CVE-2026-24260

Summary

NVIDIA Container Toolkit for Linux contains a vulnerability where an attacker could cause a time-of-check time-of-use race condition. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, and data tampering.

Affected Software

VendorProductVersion RangeStatus
NVIDIAContainer ToolkitAll versions up to and including 1.19.0affected
NVIDIAGPU OperatorAll versions up to and including 26.3.1affected

Weaknesses

  • CWE-367: CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References