0430, \u0447\u0442\u043e \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e TOCTOU (Time-of-Check to Time-of-Use). \u0412 \u0441\u0442\u0430\u043d\u0434\u0430\u0440\u0442\u043d\u043e\u0439 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0439 \u043c\u043e\u0436\u0435\u0442 \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u043f\u043e\u0434\u0433\u043e\u0442\u043e\u0432\u043b\u0435\u043d\u043d\u044b\u043c \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u043d\u044b\u043c \u043e\u0431\u0440\u0430\u0437\u043e\u043c, \u0447\u0442\u043e\u0431\u044b \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0444\u0430\u0439\u043b\u043e\u0432\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u0445\u043e\u0441\u0442\u0430. \u042d\u0442\u043e \u043e\u0442\u043a\u0440\u044b\u0432\u0430\u0435\u0442 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430, \u044d\u0441\u043a\u0430\u043b\u0430\u0446\u0438\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439, \u043e\u0442\u043a\u0430\u0437\u0430 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438 \u0438 \u043c\u0430\u043d\u0438\u043f\u0443\u043b\u044f\u0446\u0438\u0439 \u0441 \u0434\u0430\u043d\u043d\u044b\u043c\u0438.\n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f Wiz, \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0437\u0438\u0440\u0443\u044e\u0449\u0430\u044f\u0441\u044f \u043d\u0430 \u043e\u0431\u043b\u0430\u0447\u043d\u043e\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u0440\u0430\u0441\u043a\u0440\u044b\u043b\u0430 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0434\u0435\u0442\u0430\u043b\u0438 . \u041e\u043a\u0430\u0437\u0430\u043b\u043e\u0441\u044c, \u0447\u0442\u043e CVE-2025-23359 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043e\u0431\u0445\u043e\u0434\u043d\u044b\u043c \u043c\u0435\u0442\u043e\u0434\u043e\u043c \u0434\u043b\u044f \u0440\u0430\u043d\u0435\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2024-0132 (CVSS: 9.0), \u0437\u0430\u043a\u0440\u044b\u0442\u043e\u0439 \u0432 \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u0435 2024 \u0433\u043e\u0434\u0430.\n\n\u0412 \u0445\u043e\u0434\u0435 \u0430\u0442\u0430\u043a\u0438 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u0441\u043c\u043e\u043d\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u043a\u043e\u0440\u043d\u0435\u0432\u0443\u044e \u0444\u0430\u0439\u043b\u043e\u0432\u0443\u044e \u0441\u0438\u0441\u0442\u0435\u043c\u0443 \u0445\u043e\u0441\u0442\u0430 \u0432\u043d\u0443\u0442\u0440\u044c \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u0430, \u043f\u043e\u043b\u0443\u0447\u0438\u0432 \u043f\u043e\u043b\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a\u043e \u0432\u0441\u0435\u043c \u0434\u0430\u043d\u043d\u044b\u043c \u0438 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0430\u043c. \u041f\u043e\u043c\u0438\u043c\u043e \u044d\u0442\u043e\u0433\u043e, \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0435 \u043e\u043a\u0440\u0443\u0436\u0435\u043d\u0438\u0435 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0442\u044c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u044b \u0447\u0435\u0440\u0435\u0437 Unix-\u0441\u043e\u043a\u0435\u0442\u044b, \u0447\u0442\u043e \u0432\u0435\u0434\u0451\u0442 \u043a \u043f\u043e\u043b\u043d\u043e\u0439 \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u0438 \u0445\u043e\u0441\u0442\u0430.