Improper Input Validation in NVIDIA Jetson AGX Orin and IGX Orin Software
CVE-2024-0112

7.5HIGH

Key Information:

Vendor: Nvidia
Status: Jetson Agx Orin Series (including Jetson Orin Nx Series, Jetson Orin Nano Series); Igx Orin
Vendor: CVE Published:; 12 February 2025

Summary

NVIDIA Jetson AGX Orin and NVIDIA IGX Orin software are susceptible to a vulnerability that arises from improper input validation. Attackers may exploit this flaw to escalate permissions to a limited extent, leading to potential consequences such as unauthorized code execution, service interruptions, data corruption, and unauthorized data access. Organizations utilizing these systems should remain vigilant and implement appropriate security measures to mitigate risks associated with this vulnerability.

Affected Version(s)

IGX Orin IGX OS All versions prior to IGX 1.1

Jetson AGX Orin series (including Jetson Orin NX series, Jetson Orin Nano series) Jetson Linux All versions prior to 36.4

Jetson AGX Orin series (including Jetson Orin NX series, Jetson Orin Nano series) Jetson Linux All versions prior to 35.6

References

https://nvidia.custhelp.com/app/answers/detail/a_id/5611

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

High

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published
Feb 12, 2025