CVE-2026-24153

Summary

NVIDIA Jetson Linux has a vulnerability in initrd, where the nvluks trusted application is not disabled. A successful exploit of this vulnerability might lead to information disclosure.

Affected Software

VendorProductVersion RangeStatus
NVIDIAJetson Xavier Series, Jetson Orin Series and Jetson ThorAll versions prior to 35.6.4affected
NVIDIAJetson Xavier Series, Jetson Orin Series and Jetson ThorAll versions prior to 36.5affected
NVIDIAJetson Xavier Series, Jetson Orin Series and Jetson Thor38.2affected

Weaknesses

  • CWE-501: CWE-501 Trust Boundary Violation

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References