CVE-2022-42269

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2022-42269
NVIDIA Trusted OS contains a vulnerability in an SMC call handler, where failure to validate untrusted input may allow a highly privileged local attacker to cause information disclosure and compromise integrity. The scope of the impact can extend to other components.

7.9 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 1.5 / Impact : 5.8

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact NONE

Scope CHANGED

References
Link Resource
https://nvidia.custhelp.com/app/answers/detail/a_id/5417 Vendor Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:nvidia:jetson_linux:*:*:*:*:*:*:*:*
OR cpe:2.3:h:nvidia:jetson_agx_xavier:-:*:*:*:*:*:*:*
cpe:2.3:h:nvidia:jetson_agx_xavier_16gb:-:*:*:*:*:*:*:*
cpe:2.3:h:nvidia:jetson_agx_xavier_32gb:-:*:*:*:*:*:*:*
cpe:2.3:h:nvidia:jetson_agx_xavier_64gb:-:*:*:*:*:*:*:*
cpe:2.3:h:nvidia:jetson_agx_xavier_8gb:-:*:*:*:*:*:*:*
cpe:2.3:h:nvidia:jetson_agx_xavier_industrial:-:*:*:*:*:*:*:*
cpe:2.3:h:nvidia:jetson_tx1:-:*:*:*:*:*:*:*
cpe:2.3:h:nvidia:jetson_tx2:-:*:*:*:*:*:*:*
cpe:2.3:h:nvidia:jetson_tx2_4gb:-:*:*:*:*:*:*:*
cpe:2.3:h:nvidia:jetson_tx2_nx:-:*:*:*:*:*:*:*
cpe:2.3:h:nvidia:jetson_tx2i:-:*:*:*:*:*:*:*
cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:*:*:*:*:*:*
cpe:2.3:h:nvidia:jetson_xavier_nx_16gb:-:*:*:*:*:*:*:*
History

09 Jan 2023, 19:54

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 7.9
First Time Nvidia
Nvidia jetson Tx2 Nx
Nvidia jetson Linux
Nvidia jetson Agx Xavier 16gb
Nvidia jetson Agx Xavier
Nvidia jetson Xavier Nx 16gb
Nvidia jetson Agx Xavier 64gb
Nvidia jetson Tx2 4gb
Nvidia jetson Tx2i
Nvidia jetson Agx Xavier Industrial
Nvidia jetson Xavier Nx
Nvidia jetson Agx Xavier 32gb
Nvidia jetson Tx1
Nvidia jetson Agx Xavier 8gb
Nvidia jetson Tx2
CWE CWE-20
CPE cpe:2.3:h:nvidia:jetson_agx_xavier_8gb:-:*:*:*:*:*:*:*
cpe:2.3:h:nvidia:jetson_agx_xavier_32gb:-:*:*:*:*:*:*:*
cpe:2.3:o:nvidia:jetson_linux:*:*:*:*:*:*:*:*
cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:*:*:*:*:*:*
cpe:2.3:h:nvidia:jetson_xavier_nx_16gb:-:*:*:*:*:*:*:*
cpe:2.3:h:nvidia:jetson_agx_xavier_16gb:-:*:*:*:*:*:*:*
cpe:2.3:h:nvidia:jetson_tx2_4gb:-:*:*:*:*:*:*:*
cpe:2.3:h:nvidia:jetson_tx1:-:*:*:*:*:*:*:*
cpe:2.3:h:nvidia:jetson_agx_xavier:-:*:*:*:*:*:*:*
cpe:2.3:h:nvidia:jetson_tx2_nx:-:*:*:*:*:*:*:*
cpe:2.3:h:nvidia:jetson_tx2i:-:*:*:*:*:*:*:*
cpe:2.3:h:nvidia:jetson_agx_xavier_64gb:-:*:*:*:*:*:*:*
cpe:2.3:h:nvidia:jetson_agx_xavier_industrial:-:*:*:*:*:*:*:*
cpe:2.3:h:nvidia:jetson_tx2:-:*:*:*:*:*:*:*
References (MISC) https://nvidia.custhelp.com/app/answers/detail/a_id/5417 - (MISC) https://nvidia.custhelp.com/app/answers/detail/a_id/5417 - Vendor Advisory

30 Dec 2022, 23:15

Type Values Removed Values Added
New CVE
Information

Published : 2022-12-30 23:15

Updated : 2023-12-10 14:48

NVD link : CVE-2022-42269

Mitre link : CVE-2022-42269

CVE.ORG link : CVE-2022-42269

JSON object : View

Products Affected

nvidia

  • jetson_tx2
  • jetson_agx_xavier_32gb
  • jetson_xavier_nx
  • jetson_agx_xavier_industrial
  • jetson_tx1
  • jetson_tx2_4gb
  • jetson_agx_xavier_16gb
  • jetson_agx_xavier
  • jetson_agx_xavier_64gb
  • jetson_tx2i
  • jetson_xavier_nx_16gb
  • jetson_agx_xavier_8gb
  • jetson_linux
  • jetson_tx2_nx
CWE
CWE-20

Improper Input Validation