All the vulnerabilites related to nvidia - jetson_tx1_l4t
cve-2024-0108
Vulnerability from cvelistv5
Published
2024-08-08 16:18
Modified
2024-08-09 15:48
Severity ?
EPSS score ?
Summary
NVIDIA Jetson Linux contains a vulnerability in NvGPU where error handling paths in GPU MMU mapping code fail to clean up a failed mapping attempt. A successful exploit of this vulnerability may lead to denial of service, code execution, and escalation of privileges.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | NVIDIA | NVIDIA Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX, Jetson TX1, Jetson Nano series |
Version: All versions prior to and including 32.7.4 |
|
|
|||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:nvidia:jetson_agx_xavier:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "jetson_agx_xavier",
"vendor": "nvidia",
"versions": [
{
"lessThanOrEqual": "32.7.4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "jetson_xavier_nx",
"vendor": "nvidia",
"versions": [
{
"lessThanOrEqual": "32.7.4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:nvidia:jetson_tx2:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "jetson_tx2",
"vendor": "nvidia",
"versions": [
{
"lessThanOrEqual": "32.7.4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:nvidia:jetson_tx2_nx:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "jetson_tx2_nx",
"vendor": "nvidia",
"versions": [
{
"lessThanOrEqual": "32.7.4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:nvidia:jetson_tx1:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "jetson_tx1",
"vendor": "nvidia",
"versions": [
{
"lessThanOrEqual": "32.7.4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:nvidia:jetson_nano:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "jetson_nano",
"vendor": "nvidia",
"versions": [
{
"lessThanOrEqual": "32.7.4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-0108",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-09T15:37:53.668854Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-09T15:48:50.071Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Jetson Linux"
],
"product": "NVIDIA Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX, Jetson TX1, Jetson Nano series",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All versions prior to and including 32.7.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eNVIDIA Jetson Linux contains a vulnerability in NvGPU where error handling paths in GPU MMU mapping code fail to clean up a failed mapping attempt. A successful exploit of this vulnerability may lead to denial of service, code execution, and escalation of privileges.\u003c/span\u003e"
}
],
"value": "NVIDIA Jetson Linux contains a vulnerability in NvGPU where error handling paths in GPU MMU mapping code fail to clean up a failed mapping attempt. A successful exploit of this vulnerability may lead to denial of service, code execution, and escalation of privileges."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Denial of service, code execution, escalation of privileges"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-755",
"description": "CWE-755 Improper Handling of Exceptional Conditions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-08T16:18:27.914Z",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5555"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2024-0108",
"datePublished": "2024-08-08T16:18:27.914Z",
"dateReserved": "2023-12-02T00:42:18.437Z",
"dateUpdated": "2024-08-09T15:48:50.071Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2024-08-08 17:15
Modified
2024-09-16 19:27
Severity ?
8.7 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L
8.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Summary
NVIDIA Jetson Linux contains a vulnerability in NvGPU where error handling paths in GPU MMU mapping code fail to clean up a failed mapping attempt. A successful exploit of this vulnerability may lead to denial of service, code execution, and escalation of privileges.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@nvidia.com | https://nvidia.custhelp.com/app/answers/detail/a_id/5555 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nvidia:jetson_linux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C62FF93F-21E6-41E4-A82C-07AC7DC7951E",
"versionEndExcluding": "32.7.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nvidia:jetson_agx_xavier:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5DD3D2AA-2A9F-470D-BB0F-A7B7C2EC2490",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_agx_xavier_16gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0E081CB-B6EC-42DC-BA04-BCA13C17D190",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_agx_xavier_32gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F92D471-8E65-41FC-A5DE-255136F6F989",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_agx_xavier_64gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B51F666B-F3ED-4CF3-B48E-B39BDE1C2579",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_agx_xavier_8gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E29459F7-997A-4B87-9164-6E3B5158ADC3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_agx_xavier_industrial:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3C7C6B22-EBD3-4465-9852-4A4844AA714A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_nano:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B2B041F-21A8-4F0B-BBAF-7CDD8B911547",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_nano:-:*:-:*:*:*:*:*",
"matchCriteriaId": "9244F123-8518-4D81-AD26-5695F27F413B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_nano:-:*:developer_kit:*:*:*:*:*",
"matchCriteriaId": "80BF53A0-8FDF-4827-9C00-ED082C4A68C7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_nano_2gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "52E153CA-BE89-4C66-8B72-8901BF592423",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "86D1FDAD-C594-43D9-9BF6-F7461177AB91",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx1_l4t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F08A43AD-CA33-4EA7-9456-C7BDE622FD05",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE9D4A55-A232-4AF2-B7E9-CD58D7D17479",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2_4gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "71994F94-5279-4107-99F5-48990AE0C686",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2_nx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64C3FB58-08AA-4FE4-97BE-21B254BA229F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5DF55ABB-1B4F-452E-9D84-C01A638F88A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0AA5976-FD71-4A53-BD4F-D342E871FEB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:developer_kit:*:*:*:*:*",
"matchCriteriaId": "3E54B955-F0E2-44BD-9B8C-3C788BBCF2A9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:production:*:*:*:*:*",
"matchCriteriaId": "3E0C93C3-26F6-48E4-BADA-4DB05A7BA9D1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_xavier_nx_16gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A36028A3-EE83-4158-9039-5C6C795FA048",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "NVIDIA Jetson Linux contains a vulnerability in NvGPU where error handling paths in GPU MMU mapping code fail to clean up a failed mapping attempt. A successful exploit of this vulnerability may lead to denial of service, code execution, and escalation of privileges."
},
{
"lang": "es",
"value": "NVIDIA Jetson Linux contiene una vulnerabilidad en NvGPU donde las rutas de manejo de errores en el c\u00f3digo de mapeo de GPU MMU no logran limpiar un intento fallido de mapeo. Una explotaci\u00f3n exitosa de esta vulnerabilidad puede provocar denegaci\u00f3n de servicio, ejecuci\u00f3n de c\u00f3digo y escalada de privilegios."
}
],
"id": "CVE-2024-0108",
"lastModified": "2024-09-16T19:27:19.833",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.0,
"impactScore": 6.0,
"source": "psirt@nvidia.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.0,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-08-08T17:15:18.473",
"references": [
{
"source": "psirt@nvidia.com",
"tags": [
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5555"
}
],
"sourceIdentifier": "psirt@nvidia.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-755"
}
],
"source": "psirt@nvidia.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-755"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}