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Wiz \u0428\u0438\u0440 \u0422\u0430\u043c\u0430\u0440\u0438, \u0420\u043e\u043d\u0435\u043d \u0428\u0443\u0441\u0442\u0438\u043d \u0438 \u0410\u043d\u0434\u0440\u0435\u0441 \u0420\u0438\u0430\u043d\u0447\u043e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438, \u0447\u0442\u043e \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c \u043c\u043e\u043d\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0444\u0430\u0439\u043b\u043e\u0432 \u0432 NVIDIA Container Toolkit \u0434\u043e\u043f\u0443\u0441\u043a\u0430\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0438\u043c\u0432\u043e\u043b\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0441\u0441\u044b\u043b\u043e\u043a. \u042d\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043f\u043e\u0434\u043c\u0435\u043d\u044f\u0442\u044c \u043f\u0443\u0442\u0438 \u0442\u0430\u043a\u0438\u043c \u043e\u0431\u0440\u0430\u0437\u043e\u043c, \u0447\u0442\u043e\u0431\u044b \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0442\u044c \u0444\u0430\u0439\u043b\u044b \u0438\u0437 \u043a\u043e\u0440\u043d\u0435\u0432\u043e\u0439 \u0434\u0438\u0440\u0435\u043a\u0442\u043e\u0440\u0438\u0438 \u0445\u043e\u0441\u0442\u0430 \u0432 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440, \u0430 \u0437\u0430\u0442\u0435\u043c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c Unix-\u0441\u043e\u043a\u0435\u0442\u044b \u0434\u043b\u044f \u0437\u0430\u043f\u0443\u0441\u043a\u0430 \u043d\u043e\u0432\u044b\u0445 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u043e\u0432.\n\n\u0425\u043e\u0442\u044f \u0431\u0430\u0437\u043e\u0432\u044b\u0439 \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c \u0430\u0442\u0430\u043a\u0438 \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u043b\u0438\u0448\u044c \u0447\u0442\u0435\u043d\u0438\u0435 \u0444\u0430\u0439\u043b\u043e\u0432\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0445\u043e\u0441\u0442\u0430, \u044d\u0442\u043e\u0442 \u0431\u0430\u0440\u044c\u0435\u0440 \u043c\u043e\u0436\u043d\u043e \u043e\u0431\u043e\u0439\u0442\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u044b \u0434\u043b\u044f \u043f\u043e\u043b\u043d\u043e\u0433\u043e \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u043e\u0439. \u0422\u0430\u043a\u0438\u043c \u043e\u0431\u0440\u0430\u0437\u043e\u043c, \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0435 \u043c\u043e\u0433\u0443\u0442 \u043f\u0435\u0440\u0435\u0445\u0432\u0430\u0442\u044b\u0432\u0430\u0442\u044c \u0441\u0435\u0442\u0435\u0432\u043e\u0439 \u0442\u0440\u0430\u0444\u0438\u043a, \u043f\u0440\u043e\u0441\u043c\u0430\u0442\u0440\u0438\u0432\u0430\u0442\u044c \u0430\u043a\u0442\u0438\u0432\u043d\u044b\u0435 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u044b \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u0434\u0440\u0443\u0433\u0438\u0435 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u0432\u0430\u0436\u043d\u044b\u0435 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u0438 \u043d\u0430 \u0445\u043e\u0441\u0442\u0435.\n\n\u041f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c NVIDIA Container Toolkit \u043d\u0430\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c\u0441\u044f \u0434\u043e \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0445 \u0432\u0435\u0440\u0441\u0438\u0439 \u0438 \u043d\u0435 \u043e\u0442\u043a\u043b\u044e\u0447\u0430\u0442\u044c \u0444\u043b\u0430\u0433 \u00ab--no-cntlibs\u00bb \u0432 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0445 \u0441\u0440\u0435\u0434\u0430\u0445.