INFSA-2025:13673: toolbox security update
Information about definition
Identificator: INFSA-2025:13673
Type: security
Release date: 2025-08-15 16:05:18 UTC
Information about package
Toolbox is a tool for Linux operating systems, which allows the use of containerized command line environments. It is built on top of Podman and other standard container technologies from OCI.
Vulnerabilities description
- CVE-2025-23266
A flaw was found in the NVIDIA Container Toolkit. This vulnerability allows execution of arbitrary code with elevated permissions via improperly secured container initialization hooks. This can potentially lead to privilege escalation, data tampering, information disclosure, and denial of service.
Severity level
| CVE | Score CVSS 2.0 | Score CVSS 3.x | Score CVSS 4.0 |
|---|---|---|---|
|
NIST — CVE-2025-23266
|
no information | 9.0 | no information |
Updated packages