AI Research

Researchers Release PoC Exploit for High-Severity NVIDIA AI Toolkit Bug

Published

2 months ago

July 21, 2025

Wiz Research has disclosed a severe vulnerability in the NVIDIA Container Toolkit (NCT), dubbed #NVIDIAScape and tracked as CVE-2025-23266 with a CVSS score of 9.0, enabling malicious containers to escape isolation and gain root access on host systems.

This flaw, stemming from a misconfiguration in OCI hook handling, affects NCT versions up to 1.17.7 (in CDI mode for pre-1.17.5 releases) and NVIDIA GPU Operator up to 25.3.1.

As a cornerstone for GPU-accelerated AI workloads in cloud environments, the toolkit’s vulnerability poses a systemic risk, potentially allowing attackers to compromise shared infrastructure and access sensitive data across multi-tenant setups.

Critical Container Escape Flaw

The exploit leverages the OCI runtime specification’s createContainer hooks, which NCT employs to configure container access to host NVIDIA drivers and GPUs.

Unlike prestart hooks that operate in isolated contexts, createContainer hooks inherit environment variables from the container image, as defined in the OCI spec occurring post-mount namespace setup but pre-pivot_root.

This inheritance exposes a critical weakness: attackers can manipulate variables like LD_PRELOAD to inject malicious shared objects into the privileged nvidia-ctk process.

With the hook’s working directory set to the container’s root filesystem, a simple path to a payload .so file suffices for execution.

Demonstrating the vulnerability’s simplicity, Wiz released a proof-of-concept (PoC) exploit via a three-line Dockerfile: starting from a Busybox base, it sets LD_PRELOAD to /proc/self/cwd/poc.so and adds the malicious library.

When run with the NVIDIA runtime and GPU flags, the hook loads the payload, granting host root privileges evidenced by a sample PoC that executes ‘id’ and writes output to /owned on the host.

Root on the Host

This mirrors prior container escapes, such as Wiz’s earlier findings in Replicate and DigitalOcean, underscoring recurring flaws in AI supply chain security.

The issue is particularly acute in managed AI services on shared GPU clusters, where untrusted containers could enable data theft or model manipulation across customers.

Initial access vectors include social engineering, supply chain compromises, or arbitrary image loading, bypassing the need for public exposure.

According to the Report, Wiz’s research extends from previous disclosures like CVE-2024-0132, highlighting vulnerabilities in AI stacks from infrastructure like Hugging Face to tools like Ollama.

Patching Guidance for Secure AI Deployments

NVIDIA’s security bulletin urges immediate upgrades to patched NCT versions, with Wiz providing a Threat Intel Center query for identifying vulnerable instances.

Prioritization should focus on hosts running untrusted images, augmented by runtime validation to confirm active toolkit usage.

For unpatchable systems, disable the enable-cuda-compat hook: in legacy NCT mode, edit /etc/nvidia-container-toolkit/config.toml to set features.disable-cuda-compat-lib-hook = true.

For GPU Operator, append disable-cuda-compat-lib-hook to NVIDIA_CONTAINER_TOOLKIT_OPT_IN_FEATURES via Helm arguments, or deploy v1.17.8 directly with platform-specific tags like ubuntu20.04 or ubi8.

The disclosure timeline began with Wiz’s report to NVIDIA on May 17, 2025, during Pwn2Own Berlin, culminating in the CVE assignment and bulletin on July 15, 2025, followed by this public release.

This vulnerability reinforces that AI security threats stem more from foundational infrastructure flaws than speculative AI-driven attacks, urging teams to enforce strict controls over model sources and container integrity in rapidly evolving AI pipelines.

Get Free Ultimate SOC Requirements Checklist Before you build, buy, or switch your SOC for 2025 - Download Now

Source link

AI Research

Love and Artificial Intelligence – cbsnews.com

Published

43 minutes ago

September 14, 2025

The Editors

Love and Artificial Intelligence cbsnews.com

Source link

AI Research

NFL player props, odds, lines: Week 2, 2025 NFL picks, SportsLine Machine Learning Model AI predictions, SGP

Published

2 hours ago

September 14, 2025

Ross Kelly

The Under went 12-4 in Week 1, indicating that not only were there fewer points scored than expected, but there were also fewer yards gained. Backing the Under with NFL prop bets was likely profitable for the opening slate of games, but will that maintain with Week 2 NFL props? Interestingly though, four of the five highest-scoring games last week were the primetime games, so if that holds, then the Overs for this week’s night games could be attractive with Week 2 NFL player props.