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2025-02-13T15:45:09.000000Z"}, {"uuid": "f6082a6d-99dd-48ce-aa65-6e7fb5fb51e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23359", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/4004", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-23359\n\ud83d\udd25 CVSS Score: 9.2 (CVSS_V3)\n\ud83d\udd39 Description: NVIDIA Container Toolkit for Linux contains a Time-of-Check Time-of-Use (TOCTOU) vulnerability when used with default configuration, where a crafted container image could gain access to the host file system. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.\n\ud83d\udccf Published: 2025-02-12T03:31:14Z\n\ud83d\udccf Modified: 2025-02-12T03:31:14Z\n\ud83d\udd17 References:\n1. https://nvd.nist.gov/vuln/detail/CVE-2025-23359\n2. https://nvidia.custhelp.com/app/answers/detail/a_id/5616", "creation_timestamp": "2025-02-12T04:08:47.000000Z"}, {"uuid": "3e65d38b-6a2c-4ab8-a7b0-38cae475705e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23359", "type": "seen", "source": "https://t.me/rafa_sec/125", "content": "\ud83d\udea8 NVIDIA\u2019s critical security fix failed!\n\nNVIDIA\u2019s patch for CVE-2024-0132 (CVSS 9.0) was incomplete \u2014 attackers can still escape containers and gain root access (CVE-2025-23359).\n\n\ud83d\udc40 Admins: Threat actors are watching...\n\u2705 Patch now\n\u2705 Audit your containers\n\u2705 Lock down Docker APIs\n\nFull report \u2794 https://thehackernews.com/2025/04/incomplete-patch-in-nvidia-toolkit.html", "creation_timestamp": "2025-04-15T09:16:23.000000Z"}, {"uuid": "822a3f4a-906b-4448-8f57-f40ae0fb4055", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23359", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/11427", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-23359\n\ud83d\udd25 CVSS Score: 8.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H)\n\ud83d\udd39 Description: NVIDIA Container Toolkit for Linux contains a Time-of-Check Time-of-Use (TOCTOU) vulnerability when used with default configuration, where a crafted container image could gain access to the host file system. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.\n\ud83d\udccf Published: 2025-02-12T00:52:43.646Z\n\ud83d\udccf Modified: 2025-04-11T13:24:14.643Z\n\ud83d\udd17 References:\n1. https://nvidia.custhelp.com/app/answers/detail/a_id/5616", "creation_timestamp": "2025-04-11T13:51:22.000000Z"}, {"uuid": "7c8204db-fe9c-4732-a43d-5ebc13cf5391", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23359", "type": "seen", "source": "https://t.me/ics_cert/1121", "content": "\u0645\u062d\u0642\u0642\u0627\u0646 Trend Micro \u06a9\u0647 CVE-2025-23359 \u06a9\u0634\u0641 \u06a9\u0631\u062f\u0646\u062f \u0645\u0642\u0627\u0644\u0647 \u0627\u06cc \u0645\u0646\u062a\u0634\u0631 \u06a9\u0631\u062f\u0646\u062f.\n\n\u0628\u0647 \u0639\u0646\u0648\u0627\u0646 \u0645\u062b\u0627\u0644\u060c \u0622\u0646\u0647\u0627 \u0647\u0646\u06af\u0627\u0645 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0686\u0646\u062f\u06cc\u0646 \u0645\u0627\u0646\u062a \u062f\u0631 \u06cc\u06a9 \u06a9\u0627\u0646\u062a\u06cc\u0646\u0631 \u0645\u062a\u0648\u062c\u0647 \u0628\u0631\u062e\u06cc \u0645\u0634\u06a9\u0644\u0627\u062a \u0639\u0645\u0644\u06a9\u0631\u062f\u06cc \u0634\u062f\u0646\u062f \u06a9\u0647 \u0645\u06cc \u062a\u0648\u0627\u0646\u062f \u0645\u0646\u062c\u0631 \u0628\u0647 DoS \u0634\u0648\u062f (\u0647\u0645\u0627\u0646 \u0645\u0634\u06a9\u0644 \u0639\u0645\u0644\u06a9\u0631\u062f \u0628\u0647 \u0637\u0648\u0631 \u0645\u0633\u062a\u0642\u0644 \u062a\u0648\u0633\u0637 moby \u0648 NVIDIA \u06af\u0632\u0627\u0631\u0634 \u0634\u062f\u0647 \u0627\u0633\u062a):\n\n1. \u0647\u0646\u06af\u0627\u0645\u06cc \u06a9\u0647 \u06cc\u06a9 \u06a9\u0627\u0646\u062a\u06cc\u0646\u0631 \u062c\u062f\u06cc\u062f \u0628\u0627 \u0686\u0646\u062f\u06cc\u0646 \u0645\u0627\u0646\u062a \u067e\u06cc\u06a9\u0631\u0628\u0646\u062f\u06cc \u0634\u062f\u0647 \u0628\u0627 ( bind-propagation=shared ) \u0627\u06cc\u062c\u0627\u062f \u0645\u06cc \u0634\u0648\u062f\u060c \u0686\u0646\u062f\u06cc\u0646 \u0645\u0633\u06cc\u0631 \u0648\u0627\u0644\u062f/\u0641\u0631\u0632\u0646\u062f \u062a\u0646\u0638\u06cc\u0645 \u0645\u06cc \u0634\u0648\u062f. \u0628\u0627 \u0627\u06cc\u0646 \u062d\u0627\u0644\u060c \u067e\u0633 \u0627\u0632 \u062e\u0627\u062a\u0645\u0647 \u06a9\u0627\u0646\u062a\u06cc\u0646\u0631\u060c \u0648\u0631\u0648\u062f\u06cc\u200c\u0647\u0627\u06cc \u0645\u0631\u062a\u0628\u0637 \u0627\u0632 \u062c\u062f\u0648\u0644 \u0646\u0635\u0628 \u0644\u06cc\u0646\u0648\u06a9\u0633 \u062d\u0630\u0641 \u0646\u0645\u06cc\u200c\u0634\u0648\u0646\u062f.\n\n2. \u0627\u06cc\u0646 \u0628\u0627\u0639\u062b \u0645\u06cc \u0634\u0648\u062f \u06a9\u0647 \u062c\u062f\u0648\u0644 mount \u0628\u0647 \u0633\u0631\u0639\u062a \u0648 \u0628\u0647 \u0637\u0648\u0631 \u063a\u06cc\u0631\u0642\u0627\u0628\u0644 \u06a9\u0646\u062a\u0631\u0644\u06cc \u0631\u0634\u062f \u06a9\u0646\u062f \u0648 \u062a\u0648\u0635\u06cc\u0641\u06af\u0631\u0647\u0627\u06cc \u0641\u0627\u06cc\u0644 \u0645\u0648\u062c\u0648\u062f ( fd ) \u0631\u0627 \u062e\u0633\u062a\u0647 \u06a9\u0646\u062f. \u062f\u0631 \u0646\u0647\u0627\u06cc\u062a Docker \u0628\u0647 \u062f\u0644\u06cc\u0644 \u0641\u0631\u0633\u0648\u062f\u06af\u06cc fd \u0642\u0627\u062f\u0631 \u0628\u0647 \u0627\u06cc\u062c\u0627\u062f \u06a9\u0627\u0646\u062a\u06cc\u0646\u0631\u0647\u0627\u06cc \u062c\u062f\u06cc\u062f \u0646\u06cc\u0633\u062a.\n\n3. \u0627\u06cc\u0646 \u062c\u062f\u0648\u0644 \u0646\u0635\u0628 \u0628\u06cc\u0634 \u0627\u0632 \u062d\u062f \u0628\u0632\u0631\u06af \u0628\u0627 \u062c\u0644\u0648\u06af\u06cc\u0631\u06cc \u0627\u0632 \u0627\u062a\u0635\u0627\u0644 \u06a9\u0627\u0631\u0628\u0631\u0627\u0646 \u0628\u0647 \u0647\u0627\u0633\u062a (\u0645\u062b\u0644\u0627\u064b \u0627\u0632 \u0637\u0631\u06cc\u0642 SSH ) \u0628\u0627\u0639\u062b \u0645\u0634\u06a9\u0644\u0627\u062a \u062c\u062f\u06cc \u0639\u0645\u0644\u06a9\u0631\u062f \u0645\u06cc \u0634\u0648\u062f.\n\n\u0628\u0631 \u0627\u06cc\u0646 \u0627\u0633\u0627\u0633\u060c \u0628\u0631\u062e\u06cc \u0627\u0632 \u062c\u0632\u0626\u06cc\u0627\u062a \u0628\u0631\u0627\u06cc \u0628\u0647\u0631\u0647 \u0628\u0631\u062f\u0627\u0631\u06cc CVE-2025-23359 \u0641\u0627\u0634 \u0634\u062f (\u0627\u0645\u0627 \u0647\u06cc\u0686 PoC \u0627\u0631\u0627\u0626\u0647 \u0646\u0634\u062f):\n\n1. \u0645\u0647\u0627\u062c\u0645 \u0628\u0627 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u06cc\u06a9 \u067e\u06cc\u0648\u0646\u062f \u0646\u0645\u0627\u062f\u06cc\u0646 volume \u060c \u062f\u0648 \u062a\u0635\u0648\u06cc\u0631 \u0645\u062e\u0631\u0628 \u0645\u062e\u0631\u0628 \u0627\u06cc\u062c\u0627\u062f \u0645\u06cc \u06a9\u0646\u062f.