CVE-2025-23269

Summary

NVIDIA Jetson Linux contains a vulnerability in the kernel where an attacker may cause an exposure of sensitive information due to a shared microarchitectural predictor state that influences transient execution. A successful exploit of this vulnerability may lead to information disclosure.

Affected Software

VendorProductVersion RangeStatus
NVIDIAJetson Orin and Xavier DevicesNVIDIA Jetson Orin Series All versions prior to JP5.x: 35.6.2affected
NVIDIAJetson Orin and Xavier DevicesNVIDIA Jetson Orin Series All versions prior to JP6.x: 36.4.4affected
NVIDIAJetson Orin and Xavier DevicesNVIDIA Xavier Series All versions prior to JP5.x: 35.6.2affected

Weaknesses

  • CWE-1423: CWE-1423: Exposure of Sensitive Information caused by Shared Microarchitectural Predictor State that Influences Transient Execution

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References