First published: Fri Mar 11 2022(Updated: )
NVIDIA distributions of Jetson Linux contain a vulnerability where an error in the IOMMU configuration may allow an unprivileged attacker with physical access to the board direct read/write access to the entire system address space through the PCI bus. Such an attack could result in denial of service, code execution, escalation of privileges, and impact to data integrity and confidentiality. The scope impact may extend to other components.
Credit: psirt@nvidia.com psirt@nvidia.com
Affected Software | Affected Version | How to fix |
---|---|---|
NVIDIA Jetson Linux | >=32.1<32.7.1 | |
Nvidia Jetson Nano | ||
Nvidia Jetson Nano 2gb | ||
All of | ||
NVIDIA Jetson Linux | >=32.1<32.7.1 | |
Any of | ||
Nvidia Jetson Nano | ||
Nvidia Jetson Nano 2gb |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID is CVE-2022-21819.
The severity of CVE-2022-21819 is high with a CVSS score of 7.6.
NVIDIA Jetson Linux versions between 32.1 and 32.7.1 are affected by CVE-2022-21819.
An unprivileged attacker with physical access to the board can exploit CVE-2022-21819 to gain direct read/write access to the entire system address space through the PCI bus.
Upgrade to a version of NVIDIA Jetson Linux that is not affected by CVE-2022-21819.