R24.2.2

CVSS 7.1 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

NONE

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

nvidia

NVD

Published: 2021-01-26

Updated: 2021-02-04

Summary

NVIDIA Jetson AGX Xavier Series, Jetson Xavier NX, TX1, TX2, Nano and Nano 2GB, L4T versions prior to 32.5, contains a vulnerability in the apply_binaries.sh script used to install NVIDIA components into the root file system image, in which improper access control is applied, which may lead to an unprivileged user being able to modify system device tree files, leading to denial of service.

Vulnerable Configurations

Part	Description	Count
OS	Nvidia Nvidia Linux FOR Tegra - Nvidia Linux FOR Tegra R21.6 Nvidia Linux FOR Tegra R24.2.2	3
Hardware	Nvidia Nvidia Jetson AGX Xavier - Nvidia Jetson Nano - Nvidia Jetson Nano 2GB - Nvidia Jetson TX1 - Nvidia Jetson TX2 - Nvidia Jetson Xavier NX -	6

References

https://nvidia.custhelp.com/app/answers/detail/a_id/5147