\n2. \u0645\u0647\u0627\u062c\u0645 \u0628\u0647 \u0637\u0648\u0631 \u0645\u0633\u062a\u0642\u06cc\u0645 \u06cc\u0627 \u063a\u06cc\u0631\u0645\u0633\u062a\u0642\u06cc\u0645 \u062a\u0635\u0648\u06cc\u0631 \u0631\u0627 \u0631\u0648\u06cc \u067e\u0644\u062a\u0641\u0631\u0645 \u0642\u0631\u0628\u0627\u0646\u06cc \u0627\u062c\u0631\u0627 \u0645\u06cc \u06a9\u0646\u062f\n3. \u0627\u06cc\u0646 \u0628\u0647 \u0645\u0647\u0627\u062c\u0645 \u0627\u062c\u0627\u0632\u0647 \u0645\u06cc \u062f\u0647\u062f \u062a\u0627 \u0627\u0632 \u0637\u0631\u06cc\u0642 \u0634\u0631\u0627\u06cc\u0637 \u0645\u0633\u0627\u0628\u0642\u0647 \u0628\u0647 \u0633\u06cc\u0633\u062a\u0645 \u0641\u0627\u06cc\u0644 \u0645\u06cc\u0632\u0628\u0627\u0646 \u062f\u0633\u062a\u0631\u0633\u06cc \u067e\u06cc\u062f\u0627 \u06a9\u0646\u062f.\n4. \u0628\u0627 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0627\u06cc\u0646 \u062f\u0633\u062a\u0631\u0633\u06cc\u060c \u0645\u0647\u0627\u062c\u0645 \u0645\u06cc \u062a\u0648\u0627\u0646\u062f \u0645\u062a\u0639\u0627\u0642\u0628\u0627\u064b \u0628\u0647 \u0633\u0648\u06a9\u062a \u0647\u0627\u06cc Container Runtime Unix \u062f\u0633\u062a\u0631\u0633\u06cc \u067e\u06cc\u062f\u0627 \u06a9\u0646\u062f \u062a\u0627 \u062f\u0633\u062a\u0648\u0631\u0627\u062a \u062f\u0644\u062e\u0648\u0627\u0647 \u0631\u0627 \u0628\u0627 \u0627\u0645\u062a\u06cc\u0627\u0632\u0627\u062a root \u0627\u062c\u0631\u0627 \u06a9\u0646\u062f\u060c \u06cc\u0639\u0646\u06cc \u06a9\u0646\u062a\u0631\u0644 \u06a9\u0627\u0645\u0644 \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 \u0628\u0631 \u0631\u0648\u06cc \u0633\u06cc\u0633\u062a\u0645 \u062f\u0631 \u0645\u0639\u0631\u0636 \u062e\u0637\u0631 \u0631\u0627 \u0628\u0647 \u062f\u0633\u062a \u0622\u0648\u0631\u062f.\n\ud83c\udfed \u0648\u0628\u0633\u0627\u06cc\u062a \u0648 \u06a9\u0627\u0646\u0627\u0644 \u062a\u062e\u0635\u0635\u06cc \u0627\u0645\u0646\u06cc\u062a \u0632\u06cc\u0631\u0633\u0627\u062e\u062a\u0647\u0627\u06cc \u0627\u062a\u0648\u0645\u0627\u0633\u06cc\u0648\u0646 \u0648 \u06a9\u0646\u062a\u0631\u0644 \u0635\u0646\u0639\u062a\u06cc\n\ud83d\udc6e\ud83c\udffd\u200d\u2640\ufe0f\u0647\u0631\u06af\u0648\u0646\u0647 \u0627\u0646\u062a\u0634\u0627\u0631 \u0648 \u0630\u06a9\u0631 \u0645\u0637\u0627\u0644\u0628 \u0628\u062f\u0648\u0646 \u0630\u06a9\u0631 \u062f\u0642\u06cc\u0642 \u0645\u0646\u0628\u0639 \u0648 \u0622\u062f\u0631\u0633 \u0644\u06cc\u0646\u06a9 \u0622\u0646 \u0645\u0645\u0646\u0648\u0639 \u0627\u0633\u062a. \n\u0627\u062f\u0645\u06cc\u0646:\n\u200fhttps://t.me/pedram_kiani\n\u06a9\u0627\u0646\u0627\u0644 \u062a\u0644\u06af\u0631\u0627\u0645:\nhttps://t.me/ics_cert\n\u06af\u0631\u0648\u0647 \u0648\u0627\u062a\u0633 \u0622\u067e :\nhttps://chat.whatsapp.com/FpB620AWEeSKvd8U6cFh33\n\u06af\u0631\u0648\u0647 \u062a\u0644\u06af\u0631\u0627\u0645:\nhttps://t.me/ICSCERT_IR", "creation_timestamp": "2025-04-19T17:10:10.000000Z"}, {"uuid": "b20d2cb1-60e3-4f59-84ce-1f23a0e696fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23359", "type": "seen", "source": "Telegram/Aa-mJwZiwTCfoBEQv0lRdJpPDlbI1xOoLBXO2yYDbMtOaA", "content": "", "creation_timestamp": "2025-02-12T16:32:28.000000Z"}, {"uuid": "edfa23d7-0ac9-4f17-9ccb-fa631d7ddbef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23359", "type": "seen", "source": "https://t.me/CyberBulletin/3011", "content": "\u26a1\ufe0fNVIDIA\u2019s patch for CVE-2024-0132 (CVSS 9.0) was incomplete \u2014 attackers can still escape containers and gain root access (CVE-2025-23359).