CVE-2022-42270 HIGH

CVE-2022-42270

Vendor Nvidia
Product NVIDIA Jetson AGX Xavier Series, Jetson Xavier NX, Jetson AGX Orin Series
Weakness CWE-121
Published December 30, 2022
Last update April 10, 2025

CVSS base score

7.8/10
Attack vector Local
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

NVIDIA distributions of Linux contain a vulnerability in nvdla_emu_task_submit, where unvalidated input may allow a local attacker to cause stack-based buffer overflow in kernel code, which may lead to escalation of privileges, compromised integrity and confidentiality, and denial of service.

Key dates

02Disclosure timeline

December 30, 2022 CVE published
April 10, 2025 Record updated