CVE-2018-6242: Buffer Overflow
First published: Tue Apr 24 2018(Updated: )
Some NVIDIA Tegra mobile processors released prior to 2016 contain a buffer overflow vulnerability in BootROM Recovery Mode (RCM). An attacker with physical access to the device's USB and the ability to force the device to reboot into RCM could exploit the vulnerability to execute unverified code.
Credit: psirt@nvidia.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Nvidia Tegra Bootrom Rcm | ||
| NVIDIA Tegra mobile processor |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2018-6242?
CVE-2018-6242 is classified as a critical vulnerability due to its potential for unauthorized code execution with physical access.
How do I fix CVE-2018-6242?
To mitigate CVE-2018-6242, ensure that your device firmware is updated to the latest version provided by NVIDIA.
Who is affected by CVE-2018-6242?
CVE-2018-6242 affects some NVIDIA Tegra mobile processors released prior to 2016.
Can CVE-2018-6242 be exploited remotely?
No, CVE-2018-6242 requires physical access to the device, making remote exploitation impractical.
What can an attacker achieve by exploiting CVE-2018-6242?
Exploitation of CVE-2018-6242 allows attackers to execute unverified code on the affected NVIDIA Tegra device.
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/last-modified-date
- agent/references
- agent/severity
- agent/author
- agent/description
- agent/first-publish-date
- agent/tags
- agent/event
- agent/source
- vendor/nvidia
- canonical/nvidia tegra bootrom rcm
- canonical/nvidia tegra mobile processor