CVE-2022-28193

CWE-20Improper Input ValidationCWE-787Out-of-bounds Write3 documents3 sources
Severity
5.6MEDIUM
EPSS
0.2%
top 58.55%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Nvidia Jetson Linux
Timeline
PublishedApr 27
Latest updateApr 28

Description

NVIDIA Jetson Linux Driver Package contains a vulnerability in the Cboot module tegrabl_cbo.c, where insufficient validation of untrusted data may allow a local attacker with elevated privileges to cause a memory buffer overflow, which may lead to code execution, loss of integrity, limited denial of service, and some impact to confidentiality.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:LExploitability: 0.8 | Impact: 4.7

Affected Packages1 packages

NVDnvidia/jetson_linux< 32.7.2

🔴Vulnerability Details

2
GHSA
GHSA-7h4p-w928-hf53: NVIDIA Jetson Linux Driver Package contains a vulnerability in the Cboot module tegrabl_cbo2022-04-28
CVEList
CVE-2022-28193: NVIDIA Jetson Linux Driver Package contains a vulnerability in the Cboot module tegrabl_cbo2022-04-27
CVE-2022-28193 (MEDIUM CVSS 5.6) | NVIDIA Jetson Linux Driver Package | cvebase.io