Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Is CVE-2024-0132 relevant to the Driver Plugin? #967

Open
ryanpxx opened this issue Sep 27, 2024 · 1 comment
Open

Is CVE-2024-0132 relevant to the Driver Plugin? #967

ryanpxx opened this issue Sep 27, 2024 · 1 comment

Comments

@ryanpxx
Copy link

ryanpxx commented Sep 27, 2024

Hi Guys,

Apologies if the question has already been asked, but ...: Can anybody definitively say if the Driver Plugin is affected by this CVE here:

https://www.securityweek.com/critical-nvidia-container-flaw-exposes-cloud-ai-systems-to-host-takeover/

Concerning for me is this sentence:

"... the bug lies in Nvidia’s Container Toolkit and GPU Operator, ..."

Thanks,

Phil.
@chipzoller
Copy link
Contributor

The device plugin is not the container toolkit nor is it the GPU operator. And according to the release notes for v24.6.2 of the GPU operator, that CVE has been fixed.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@ryanpxx @chipzoller