Security Bulletin: NVIDIA Jetson TX1 and Jetson Nano L4T - July 2019

NVIDIA has released software security updates for NVIDIA® Jetson™ TX1 and Jetson™ Nano in the NVIDIA® Tegra® Linux Driver Package (L4T). The update addresses issues that may lead to code execution, denial of service, or escalation of privileges. To protect your system, download available updates from NVIDIA DevZone. Go to NVIDIA Product Security.

Details

This section summarizes the potential impact that this security update addresses. Descriptions use CWE™, and base scores and vectors use CVSS V3 standards.

The NVIDIA risk assessment is based on an average of risk across a diverse set of installed systems and may not represent the true risk of your local installation. NVIDIA recommends consulting a security or IT professional to evaluate the risk to your specific configuration.

Security Updates

The following table lists the NVIDIA software products affected, versions affected, and the updated versions that include this security update.

Download the updates from NVIDIA DevZone.

Notes:

• *R32.2 is the first release version supporting Jetson TX1 in the R32 branch.
• The table above may not be a comprehensive list of all affected supported versions or branch releases and may be updated as more information becomes available.

Mitigations

None. See Security Updates for the versions to install.

Acknowledgements

CVE-2019-5680: NVIDIA thanks Balázs Triszka for reporting this issue.