CVE-2024-0108 (GCVE-0-2024-0108)
Vulnerability from cvelistv5 – Published: 2024-08-08 16:18 – Updated: 2024-08-09 15:48
VLAI?
Summary
NVIDIA Jetson Linux contains a vulnerability in NvGPU where error handling paths in GPU MMU mapping code fail to clean up a failed mapping attempt. A successful exploit of this vulnerability may lead to denial of service, code execution, and escalation of privileges.
Severity ?
8.7 (High)
CWE
- CWE-755 - Improper Handling of Exceptional Conditions
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| NVIDIA | NVIDIA Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX, Jetson TX1, Jetson Nano series |
Affected:
All versions prior to and including 32.7.4
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:nvidia:jetson_agx_xavier:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "jetson_agx_xavier",
"vendor": "nvidia",
"versions": [
{
"lessThanOrEqual": "32.7.4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "jetson_xavier_nx",
"vendor": "nvidia",
"versions": [
{
"lessThanOrEqual": "32.7.4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:nvidia:jetson_tx2:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "jetson_tx2",
"vendor": "nvidia",
"versions": [
{
"lessThanOrEqual": "32.7.4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:nvidia:jetson_tx2_nx:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "jetson_tx2_nx",
"vendor": "nvidia",
"versions": [
{
"lessThanOrEqual": "32.7.4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:nvidia:jetson_tx1:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "jetson_tx1",
"vendor": "nvidia",
"versions": [
{
"lessThanOrEqual": "32.7.4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:nvidia:jetson_nano:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "jetson_nano",
"vendor": "nvidia",
"versions": [
{
"lessThanOrEqual": "32.7.4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-0108",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-09T15:37:53.668854Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-09T15:48:50.071Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Jetson Linux"
],
"product": "NVIDIA Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX, Jetson TX1, Jetson Nano series",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All versions prior to and including 32.7.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eNVIDIA Jetson Linux contains a vulnerability in NvGPU where error handling paths in GPU MMU mapping code fail to clean up a failed mapping attempt. A successful exploit of this vulnerability may lead to denial of service, code execution, and escalation of privileges.\u003c/span\u003e"
}
],
"value": "NVIDIA Jetson Linux contains a vulnerability in NvGPU where error handling paths in GPU MMU mapping code fail to clean up a failed mapping attempt. A successful exploit of this vulnerability may lead to denial of service, code execution, and escalation of privileges."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Denial of service, code execution, escalation of privileges"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-755",
"description": "CWE-755 Improper Handling of Exceptional Conditions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-08T16:18:27.914Z",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5555"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2024-0108",
"datePublished": "2024-08-08T16:18:27.914Z",
"dateReserved": "2023-12-02T00:42:18.437Z",
"dateUpdated": "2024-08-09T15:48:50.071Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"fkie_nvd": {
"configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:nvidia:jetson_linux:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"32.7.5\", \"matchCriteriaId\": \"C62FF93F-21E6-41E4-A82C-07AC7DC7951E\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:nvidia:jetson_agx_xavier:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5DD3D2AA-2A9F-470D-BB0F-A7B7C2EC2490\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:nvidia:jetson_agx_xavier_16gb:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E0E081CB-B6EC-42DC-BA04-BCA13C17D190\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:nvidia:jetson_agx_xavier_32gb:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4F92D471-8E65-41FC-A5DE-255136F6F989\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:nvidia:jetson_agx_xavier_64gb:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B51F666B-F3ED-4CF3-B48E-B39BDE1C2579\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:nvidia:jetson_agx_xavier_8gb:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E29459F7-997A-4B87-9164-6E3B5158ADC3\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:nvidia:jetson_agx_xavier_industrial:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3C7C6B22-EBD3-4465-9852-4A4844AA714A\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:nvidia:jetson_nano:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2B2B041F-21A8-4F0B-BBAF-7CDD8B911547\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:nvidia:jetson_nano:-:*:-:*:*:*:*:*\", \"matchCriteriaId\": \"9244F123-8518-4D81-AD26-5695F27F413B\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:nvidia:jetson_nano:-:*:developer_kit:*:*:*:*:*\", \"matchCriteriaId\": \"80BF53A0-8FDF-4827-9C00-ED082C4A68C7\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:nvidia:jetson_nano_2gb:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"52E153CA-BE89-4C66-8B72-8901BF592423\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:nvidia:jetson_tx1:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"86D1FDAD-C594-43D9-9BF6-F7461177AB91\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:nvidia:jetson_tx1_l4t:