8.8

CVE-2024-0108

NVIDIA Jetson Linux contains a vulnerability in NvGPU where error handling paths in GPU MMU mapping code fail to clean up a failed mapping attempt. A successful exploit of this vulnerability may lead to denial of service, code execution, and escalation of privileges.

Data is provided by the National Vulnerability Database (NVD)
NvidiaJetson Linux Version < 32.7.5
   NvidiaJetson Agx Xavier Version-
   NvidiaJetson Agx Xavier 16gb Version-
   NvidiaJetson Agx Xavier 32gb Version-
   NvidiaJetson Agx Xavier 64gb Version-
   NvidiaJetson Agx Xavier 8gb Version-
   NvidiaJetson Agx Xavier Industrial Version-
   NvidiaJetson Nano Version-
   NvidiaJetson Nano Version- Edition-
   NvidiaJetson Nano Version- Editiondeveloper_kit
   NvidiaJetson Nano 2gb Version-
   NvidiaJetson Tx1 Version-
   NvidiaJetson Tx1 L4t Version-
   NvidiaJetson Tx2 Version-
   NvidiaJetson Tx2 4gb Version-
   NvidiaJetson Tx2 Nx Version-
   NvidiaJetson Tx2i Version-
   NvidiaJetson Xavier Nx Version-
   NvidiaJetson Xavier Nx Version- Editiondeveloper_kit
   NvidiaJetson Xavier Nx Version- Editionproduction
   NvidiaJetson Xavier Nx 16gb Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.09% 0.262
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 8.8 2 6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
psirt@nvidia.com 8.7 2 6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L
CWE-755 Improper Handling of Exceptional Conditions

The product does not handle or incorrectly handles an exceptional condition.