CVE-2026-24154

CWE-78 — OS Command Injection3 documents3 sources

Severity

6.8MEDIUM

EPSS

0.0%

top 90.73%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Nvidia Jetson Linux

Timeline

PublishedMar 31

Description

NVIDIA Jetson Linux has vulnerability in initrd, where an unprivileged attacker with physical access coul inject incorrect command line arguments. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, denial of service, data tampering, and information disclosure.

CVSS vector

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:HExploitability: 0.9 | Impact: 6.0

Affected Packages1 packages

▶NVDnvidia/jetson_linux36.0 — 36.5+2

🔴Vulnerability Details

CVEList

CVE-2026-24154: NVIDIA Jetson Linux has vulnerability in initrd, where an unprivileged attacker with physical access coul inject incorrect command line arguments↗2026-03-31

▶

GHSA

GHSA-c9hq-mrwx-5whp: NVIDIA Jetson Linux has vulnerability in initrd, where an unprivileged attacker with physical access coul inject incorrect command line arguments↗2026-03-31

▶