Nvidia Jetson Tx2 vulnerabilities

CVE-2018-6269 [HIGH] CWE-732 CVE-2018-6269: NVIDIA Jetson TX2 contains a vulnerability in the kernel driver where input/output control (IOCTL) h NVIDIA Jetson TX2 contains a vulnerability in the kernel driver where input/output control (IOCTL) handling for user mode requests could create a non-trusted pointer dereference, which may lead to information disclosure, denial of service, escalation of privileges, or code execution. The updates apply to all versions prior to R28.3.

CVE-2018-6239 [MEDIUM] CWE-200 CVE-2018-6239: NVIDIA Jetson TX2 contains a vulnerability by means of speculative execution where local and unprivi NVIDIA Jetson TX2 contains a vulnerability by means of speculative execution where local and unprivileged code may access the contents of cached information in an unauthorized manner, which may lead to information disclosure. The updates apply to all versions prior to R28.3.

CVE-2019-5672 [CRITICAL] CWE-320 CVE-2019-5672: NVIDIA Jetson TX1 and TX2 contain a vulnerability in the Linux for Tegra (L4T) operating system (on NVIDIA Jetson TX1 and TX2 contain a vulnerability in the Linux for Tegra (L4T) operating system (on all versions prior to R28.3) where the Secure Shell (SSH) keys provided in the sample rootfs are not replaced by unique host keys after sample rootsfs generation and flashing, which may lead to information disclosure.

CVE-2019-5673 [MEDIUM] CWE-754 CVE-2019-5673: NVIDIA Jetson TX2 contains a vulnerability in the kernel driver (on all versions prior to R28.3) whe NVIDIA Jetson TX2 contains a vulnerability in the kernel driver (on all versions prior to R28.3) where the ARM System Memory Management Unit (SMMU) improperly checks for a fault condition, causing transactions to be discarded, which may lead to denial of service.

CVE-2018-3639 [MEDIUM] CWE-203 CVE-2018-3639: Systems with microprocessors utilizing speculative execution and speculative execution of memory rea Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4.