Home > Vulnerability Database > CVE-2025-23267

Mend.io Vulnerability Database

New vulnerability? Tell us about it!

CVE-2025-23267

Good to know:

Date: July 17, 2025

A vulnerability in NVIDIA Container Toolkit can lead to container escape.

Severity Score

8.5

Related Resources (9)

Url: https://github.com/NVIDIA/mig-parted

Url: https://nvd.nist.gov/vuln/detail/CVE-2025-23267

Url: https://github.com/NVIDIA/k8s-device-plugin

Url: https://github.com/NVIDIA/nvidia-container-toolkit

Url: https://seclists.org/oss-sec/2025/q3/45

Url: https://github.com/NVIDIA/gpu-operator

Url: https://pkg.go.dev/vuln/GO-2025-3998

Url: https://nvidia.custhelp.com/app/answers/detail/a_id/5659

Url: https://www.mend.io/vulnerability-database/CVE-2025-23267

Severity Score

8.5

Weakness Type (CWE)

Improper Link Resolution Before File Access ('Link Following')

CWE-59

Top Fix

Upgrade Version

Upgrade to version github.com/NVIDIA/nvidia-container-toolkit - v1.17.8;github.com/NVIDIA/nvidia-container-toolkit - v1.17.8;github.com/NVIDIA/k8s-device-plugin - v0.17.3;github.com/NVIDIA/gpu-operator - v25.3.2;github.com/NVIDIA/mig-parted - v0.12.2

Learn More

CVSS v3.1

Base Score:	8.5
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	LOW
User Interaction (UI):	NONE
Scope (S):	CHANGED
Confidentiality (C):	NONE
Integrity (I):	LOW
Availability (A):	HIGH

Mend.io Vulnerability Database

We found results for “”

CVE-2025-23267

Good to know:

Date: July 17, 2025

Severity Score

Related Resources (9)

Severity Score

Weakness Type (CWE)

Top Fix

Upgrade Version

CVSS v3.1

Do you need more information?