CVE-2026-24148

CWE-11883 documents3 sources
Severity
9.4CRITICAL
EPSS
0.0%
top 88.29%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Nvidia Jetson LinuxNvidia Jetson Xavier Series AND Jetson Orin Series
Timeline
PublishedMar 31

Description

NVIDIA Jetson for JetPack contains a vulnerability in the system initialization logic, where an unprivileged attacker could cause the initialization of a resource with an insecure default. A successful exploit of this vulnerability might lead to information disclosure of encrypted data, data tampering, and partial denial of service across devices sharing the same machine ID.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:LExploitability: 2.8 | Impact: 5.5

Affected Packages2 packages

NVDnvidia/jetson_linux36.036.5+1
CVEListV5nvidia/jetson_xavier_series_and_jetson_orin_seriesAll versions prior to 35.6.4, All versions prior to 36.5+1

🔴Vulnerability Details

2
GHSA
GHSA-76h5-vm7x-9f4c: NVIDIA Jetson for JetPack contains a vulnerability in the system initialization logic, where an unprivileged attacker could cause the initialization o2026-03-31
CVEList
CVE-2026-24148: NVIDIA Jetson for JetPack contains a vulnerability in the system initialization logic, where an unprivileged attacker could cause the initialization o2026-03-31
CVE-2026-24148 (CRITICAL CVSS 9.4) | NVIDIA Jetson for JetPack contains | cvebase.io