Memory Buffer Overflow Vulnerability in NVIDIA Jetson Linux Driver Package
CVE-2022-28193

5.6MEDIUM

Key Information:

Vendor
Nvidia
Status
Jetson Agx Xavier Series, Jetson Xavier Nx
Vendor
CVE Published:
27 April 2022

Summary

The NVIDIA Jetson Linux Driver Package is affected by a vulnerability in the Cboot module within the tegrabl_cbo.c file, where insufficient validation of untrusted data can lead to a memory buffer overflow. This flaw may allow a local attacker with elevated privileges to execute arbitrary code, potentially compromising system integrity and confidentiality, while also enabling limited denial of service scenarios.

Affected Version(s)

Jetson AGX Xavier series, Jetson Xavier NX All 32.x versions prior to 32.7.2

References

https://nvidia.custhelp.com/app/answers/detail/a_id/5343
x_refsource_MISC

CVSS V3.1

Score:
5.6
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
High
Availability:
Low
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.