Hello, NVIDIA Container Toolkit for all platforms contains a vulnerability in the update-ldcache hook, where an attacker could cause a link following by using a specially crafted container image. A successful exploit of this vulnerability might lead to container escape.. Details: - CVE: CVE-2025-23267 - Sevirity: 8.5(CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:H) - Impact: A successful exploit of this vulnerability might lead to container escape. - Affected versions: All versions up to and including 1.17.7 (CDI mode only for versions prior to 1.17.5) - Fixed in: 1.17.8. Description: The vulnerability is related to the update-ldcache command invoking the host’s ldconfig binary with the -r parameter to chroot into the container’s root filesystem. However, because no sandboxing is provided for the ldconfig command, an attacker could exploit the absence of isolation by leveraging the procfs to perform path traversal beyond the intended containerized environment. When the ldconfig command writes to files such as /etc/ld.so.cache<http://ld.so.cache/>, /var/cache/ldconfig/aux-cache, etc., if the relevant paths are symbolic links, it can overwrite the corresponding files on the host or write to any arbitrary location on the host. The file ld.so.cache<http://ld.so.cache/> is a critical cache file used by the Linux dynamic linker to accelerate the search process for shared libraries (.so files). When a program starts and requires dynamic linking of shared libraries, the dynamic linker (ld.so)<http://ld.so)/> directly reads the ld.so.cache<http://ld.so.cache/> instead of traversing all directories in real-time. If attackers compromise the ld.so.cache<http://ld.so.cache/>, they could potentially redirect legitimate library paths to malicious shared libraries controlled by them, leading to container escape. Credit: Lei Wang & Min Yao (Nebula Security Lab, Huawei Cloud) Reference: https://nvidia.custhelp.com/app/answers/detail/a_id/5659 Best regards, Yajie Li
