trivy image scan lists critical, high and medium vulnerabilities against latest images used in GPU-Operator V25.3.2 #1597
Description
Description
After upgrading to NVIDIA GPU Operator v25.3.2, the bundled nvcr.io/nvidia/k8s-device-plugin:v0.17.2-ubi9 image has multiple security vulnerabilities in critical system libraries.
Vulnerabilities
-
glib2
CVE: CVE-2024-52533
Severity: Medium
Installed version: 2.68.4-14.el9_4.1
Fixed version: 2.68.4-16.el9_6.2
Description: Buffer overflow in set_connect_msg() -
glibc
CVE: CVE-2025-4802
Severity: Medium
Installed version: 2.34-125.el9_5.8
Fixed version: 2.34-168.el9_6.19
Description: Static setuid binary dlopen may incorrectly search LD_LIBRARY_PATH -
libxml2
a) CVE-2025-49794
Severity: High
Installed version: 2.9.13-6.el9_5.2
Fixed version: 2.9.13-10.el9_6
Description: Heap use-after-free (UAF) leads to Denial of Service (DoS)
Reference: https://avd.aquasec.com/nvd/cve-2025-49794
b) CVE-2025-49796
Installed version: same as above
Fixed version: same as above
Description: Type confusion leads to Denial of Service (DoS)
c) CVE-2025-6021
Installed version: 2.9.13-6.el9_5.2
Fixed version: 2.9.13-10.el9_6
Description: Integer overflow in xmlBuildQName() leads to stack buffer overflow
Steps to Reproduce
- docker pull nvcr.io/nvidia/k8s-device-plugin:v0.17.2-ubi9
- Scan the image using your preferred scanner (Trivy).
- Observe reported vulnerabilities for glib2, glibc, and libxml2.
Expected Behavior
The image should be rebuilt with:
glib2 ≥ 2.68.4-16.el9_6.2
glibc ≥ 2.34-168.el9_6.19
libxml2 ≥ 2.9.13-10.el9_6 (which includes patches for CVE-2025-49794 / 49796 / 6021)
Actual Behavior
The image is currently built with:
glib2 2.68.4-14.el9_4.1 (vulnerable)
glibc 2.34-125.el9_5.8 (vulnerable)
libxml2 2.9.13-6.el9_5.2 (vulnerable)