漏洞平台

POC详情： 120fad43f48142b5070bb39e8f17f493ae027c66

来源

https://github.com/pokerfaceSad/CVE-2021-1056

关联漏洞

标题： Nvidia GPU Display Driver for Linux 信息泄露漏洞 (CVE-2021-1056)
描述：Nvidia GPU Display Driver for Linux是美国英伟达（Nvidia）公司的一个用于Linux系统中对显卡显示模块进行交互支持的驱动软件。 NVIDIA GPU Display Driver for Linux all versions存在安全漏洞，该漏洞源于不完全遵守操作系统文件系统权限，提供GPU设备级隔离，可能导致拒绝服务或信息泄露。

描述

PoC for CVE-2021-1056, related to GPU Container Security

介绍

# CVE-2021-1056
![LICENSE](https://img.shields.io/github/license/pokerfaceSad/CVE-2021-1056) 

[CVE-2021-1056](https://ubuntu.com/security/CVE-2021-1056) is a vulnerability I submitted to NVIDIA PSIRT. Personally, it may lead to high security risks in multi-tenant HPC clusters, especially in cloud machine-learning platforms.

This repository simply demonstrates the vulnerability on GPU containers created by [`nvidia-container-runtime`](https://github.com/NVIDIA/nvidia-container-runtime).



## How it works

By creating specific character device files an attacker in a GPU container(container created by `nvidia-container-runtime`) is able to get access to all GPU devices on the host. 

It also works on GPU pod created by `k8s-device-plugin` on kubernetes cluster.



## Prerequisite

* Docker 19.03
* `nvidia-container-toolkit`

* NVIDIA Driver 418.87.01 / 450.51.05
* NVIDIA GPU Tesla V100 / TITAN V / Tesla K80

NOTE: only a few test environments included, but refer to [NVIDIA Security Bulletin](https://nvidia.custhelp.com/app/answers/detail/a_id/5142),  this vulnerability works on all GeForce, NVIDIA RTX/Quadro, NVS and Tesla series GPU, and all version drivers.



## QuickStart

See [QuickStart.md](docs/QuickStart.md)



## How to prevent

Recommended

* Refer to the [NVIDIA Security Bulletin](https://nvidia.custhelp.com/app/answers/detail/a_id/5142) or  to update the NVIDIA GPU driver

Or

* Add arg `--cap-drop MKNOD` to the  `docker run` to forbid the `mknod` in containers
* Enable `security context`  in kubernetes clusters when creating a pod



## License

This project is licensed under the MIT License.



## Issues and Contributing

Feel free to submit [Issues](https://github.com/pokerfaceSad/CVE-2021-1056/issues/new) and [Pull Requests](https://github.com/pokerfaceSad/CVE-2021-1056/pulls) if you have any problems.

文件快照


 [4.0K]  /data/pocs/120fad43f48142b5070bb39e8f17f493ae027c66
├── [4.0K]  docs
│   └── [7.3K]  QuickStart.md
├── [1.0K]  LICENSE
├── [1.2K]  main.sh
├── [1.8K]  README.md
├── [3.7K]  tf_distr_demo.py
└── [ 196]  util.sh

1 directory, 6 files

神龙机器人已为您缓存

备注

1. 建议优先通过来源进行访问。

2. 如果因为来源失效或无法访问，请发送邮箱到 f.jinxu#gmail.com 索取本地快照（把 # 换成 @）。

3. 神龙已为您对POC代码进行快照，为了长期维护，请考虑为本地POC付费，感谢您的支持。