Описание
NVIDIA distributions of Linux contain a vulnerability in nvdla_emu_task_submit, where unvalidated input may allow a local attacker to cause stack-based buffer overflow in kernel code, which may lead to escalation of privileges, compromised integrity and confidentiality, and denial of service.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 32.7.2 (исключая)
Одновременно
cpe:2.3:o:nvidia:jetson_linux:*:*:*:*:*:*:*:*
Одно из
cpe:2.3:h:nvidia:jetson_agx_xavier:-:*:*:*:*:*:*:*
cpe:2.3:h:nvidia:jetson_agx_xavier_16gb:-:*:*:*:*:*:*:*
cpe:2.3:h:nvidia:jetson_agx_xavier_32gb:-:*:*:*:*:*:*:*
cpe:2.3:h:nvidia:jetson_agx_xavier_64gb:-:*:*:*:*:*:*:*
cpe:2.3:h:nvidia:jetson_agx_xavier_8gb:-:*:*:*:*:*:*:*
cpe:2.3:h:nvidia:jetson_agx_xavier_industrial:-:*:*:*:*:*:*:*
cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:*:*:*:*:*:*
cpe:2.3:h:nvidia:jetson_xavier_nx_16gb:-:*:*:*:*:*:*:*
EPSS
Процентиль: 20%
0.00062
Низкий
7.8 High
CVSS3
Дефекты
CWE-121
CWE-787
Связанные уязвимости
CVSS3: 7.8
github
больше 2 лет назад
NVIDIA distributions of Linux contain a vulnerability in nvdla_emu_task_submit, where unvalidated input may allow a local attacker to cause stack-based buffer overflow in kernel code, which may lead to escalation of privileges, compromised integrity and confidentiality, and denial of service.
EPSS
Процентиль: 20%
0.00062
Низкий
7.8 High
CVSS3
Дефекты
CWE-121
CWE-787