CVE-2022-28194

CWE-119Buffer Overflow3 documents3 sources
Severity
5.6MEDIUM
EPSS
0.1%
top 75.84%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Nvidia Jetson Linux
Timeline
PublishedApr 27
Latest updateApr 28

Description

NVIDIA Jetson Linux Driver Package contains a vulnerability in the Cboot module tegrabl_cbo.c, where, if TFTP is enabled, a local attacker with elevated privileges can cause a memory buffer overflow, which may lead to code execution, loss of Integrity, limited denial of service, and some impact to confidentiality.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:LExploitability: 2.5 | Impact: 4.7

Affected Packages1 packages

NVDnvidia/jetson_linux< 32.7.2

🔴Vulnerability Details

2
GHSA
GHSA-ffgj-53w4-8794: NVIDIA Jetson Linux Driver Package contains a vulnerability in the Cboot module tegrabl_cbo2022-04-28
CVEList
CVE-2022-28194: NVIDIA Jetson Linux Driver Package contains a vulnerability in the Cboot module tegrabl_cbo2022-04-27
CVE-2022-28194 (MEDIUM CVSS 5.6) | NVIDIA Jetson Linux Driver Package | cvebase.io