First published: Wed Apr 27 2022(Updated: )
NVIDIA Jetson Linux Driver Package contains a vulnerability in the Cboot module tegrabl_cbo.c, where insufficient validation of untrusted data may allow a local attacker with elevated privileges to cause a memory buffer overflow, which may lead to code execution, loss of integrity, limited denial of service, and some impact to confidentiality.
Credit: psirt@nvidia.com
Affected Software | Affected Version | How to fix |
---|---|---|
NVIDIA Jetson Linux | <32.7.2 | |
NVIDIA Jetson AGX Xavier | ||
Nvidia Jetson Xavier Nx |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this security issue is CVE-2022-28193.
The title of this vulnerability is 'NVIDIA Jetson Linux Driver Package contains a vulnerability in the Cboot module tegrabl_cbo.c.'
The affected software is NVIDIA Jetson Linux Driver Package versions up to and excluding 32.7.2.
The severity of CVE-2022-28193 is medium (CVSS score of 5.6).
This vulnerability can be exploited by a local attacker with elevated privileges who can cause a memory buffer overflow, leading to code execution, loss of integrity, and limited denial of service.