CVE-2022-28197
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
NVIDIA Jetson Linux Driver Package contains a vulnerability in the Cboot ext4_mount function, where Insufficient validation of untrusted data may allow a highly privileged local attacker to cause an integer overflow. This difficult-to-exploit vulnerability may lead to code execution, escalation of privileges, limited denial of service, and some impact to confidentiality and integrity. The scope of impact can extend to other components.
El paquete de controladores de NVIDIA Jetson para Linux contiene una vulnerabilidad en la función Cboot ext4_mount, en la que una validación insuficiente de los datos no fiables puede permitir a un atacante local con muchos privilegios provocar un desbordamiento de enteros. Esta vulnerabilidad difícil de explotar puede llevar a la ejecución de código, escalada de privilegios, denegación de servicio limitada y algún impacto en la confidencialidad e integridad. El alcance del impacto puede extenderse a otros componentes
CVSS Scores
SSVC
- Decision:-
Timeline
- 2022-03-30 CVE Reserved
- 2022-04-27 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-03 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-190: Integer Overflow or Wraparound
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://nvidia.custhelp.com/app/answers/detail/a_id/5343 | 2022-10-14 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Nvidia Search vendor "Nvidia" | Jetson Linux Search vendor "Nvidia" for product "Jetson Linux" | < 32.7.2 Search vendor "Nvidia" for product "Jetson Linux" and version " < 32.7.2" | - |
Affected
| in | Nvidia Search vendor "Nvidia" | Jetson Agx Xavier Search vendor "Nvidia" for product "Jetson Agx Xavier" | - | - |
Safe
|
| Nvidia Search vendor "Nvidia" | Jetson Linux Search vendor "Nvidia" for product "Jetson Linux" | < 32.7.2 Search vendor "Nvidia" for product "Jetson Linux" and version " < 32.7.2" | - |
Affected
| in | Nvidia Search vendor "Nvidia" | Jetson Xavier Nx Search vendor "Nvidia" for product "Jetson Xavier Nx" | - | - |
Safe
|