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F08A43AD-CA33-4EA7-9456-C7BDE622FD05\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:nvidia:jetson_tx2:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DE9D4A55-A232-4AF2-B7E9-CD58D7D17479\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:nvidia:jetson_tx2_4gb:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"71994F94-5279-4107-99F5-48990AE0C686\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:nvidia:jetson_tx2_nx:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"64C3FB58-08AA-4FE4-97BE-21B254BA229F\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:nvidia:jetson_tx2i:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5DF55ABB-1B4F-452E-9D84-C01A638F88A0\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B0AA5976-FD71-4A53-BD4F-D342E871FEB0\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:developer_kit:*:*:*:*:*\", \"matchCriteriaId\": \"3E54B955-F0E2-44BD-9B8C-3C788BBCF2A9\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:production:*:*:*:*:*\", \"matchCriteriaId\": \"3E0C93C3-26F6-48E4-BADA-4DB05A7BA9D1\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:nvidia:jetson_xavier_nx_16gb:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A36028A3-EE83-4158-9039-5C6C795FA048\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"NVIDIA Jetson Linux contains a vulnerability in NvGPU where error handling paths in GPU MMU mapping code fail to clean up a failed mapping attempt. A successful exploit of this vulnerability may lead to denial of service, code execution, and escalation of privileges.\"}, {\"lang\": \"es\", \"value\": \"NVIDIA Jetson Linux contiene una vulnerabilidad en NvGPU donde las rutas de manejo de errores en el c\\u00f3digo de mapeo de GPU MMU no logran limpiar un intento fallido de mapeo. Una explotaci\\u00f3n exitosa de esta vulnerabilidad puede provocar denegaci\\u00f3n de servicio, ejecuci\\u00f3n de c\\u00f3digo y escalada de privilegios.\"}]",
"id": "CVE-2024-0108",
"lastModified": "2024-09-16T19:27:19.833",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"psirt@nvidia.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L\", \"baseScore\": 8.7, \"baseSeverity\": \"HIGH\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"LOW\"}, \"exploitabilityScore\": 2.0, \"impactScore\": 6.0}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\", \"baseScore\": 8.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.0, \"impactScore\": 6.0}]}",
"published": "2024-08-08T17:15:18.473",
"references": "[{\"url\": \"https://nvidia.custhelp.com/app/answers/detail/a_id/5555\", \"source\": \"psirt@nvidia.com\", \"tags\": [\"Vendor Advisory\"]}]",
"sourceIdentifier": "psirt@nvidia.com",
"vulnStatus": "Analyzed",
"weaknesses": "[{\"source\": \"psirt@nvidia.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-755\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-755\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2024-0108\",\"sourceIdentifier\":\"psirt@nvidia.com\",\"published\":\"2024-08-08T17:15:18.473\",\"lastModified\":\"2024-09-16T19:27:19.833\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"NVIDIA Jetson Linux contains a vulnerability in NvGPU where error handling paths in GPU MMU mapping code fail to clean up a failed mapping attempt. A successful exploit of this vulnerability may lead to denial of service, code execution, and escalation of privileges.\"},{\"lang\":\"es\",\"value\":\"NVIDIA Jetson Linux contiene una vulnerabilidad en NvGPU donde las rutas de manejo de errores en el c\u00f3digo de mapeo de GPU MMU no logran limpiar un intento fallido de mapeo. Una explotaci\u00f3n exitosa de esta vulnerabilidad puede provocar denegaci\u00f3n de servicio, ejecuci\u00f3n de c\u00f3digo y escalada de privilegios.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"psirt@nvidia.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L\",\"baseScore\":8.7,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":2.0,\"impactScore\":6.0},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.0,\"impactScore\":6.0}]},\"weaknesses\":[{\"source\":\"psirt@nvidia.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-755\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-755\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:nvidia:jetson_linux:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"32.7.5\",\"matchCriteriaId\":\"C62FF93F-21E6-41E4-A82C-07AC7DC7951E\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:nvidia:jetson_agx_xavier:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5DD3D2AA-2A9F-470D-BB0F-A7B7C2EC2490\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:nvidia:jetson_agx_xavier_16gb:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E0E081CB-B6EC-42DC-BA04-BCA13C17D190\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:nvidia:jetson_agx_xavier_32gb:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4F92D471-8E65-41FC-A5DE-255136F6F989\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:nvidia:jetson_agx_xavier_64gb:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B51F666B-F3ED-4CF3-B48E-B39BDE1C2579\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:nvidia:jetson_agx_xavier_8gb:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E29459F7-997A-4B87-9164-6E3B5158ADC3\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:nvidia:jetson_agx_xavier_industrial:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3C7C6B22-EBD3-4465-9852-4A4844AA714A\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:nvidia:jetson_nano:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2B2B041F-21A8-4F0B-BBAF-7CDD8B911547\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:nvidia:jetson_nano:-:*:-:*:*:*:*:*\",\"matchCriteriaId\":\"9244F123-8518-4D81-AD26-5695F27F413B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:nvidia:jetson_nano:-:*:developer_kit:*:*:*:*:*\",\"matchCriteriaId\":\"80BF53A0-8FDF-4827-9C00-ED082C4A68C7\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:nvidia:jetson_nano_2gb:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"52E153CA-BE89-4C66-8B72-8901BF592423\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:nvidia:jetson_tx1:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"86D1FDAD-C594-43D9-9BF6-F7461177AB91\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:nvidia:jetson_tx1_l4t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F08A43AD-CA33-4EA7-9456-C7BDE622FD05\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:nvidia:jetson_tx2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DE9D4A55-A232-4AF2-B7E9-CD58D7D17479\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:nvidia:jetson_tx2_4gb:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"71994F94-5279-4107-99F5-48990AE0C686\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:nvidia:jetson_tx2_nx:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"64C3FB58-08AA-4FE4-97BE-21B254BA229F\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:nvidia:jetson_tx2i:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5DF55ABB-1B4F-452E-9D84-C01A638F88A0\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B0AA5976-FD71-4A53-BD4F-D342E871FEB0\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:developer_kit:*:*:*:*:*\",\"matchCriteriaId\":\"3E54B955-F0E2-44BD-9B8C-3C788BBCF2A9\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:production:*:*:*:*:*\",\"matchCriteriaId\":\"3E0C93C3-26F6-48E4-BADA-4DB05A7BA9D1\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:nvidia:jetson_xavier_nx_16gb:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A36028A3-EE83-4158-9039-5C6C795FA048\"}]}]}],\"references\":[{\"url\":\"https://nvidia.custhelp.com/app/answers/detail/a_id/5555\",\"source\":\"psirt@nvidia.com\",\"tags\":[\"Vendor Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-0108\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-08-09T15:37:53.668854Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:nvidia:jetson_agx_xavier:*:*:*:*:*:*:*:*\"], \"vendor\": \"nvidia\", \"product\": \"jetson_agx_xavier\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"32.7.4\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:*:*:*:*:*:*\"], \"vendor\": \"nvidia\", \"product\": \"jetson_xavier_nx\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"32.7.4\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:h:nvidia:jetson_tx2:-:*:*:*:*:*:*:*\"], \"vendor\": \"nvidia\", \"product\": \"jetson_tx2\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"32.7.4\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:h:nvidia:jetson_tx2_nx:-:*:*:*:*:*:*:*\"], \"vendor\": \"nvidia\", \"product\": \"jetson_tx2_nx\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"32.7.4\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:h:nvidia:jetson_tx1:-:*:*:*:*:*:*:*\"], \"vendor\": \"nvidia\", \"product\": \"jetson_tx1\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"32.7.4\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:h:nvidia:jetson_nano:-:*:*:*:*:*:*:*\"], \"vendor\": \"nvidia\", \"product\": \"jetson_nano\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"32.7.4\"}], \"defaultStatus\": \"unknown\"}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-08-09T15:42:03.427Z\"}}], \"cna\": {\"source\": {\"discovery\": \"UNKNOWN\"}, \"impacts\": [{\"descriptions\": [{\"lang\": \"en\", \"value\": \"Denial of service, code execution, escalation of privileges\"}]}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 8.7, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"LOW\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"HIGH\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"NVIDIA\", \"product\": \"NVIDIA Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX, Jetson TX1, Jetson Nano series\", \"versions\": [{\"status\": \"affected\", \"version\": \"All versions prior to and including 32.7.4\"}], \"platforms\": [\"Jetson Linux\"], \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://nvidia.custhelp.com/app/answers/detail/a_id/5555\"}], \"x_generator\": {\"engine\": \"Vulnogram 0.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"NVIDIA Jetson Linux contains a vulnerability in NvGPU where error handling paths in GPU MMU mapping code fail to clean up a failed mapping attempt. A successful exploit of this vulnerability may lead to denial of service, code execution, and escalation of privileges.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cspan style=\\\"background-color: rgb(255, 255, 255);\\\"\u003eNVIDIA Jetson Linux contains a vulnerability in NvGPU where error handling paths in GPU MMU mapping code fail to clean up a failed mapping attempt. A successful exploit of this vulnerability may lead to denial of service, code execution, and escalation of privileges.\u003c/span\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-755\", \"description\": \"CWE-755 Improper Handling of Exceptional Conditions\"}]}], \"providerMetadata\": {\"orgId\": \"9576f279-3576-44b5-a4af-b9a8644b2de6\", \"shortName\": \"nvidia\", \"dateUpdated\": \"2024-08-08T16:18:27.914Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2024-0108\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-08-09T15:48:50.071Z\", \"dateReserved\": \"2023-12-02T00:42:18.437Z\", \"assignerOrgId\": \"9576f279-3576-44b5-a4af-b9a8644b2de6\", \"datePublished\": \"2024-08-08T16:18:27.914Z\", \"assignerShortName\": \"nvidia\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…