NVIDIA Container Toolkit 1.16.1 or earlier contains a Time-of-check Time-of-Use (TOCTOU) vulnerability when used with default configuration where a specifically crafted container image may gain access to the host file system. This does not impact use cases where CDI is used. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.
https://aws.amazon.com/security/security-bulletins/AWS-2024-010/
https://www.thestack.technology/critical-nvidia-container-bug-is-an-old-school-risk-to-ai-workloads/
https://www.theregister.com/2024/09/26/critical_nvidia_bug_container_escape/