Vulnerabilities > CVE-2022-42270 - Out-of-bounds Write vulnerability in Nvidia Jetson Linux

CVSS 7.8 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

nvidia

CWE-787

NVD

Published: 2022-12-30

Updated: 2023-11-07

Summary

NVIDIA distributions of Linux contain a vulnerability in nvdla_emu_task_submit, where unvalidated input may allow a local attacker to cause stack-based buffer overflow in kernel code, which may lead to escalation of privileges, compromised integrity and confidentiality, and denial of service.

Vulnerable Configurations

Part	Description	Count
OS	Nvidia Nvidia Jetson Linux - Nvidia Jetson Linux 16.5 Nvidia Jetson Linux 19.3 Nvidia Jetson Linux 21.1 Nvidia Jetson Linux 21.2 Nvidia Jetson Linux 21.3 Nvidia Jetson Linux 21.4 Nvidia Jetson Linux 21.5 Nvidia Jetson Linux 21.6 Nvidia Jetson Linux 21.7 Nvidia Jetson Linux 21.8 Nvidia Jetson Linux 23.1 Nvidia Jetson Linux 23.2 Nvidia Jetson Linux 24.1 Nvidia Jetson Linux 24.2 Nvidia Jetson Linux 24.2.1 Nvidia Jetson Linux 24.2.2 Nvidia Jetson Linux 24.2.3 Nvidia Jetson Linux 27.1 Nvidia Jetson Linux 28.1 Nvidia Jetson Linux 28.2 Nvidia Jetson Linux 28.2.1 Nvidia Jetson Linux 28.3 Nvidia Jetson Linux 28.3.1 Nvidia Jetson Linux 28.3.2 Nvidia Jetson Linux 28.4 Nvidia Jetson Linux 28.5 Nvidia Jetson Linux 31.1 Nvidia Jetson Linux 32.1 Nvidia Jetson Linux 32.2 Nvidia Jetson Linux 32.2.1 Nvidia Jetson Linux 32.2.3 Nvidia Jetson Linux 32.3.1 Nvidia Jetson Linux 32.4.2 Nvidia Jetson Linux 32.4.3 Nvidia Jetson Linux 32.4.4 Nvidia Jetson Linux 32.5 Nvidia Jetson Linux 32.5.1 Nvidia Jetson Linux 32.5.2 Nvidia Jetson Linux 32.6.1 Nvidia Jetson Linux 32.7.1	41
Hardware	Nvidia Nvidia Jetson AGX Xavier - Nvidia Jetson AGX Xavier 16Gb - Nvidia Jetson AGX Xavier 32Gb - Nvidia Jetson AGX Xavier 64Gb - Nvidia Jetson AGX Xavier 8GB - Nvidia Jetson AGX Xavier Industrial - Nvidia Jetson Xavier NX - Nvidia Jetson Xavier NX 16Gb -	8

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

References

https://nvidia.custhelp.com/app/answers/detail/a_id/5417