CVE-2022-42269Improper Input Validation in Nvidia Jetson Linux

CWE-20Improper Input Validation3 documents3 sources
Severity
7.9HIGHNVD
EPSS
0.1%
top 81.83%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Nvidia Jetson Linux
Timeline
PublishedDec 30
Latest updateDec 31

Description

NVIDIA Trusted OS contains a vulnerability in an SMC call handler, where failure to validate untrusted input may allow a highly privileged local attacker to cause information disclosure and compromise integrity. The scope of the impact can extend to other components.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:NExploitability: 1.5 | Impact: 5.8

Affected Packages1 packages

NVDnvidia/jetson_linux< 32.7.2

🔴Vulnerability Details

2
GHSA
GHSA-qj7h-m22c-qjq4: NVIDIA Trusted OS contains a vulnerability in an SMC call handler, where failure to validate untrusted input may allow a highly privileged local attac2022-12-31
CVEList
CVE-2022-42269: NVIDIA Trusted OS contains a vulnerability in an SMC call handler, where failure to validate untrusted input may allow a highly privileged local attac2022-12-30
CVE-2022-42269 — Improper Input Validation in Nvidia | cvebase