Vulnerabilities (CVE)

Filtered by vendor Nvidia Subscribe
Filtered by product Jetson Linux
Total 45 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-25520 1 Nvidia 5 Jetson Agx Xavier, Jetson Linux, Jetson Tx2 and 2 more 2023-12-10 N/A 5.5 MEDIUM
NVIDIA Jetson Linux Driver Package contains a vulnerability in nvbootctrl, where a privileged local attacker can configure invalid settings, resulting in denial of service.
CVE-2023-25518 1 Nvidia 3 Jetson Agx Xavier, Jetson Linux, Jetson Xavier Nx 2023-12-10 N/A 6.8 MEDIUM
NVIDIA Jetson contains a vulnerability in CBoot, where the PCIe controller is initialized without IOMMU, which may allow an attacker with physical access to the target device to read and write to arbitrary memory. A successful exploit of this vulnerability may lead to code execution, denial of service, information disclosure, and loss of integrity.
CVE-2022-42269 1 Nvidia 14 Jetson Agx Xavier, Jetson Agx Xavier 16gb, Jetson Agx Xavier 32gb and 11 more 2023-12-10 N/A 7.9 HIGH
NVIDIA Trusted OS contains a vulnerability in an SMC call handler, where failure to validate untrusted input may allow a highly privileged local attacker to cause information disclosure and compromise integrity. The scope of the impact can extend to other components.
CVE-2022-42270 1 Nvidia 9 Jetson Agx Xavier, Jetson Agx Xavier 16gb, Jetson Agx Xavier 32gb and 6 more 2023-12-10 N/A 7.8 HIGH
NVIDIA distributions of Linux contain a vulnerability in nvdla_emu_task_submit, where unvalidated input may allow a local attacker to cause stack-based buffer overflow in kernel code, which may lead to escalation of privileges, compromised integrity and confidentiality, and denial of service.
CVE-2022-28197 1 Nvidia 3 Jetson Agx Xavier, Jetson Linux, Jetson Xavier Nx 2023-12-10 4.4 MEDIUM 5.0 MEDIUM
NVIDIA Jetson Linux Driver Package contains a vulnerability in the Cboot ext4_mount function, where Insufficient validation of untrusted data may allow a highly privileged local attacker to cause an integer overflow. This difficult-to-exploit vulnerability may lead to code execution, escalation of privileges, limited denial of service, and some impact to confidentiality and integrity. The scope of impact can extend to other components.
CVE-2022-28194 1 Nvidia 3 Jetson Agx Xavier, Jetson Linux, Jetson Xavier Nx 2023-12-10 4.4 MEDIUM 5.6 MEDIUM
NVIDIA Jetson Linux Driver Package contains a vulnerability in the Cboot module tegrabl_cbo.c, where, if TFTP is enabled, a local attacker with elevated privileges can cause a memory buffer overflow, which may lead to code execution, loss of Integrity, limited denial of service, and some impact to confidentiality.
CVE-2022-28195 1 Nvidia 3 Jetson Agx Xavier, Jetson Linux, Jetson Xavier Nx 2023-12-10 4.6 MEDIUM 5.7 MEDIUM
NVIDIA Jetson Linux Driver Package contains a vulnerability in the Cboot ext4_read_file function, where insufficient validation of untrusted data may allow a highly privileged local attacker to cause a integer overflow, which may lead to code execution, escalation of privileges, limited denial of service, and some impact to confidentiality and integrity. The scope of impact can extend to other components.
CVE-2022-28196 1 Nvidia 5 Jetson Agx Xavier, Jetson Linux, Jetson Tx2 and 2 more 2023-12-10 3.6 LOW 4.6 MEDIUM
NVIDIA Jetson Linux Driver Package contains a vulnerability in the Cboot blob_decompress function, where insufficient validation of untrusted data may allow a local attacker with elevated privileges to cause a memory buffer overflow, which may lead to code execution, limited loss of Integrity, and limited denial of service. The scope of impact can extend to other components.
CVE-2022-21819 1 Nvidia 3 Jetson Linux, Jetson Nano, Jetson Nano 2gb 2023-12-10 4.6 MEDIUM 7.6 HIGH
NVIDIA distributions of Jetson Linux contain a vulnerability where an error in the IOMMU configuration may allow an unprivileged attacker with physical access to the board direct read/write access to the entire system address space through the PCI bus. Such an attack could result in denial of service, code execution, escalation of privileges, and impact to data integrity and confidentiality. The scope impact may extend to other components.