\n\n#CyberBulletin", "creation_timestamp": "2025-04-12T02:00:49.000000Z"}, {"uuid": "22b0c87f-8048-4c24-b66f-52a07bf16e58", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23359", "type": "seen", "source": "Telegram/1CU4p-35uR_OEd5tkAHkEjg_BY2nsASvWGQ5wETIDJqGUhs", "content": "", "creation_timestamp": "2025-02-12T03:00:28.000000Z"}, {"uuid": "2a5d7721-3c13-463e-90fd-6382ba2e56ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23359", "type": "seen", "source": "https://t.me/thehackernews/6330", "content": "\ud83d\udea8 Alert - A new vulnerability (CVE-2025-23359) in NVIDIA's Container Toolkit could break container isolation and give attackers full access to your system.\n\nIf exploited, attackers could bypass isolation protections, accessing your files and even running malicious code.\n\n\ud83d\udd17 Get all the details: https://thehackernews.com/2025/02/researchers-find-new-exploit-bypassing.html", "creation_timestamp": "2025-02-12T15:23:47.000000Z"}, {"uuid": "4ab3b8ad-9c6b-416e-8631-1851180380cc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23359", "type": "published-proof-of-concept", "source": "https://t.me/true_secator/6729", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Wiz \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u043d\u043e\u0432\u044b\u0439 \u0432\u0430\u0440\u0438\u0430\u043d\u0442 \u043e\u0431\u0445\u043e\u0434\u0430 \u0443\u0436\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 NVIDIA Container Toolkit, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u0432\u044b\u0445\u043e\u0434\u0430 \u0437\u0430 \u043f\u0440\u0435\u0434\u0435\u043b\u044b \u0438\u0437\u043e\u043b\u044f\u0446\u0438\u0438 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u0430 \u0438 \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u043f\u043e\u043b\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0431\u0430\u0437\u043e\u0432\u043e\u043c\u0443 \u0445\u043e\u0441\u0442\u0443.\n\n\u041d\u043e\u0432\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a CVE-2025-23359 \u0438 \u0438\u043c\u0435\u0435\u0442 \u043e\u0446\u0435\u043d\u043a\u0443 CVSS: 8.3.\n\n\u041e\u043d\u0430 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 NVIDIA Container Toolkit (\u0432\u0441\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 \u0434\u043e 1.17.3 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e, \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043e \u0432 1.17.4) \u0438 NVIDIA GPU Operator (\u0432\u0441\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 \u0434\u043e 24.9.1 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e, \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043e \u0432 24.9.2).\n\n\u0412 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 \u043f\u043e\u044f\u0441\u043d\u044f\u044e\u0442, \u0447\u0442\u043e NVIDIA Container Toolkit \u0434\u043b\u044f Linux \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c TOCTOU\u00a0(Time-of-Check Time-of-Use) \u043f\u0440\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0438 \u0441 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0435\u0439 \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e, \u043a\u043e\u0433\u0434\u0430 \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0439 \u043e\u0431\u0440\u0430\u0437 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u0430 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0444\u0430\u0439\u043b\u043e\u0432\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u0445\u043e\u0441\u0442\u0430.