CVE-2022-21819 HIGH

CVE-2022-21819

Vendor Nvidia
Product Jetson Nano, Jetson Nano 2GB
Weakness CWE-732
Published March 11, 2022
Last update August 3, 2024

CVSS base score

7.6/10
Attack vector Physical
Attack complexity Low
Privileges required None
User interaction None
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

What the vulnerability does

01Description

NVIDIA distributions of Jetson Linux contain a vulnerability where an error in the IOMMU configuration may allow an unprivileged attacker with physical access to the board direct read/write access to the entire system address space through the PCI bus. Such an attack could result in denial of service, code execution, escalation of privileges, and impact to data integrity and confidentiality. The scope impact may extend to other components.

Key dates

02Disclosure timeline

March 11, 2022 CVE published
August 3, 2024 Record updated