CVE-2022-28193 1 Nvidia 3 Jetson Agx Xavier, Jetson Linux, Jetson Xavier Nx 2023-12-10 4.6 MEDIUM 5.6 MEDIUM
NVIDIA Jetson Linux Driver Package contains a vulnerability in the Cboot module tegrabl_cbo.c, where insufficient validation of untrusted data may allow a local attacker with elevated privileges to cause a memory buffer overflow, which may lead to code execution, loss of integrity, limited denial of service, and some impact to confidentiality.
CVE-2021-1109 1 Nvidia 8 Jetson Agx Xavier, Jetson Linux, Jetson Nano and 5 more 2023-12-10 3.3 LOW 6.3 MEDIUM
NVIDIA camera firmware contains a multistep, timing-related vulnerability where an unauthorized modification by camera resources may result in loss of data integrity or denial of service across several streams.
CVE-2021-34377 1 Nvidia 9 Jetson Agx Xavier 16gb, Jetson Agx Xavier 32gb, Jetson Agx Xavier 8gb and 6 more 2023-12-10 4.6 MEDIUM 6.7 MEDIUM
Trusty contains a vulnerability in the HDCP service TA where bounds checking in command 9 is missing. Improper restriction of operations within the bounds of a memory buffer might lead to escalation of privileges, information disclosure, and denial of service.
CVE-2021-34392 1 Nvidia 2 Jetson Linux, Jetson Tx1 2023-12-10 2.1 LOW 5.5 MEDIUM
Trusty TLK contains a vulnerability in the NVIDIA TLK kernel where an integer overflow in the tz_map_shared_mem function can bypass boundary checks, which might lead to denial of service.
CVE-2021-1110 1 Nvidia 3 Jetson Agx Xavier, Jetson Linux, Jetson Xavier Nx 2023-12-10 6.6 MEDIUM 7.1 HIGH
NVIDIA Linux kernel distributions on Jetson Xavier contain a vulnerability in camera firmware where a user can change input data after validation, which may lead to complete denial of service and serious data corruption of all kernel components.
CVE-2021-1108 1 Nvidia 10 Jetson Agx Xavier, Jetson Linux, Jetson Nano and 7 more 2023-12-10 4.6 MEDIUM 7.3 HIGH
NVIDIA Linux kernel distributions contain a vulnerability in FuSa Capture (VI/ISP), where integer underflow due to lack of input validation may lead to complete denial of service, partial integrity, and serious confidentiality loss for all processes in the system.
CVE-2021-34378 1 Nvidia 9 Jetson Agx Xavier 16gb, Jetson Agx Xavier 32gb, Jetson Agx Xavier 8gb and 6 more 2023-12-10 4.6 MEDIUM 6.7 MEDIUM
Trusty contains a vulnerability in the HDCP service TA where bounds checking in command 11 is missing. Improper restriction of operations within the bounds of a memory buffer might lead to information disclosure, denial of service, or escalation of privileges.
CVE-2021-34382 1 Nvidia 2 Jetson Linux, Jetson Tx1 2023-12-10 4.6 MEDIUM 7.8 HIGH
Trusty TLK contains a vulnerability in the NVIDIA TLK kernel’s tz_map_shared_mem function where an integer overflow on the size parameter causes the request buffer and the logging buffer to overflow, allowing writes to arbitrary addresses within the kernel.
CVE-2021-1112 1 Nvidia 8 Jetson Agx Xavier, Jetson Linux, Jetson Nano and 5 more 2023-12-10 4.9 MEDIUM 5.5 MEDIUM
NVIDIA Linux kernel distributions contain a vulnerability in nvmap, where a null pointer dereference may lead to complete denial of service.
CVE-2021-34384 1 Nvidia 9 Jetson Agx Xavier 16gb, Jetson Agx Xavier 32gb, Jetson Agx Xavier 8gb and 6 more 2023-12-10 4.6 MEDIUM 7.8 HIGH
Bootloader contains a vulnerability in NVIDIA MB2 where a potential heap overflow could cause memory corruption, which might lead to denial of service or code execution.
CVE-2021-34374 1 Nvidia 9 Jetson Agx Xavier 16gb, Jetson Agx Xavier 32gb, Jetson Agx Xavier 8gb and 6 more 2023-12-10 4.6 MEDIUM 6.7 MEDIUM
Trusty contains a vulnerability in command handlers where the length of input buffers is not verified. This vulnerability can cause memory corruption, which may lead to information disclosure, escalation of privileges, and denial of service.