There’s a Monday Night Football doubleheader featuring star quarterbacks like Baker Mayfield, C.J. Stroud and Justin Herbert. The games also feature promising rookies such as Ashton Jeanty, Omarion Hampton and Emeka Egbuka. Prop lines are usually all over the place early in the season as sportsbooks attempt to establish a player’s potential, and you could take advantage of this with the right NFL picks. If you are looking for NFL prop bets or NFL parlays for Week 2, SportsLine has you covered with the top Week 2 player props from its Machine Learning Model AI.

Built using cutting-edge artificial intelligence and machine learning techniques by SportsLine’s Data Science team, AI Predictions and AI Ratings are generated for each player prop.

Now, with the Week 2 NFL schedule quickly approaching, SportsLine’s Machine Learning Model AI has identified the top NFL props from the biggest Week 2 games.

Week 2 NFL props for Sunday’s main slate

After analyzing the NFL props from Sunday’s main slate and examining the dozens of NFL player prop markets, the SportsLine’s Machine Learning Model AI says Lions receiver Amon-Ra St. Brown goes Over 63.5 receiving yards (-114) versus the Bears at 1 p.m. ET. Detroit will host this contest, which is notable as St. Brown has averaged 114 receiving yards over his last six home games. He had at least 70 receiving yards in both matchups versus the Bears a year ago.

Chicago allowed 12 receivers to go Over 63.5 receiving yards last season as the Bears’ pass defense is adept at keeping opponents out of the endzone but not as good at preventing yardage. Chicago allowed the highest yards per attempt and second-highest yards per completion in 2024. While St. Brown had just 45 yards in the opener, the last time he was held under 50 receiving yards, he then had 193 yards the following week. The SportsLine Machine Learning Model projects 82.5 yards for St. Brown in a 4.5-star pick. See more Week 2 NFL props here.

Week 2 NFL props for Vikings vs. Falcons on Sunday Night Football

After analyzing Falcons vs. Vikings props and examining the dozens of NFL player prop markets, the SportsLine’s Machine Learning Model AI says Falcons running back Bijan Robinson goes Over 65.5 rushing yards (-114). Robinson ran for 92 yards and a touchdown in Week 14 of last season versus Minnesota, despite the Vikings having the league’s No. 2 run defense a year ago. The SportsLine Machine Learning Model projects Robinson to have 81.8 yards on average in a 4.5-star prop pick. See more NFL props for Vikings vs. Falcons here.

You can make NFL prop bets on Robinson, Justin Jefferson and others with the Underdog Fantasy promo code CBSSPORTS2. Pick at Underdog Fantasy and get $50 in bonus funds after making a $5 wager:

Week 2 NFL props for Buccaneers vs. Texans on Monday Night Football

After analyzing Texans vs. Buccaneers props and examining the dozens of NFL player prop markets, the SportsLine’s Machine Learning Model AI says Bucs quarterback Baker Mayfield goes Under 235.5 passing yards (-114). While Houston has questions regarding its offense, there’s little worry about the team’s pass defense. In 2024, Houston had the second-most interceptions, the fourth-most sacks and allowed the fourth-worst passer rating. Since the start of last year, and including the playoffs, the Texans have held opposing QBs under 235.5 yards in 13 of 20 games. The SportsLine Machine Learning Model forecasts Mayfield to finish with just 200.1 passing yards, making the Under a 4-star NFL prop. See more NFL props for Buccaneers vs. Texans here.

You can also use the latest FanDuel promo code to get $300 in bonus bets instantly:

Week 2 NFL props for Chargers vs. Raiders on Monday Night Football

After analyzing Raiders vs. Chargers props and examining the dozens of NFL player prop markets, the SportsLine’s Machine Learning Model AI says Chargers quarterback Justin Herbert goes Under 254.5 passing yards (-114). The Raiders’ defense was underrated in preventing big passing plays a year ago as it ranked third in the NFL in average depth of target allowed. It forced QBs to dink and dunk their way down the field, which doesn’t lead to big passing yardages, and L.A. generally prefers to not throw the ball anyway. Just four teams attempted fewer passes last season than the Chargers, and with L.A. running for 156.5 yards versus Vegas last season, Herbert shouldn’t be overly active on Monday night. He’s forecasted to have 221.1 passing yards in a 4.5-star NFL prop bet. See more NFL props for Chargers vs. Raiders here.

How to make Week 2 NFL prop picks

SportsLine’s Machine Learning Model has identified another star who sails past his total and has dozens of NFL props rated 4 stars or better. You need to see the Machine Learning Model analysis before making any Week 2 NFL prop bets.

Which NFL prop picks should you target for Week 2, and which quarterback has multiple 5-star rated picks? Visit SportsLine to see the latest NFL player props from SportsLine’s Machine Learning Model that uses cutting-edge artificial intelligence to make its projections.

Source link