\n\n\u0423\u0441\u043f\u0435\u0448\u043d\u0430\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a RCE, DoS, EoP, \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u0438 \u043f\u043e\u0434\u0434\u0435\u043b\u043a\u0435 \u0434\u0430\u043d\u043d\u044b\u0445.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Wiz \u043f\u043e\u0434\u0435\u043b\u0438\u043b\u0438\u0441\u044c \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u043c\u0438 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u044f\u043c\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u0432 \u0435\u0435 \u043a\u0430\u043a \u043e\u0431\u0445\u043e\u0434 \u0434\u0440\u0443\u0433\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u043e\u0439 \u043a\u0430\u043a CVE-2024-0132 \u0441 \u043e\u0446\u0435\u043d\u043a\u043e\u0439 CVSS: 9,0, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0431\u044b\u043b\u0430 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430 NVIDIA \u0432 \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u0435 2024 \u0433\u043e\u0434\u0430.\n\n\u0412\u043a\u0440\u0430\u0442\u0446\u0435, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043c\u043e\u043d\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u043a\u043e\u0440\u043d\u0435\u0432\u0443\u044e \u0444\u0430\u0439\u043b\u043e\u0432\u0443\u044e \u0441\u0438\u0441\u0442\u0435\u043c\u0443 \u0445\u043e\u0441\u0442\u0430 \u0432 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440, \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u044f \u0438\u043c \u043d\u0435\u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a\u043e \u0432\u0441\u0435\u043c \u0444\u0430\u0439\u043b\u0430\u043c.\n\n\u0411\u043e\u043b\u0435\u0435 \u0442\u043e\u0433\u043e, \u044d\u0442\u043e\u0442 \u0434\u043e\u0441\u0442\u0443\u043f \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d \u0434\u043b\u044f \u0437\u0430\u043f\u0443\u0441\u043a\u0430 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u043e\u0432 \u0438 \u0434\u043e\u0441\u0442\u0438\u0436\u0435\u043d\u0438\u044f \u043f\u043e\u043b\u043d\u043e\u0433\u043e \u0432\u0437\u043b\u043e\u043c\u0430 \u0445\u043e\u0441\u0442\u0430 \u0447\u0435\u0440\u0435\u0437 \u0441\u043e\u043a\u0435\u0442 Unix \u0432\u043e \u0432\u0440\u0435\u043c\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f.\n\n\u0410\u043d\u0430\u043b\u0438\u0437 \u0438\u0441\u0445\u043e\u0434\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u0430\u0440\u0438\u044f \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u0430 \u043f\u043e\u043a\u0430\u0437\u0430\u043b, \u0447\u0442\u043e \u043f\u0443\u0442\u0438 \u043a \u0444\u0430\u0439\u043b\u0430\u043c, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0435 \u0432\u043e \u0432\u0440\u0435\u043c\u044f \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u0439 \u043c\u043e\u043d\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f, \u043c\u043e\u0436\u043d\u043e \u0438\u0437\u043c\u0435\u043d\u044f\u0442\u044c \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0441\u0438\u043c\u0432\u043e\u043b\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0441\u0441\u044b\u043b\u043a\u0438 \u0434\u043e\u0431\u0438\u0432\u0430\u044f\u0441\u044c \u043c\u043e\u043d\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0438\u0437\u0432\u043d\u0435 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u0430 (\u0442.