CVE-2024-0112

Summary

NVIDIA Jetson AGX Orin™ and NVIDIA IGX Orin software contain a vulnerability where an attacker can cause an improper input validation issue by escalating certain permissions to a limited degree. A successful exploit of this vulnerability might lead to code execution, denial of service, data corruption, information disclosure, or escalation of privilege.

Affected Software

VendorProductVersion RangeStatus
NVIDIAJetson AGX Orin series (including Jetson Orin NX series, Jetson Orin Nano series)All versions prior to 36.4affected
NVIDIAJetson AGX Orin series (including Jetson Orin NX series, Jetson Orin Nano series)All versions prior to 35.6affected
NVIDIAIGX OrinAll versions prior to IGX 1.1affected

Weaknesses

  • CWE-20: CWE-20 Improper Input Validation

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References