File _patchinfo of Package patchinfo.42638
<patchinfo incident="42638"> <issue tracker="cve" id="2024-0132"/> <issue tracker="cve" id="2024-0133"/> <issue tracker="bnc" id="1231033">VUL-0: CVE-2024-0132: nvidia-container-toolkit: time-of-check time-of-use (TOCTOU) race condition in default configuration via specifically crafted container image</issue> <issue tracker="bnc" id="1231032">VUL-0: CVE-2024-0133: nvidia-container-toolkit: data tampering in host file system via specially crafted container image</issue> <packager>msmeissn</packager> <rating>important</rating> <category>security</category> <summary>Security update for libnvidia-container</summary> <description>This update for libnvidia-container fixes the following issues: Update to version 1.18.0. Security issues fixed: - CVE-2024-0132: time-of-check time-of-use (TOCTOU) race condition in default configuration via specifically crafted container image (bsc#1231033). - CVE-2024-0133: data tampering in host file system via specially crafted container image (bsc#1231032). Other updates and bugfixes: - updated to 1.18.0 - Add clock_gettime to allowed syscalls - Fix pointer accessing local variable out of scope - Require version match between libnvidia-container-tools and libnvidia-container1 - Add libnvidia-gpucomp.so to the list of compute libs - Use VERSION_ prefix for version parts in makefiles - Add additional logging - Do not discard container flags when --cuda-compat-mode is not specified - Remove unneeded --no-cntlibs argument from list command - Add cuda-compat-mode flag to configure command - Skip files when user has insufficient permissions - Fix building with Go 1.24 - Add no-cntlibs CLI option to nvidia-container-cli - Fix always using fallback - Add fallback for systems without memfd_create() - Create virtual copy of host ldconfig binary before calling fexecve() - Fix some typos in text. - update nvidia modprobe to expected 550.54.14. - remove services </description> </patchinfo>