\u0435. \u0438\u0437 \u043a\u043e\u0440\u043d\u0435\u0432\u043e\u0433\u043e \u043a\u0430\u0442\u0430\u043b\u043e\u0433\u0430) \u0432 \u043f\u0443\u0442\u044c \u0432\u043d\u0443\u0442\u0440\u0438 \u00ab/usr/lib64\u00bb.\n\n\u0425\u043e\u0442\u044f \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0444\u0430\u0439\u043b\u043e\u0432\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u0445\u043e\u0441\u0442\u0430, \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u043c\u044b\u0439 \u043f\u0440\u0438 \u0432\u044b\u0445\u043e\u0434\u0435 \u0438\u0437 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u0430, \u0434\u043e\u0441\u0442\u0443\u043f\u0435\u043d \u0442\u043e\u043b\u044c\u043a\u043e \u0434\u043b\u044f \u0447\u0442\u0435\u043d\u0438\u044f, \u044d\u0442\u043e \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u0435 \u043c\u043e\u0436\u043d\u043e \u043e\u0431\u043e\u0439\u0442\u0438, \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044f \u0441 \u0441\u043e\u043a\u0435\u0442\u0430\u043c\u0438 Unix \u0434\u043b\u044f \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044f \u043d\u043e\u0432\u044b\u0445 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u043e\u0432 \u0438 \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u043d\u0435\u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0444\u0430\u0439\u043b\u043e\u0432\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u0435.\n\n\u041a\u0430\u043a \u043e\u0442\u043c\u0435\u0447\u0430\u044e\u0442 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438, \u044d\u0442\u043e\u0442 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u043d\u044b\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u0442\u0430\u043a\u0436\u0435 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u043b \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0442\u044c \u0441\u0435\u0442\u0435\u0432\u043e\u0439 \u0442\u0440\u0430\u0444\u0438\u043a, \u043e\u0442\u043b\u0430\u0436\u0438\u0432\u0430\u0442\u044c \u0430\u043a\u0442\u0438\u0432\u043d\u044b\u0435 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u044b \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u0440\u044f\u0434 \u0434\u0440\u0443\u0433\u0438\u0445 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u0439 \u043d\u0430 \u0443\u0440\u043e\u0432\u043d\u0435 \u0445\u043e\u0441\u0442\u0430.\n\n\u041f\u043e\u043c\u0438\u043c\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043e \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c NVIDIA Container Toolkit \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043d\u0435 \u043e\u0442\u043a\u043b\u044e\u0447\u0430\u0442\u044c\u00a0\u0444\u043b\u0430\u0433 \u00ab--no-cntlibs\u00bb\u00a0\u0432 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0445 \u0441\u0440\u0435\u0434\u0430\u0445.", "creation_timestamp": "2025-02-13T13:35:57.000000Z"}, {"uuid": "bf4b3b4d-e10c-4faa-a142-eb9e3103c899", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23359", "type": "exploited", "source": "https://t.me/thehackernews/6648", "content": "\ud83d\udea8 NVIDIA\u2019s critical security fix failed!\n\nNVIDIA\u2019s patch for CVE-2024-0132 (CVSS 9.0) was incomplete \u2014 attackers can still escape containers and gain root access (CVE-2025-23359).\n\n\ud83d\udc40 Admins: Threat actors are watching...\n\u2705 Patch now\n\u2705 Audit your containers\n\u2705 Lock down Docker APIs\n\nFull report \u2794 https://thehackernews.com/2025/04/incomplete-patch-in-nvidia-toolkit.html", "creation_timestamp": "2025-04-10T16:19:38.000000Z"}]}