NVIDIA Jetson Linux Vulnerability Allows Denial of Service, Code Execution, and Privilege Escalation

CVE-2024-0108

8.8HIGH

Key Information

Vendor: Nvidia
Status: Nvidia Jetson Agx Xavier Series, Jetson Xavier Nx, Jetson Tx2 Series, Jetson Tx2 Nx, Jetson Tx1, Jetson Nano Series
Vendor: CVE Published:; 8 August 2024

Summary

NVIDIA Jetson Linux contains a vulnerability in NvGPU where error handling paths in GPU MMU mapping code fail to clean up a failed mapping attempt. A successful exploit of this vulnerability may lead to denial of service, code execution, and escalation of privileges.

Affected Version(s)

NVIDIA Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX, Jetson TX1, Jetson Nano series = All versions prior to and including 32.7.4

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published.
Aug 8, 2024
Vulnerability Reserved.
Dec 2, 2023

Collectors

NVD DatabaseMitre Database