Fellow Linux admins-

The Nvidia Container Toolkit is a set of open-source software libraries and tools designed to enable containerized applications to leverage NVIDIA GPUs for accelerated computing. It's a great way to deploy and manage GPU-accelerated applications within Docker containers.

However, they recently announced a relatively unknown type of vulnerability called Time-of-Check Time-of-Use (TOCTOU) vulnerability, which enables a malicious container image to potentially gain unauthorized access to the host system's filesystem. Read on to learn more about this type of vulnerability and the impact of this highly critical exploit.

You'll also learn about several security bugs found in the Mozilla Firefox web browser prior to version 135 that threaten data privacy.

If you found value in today’s newsletter, please share it with your friends! Do you have a Linux security-related topic you'd like to cover for our audience? We welcome contributions from passionate, insightful community members who share our love for Linux and security!

Stay safe out there,

Dv Signature Newsletter 2024 Esm W150

Dave Wreski

LinuxSecurity Founder

Nvidia Container Toolkit/GPU Operator 

The Discovery 

Nvidia recently disclosed a critical Time-of-Check Time-of-Use (TOCTOU) vulnerability in their Linux Container Toolkit up to version 1.17.3 and GPU Operator up to version 24.9.1 (CVE-2025-23359).

Nvidia Esm W300

The Impact

These flaws allow malicious actors to execute unauthorized code, disrupt services, escalate privileges, and access or tamper with sensitive data.

 The Fix

Nvidia has released updates addressing this bug. Impacted admins and users should upgrade to Nvidia Container Toolkit version 1.17.4 or later as soon as possible and GPU Operator version 24.9.2 or later.

Your Related Advisories:

[distro_list_1]

Firefox

The Discovery 

Several significant security bugs have been found in the Mozilla Firefox web browser prior to version 135.

Firefox Esm W186

The Impact

These flaws could result in severe privacy leaks.

 The Fix

Firefox 135 has been released to mitigate these issues. We strongly recommend that all impacted users update now to protect their security and privacy online.

Your Related Advisories:

[distro_list_2]