Amazon Linux 2023 Security Advisory: ALAS2023NVIDIA-2025-126
Advisory Released Date: 2025-07-17
Advisory Updated Date: 2025-07-17
Severity:
Critical
Issue Overview:
NVIDIA Container Toolkit for all platforms contains a vulnerability in the update-ldcache hook, where an attacker could cause a link following by using a specially crafted container image. A successful exploit of this vulnerability might lead to data tampering and denial of service.
Affected Packages:
libnvidia-container
Issue Correction:
Run dnf update libnvidia-container --releasever 2023.8.20250715 to update your system.
New Packages:
x86_64:
libnvidia-container-devel-1.17.8-1.x86_64
libnvidia-container-libseccomp2-1.17.8-1.x86_64
libnvidia-container-static-1.17.8-1.x86_64
libnvidia-container-tools-1.17.8-1.x86_64
libnvidia-container1-1.17.8-1.x86_64
libnvidia-container1-debuginfo-1.17.8-1.x86_64