Lucene search

PRIOn knowledge basePRION:CVE-2023-25518

HistoryJun 23, 2023 - 6:15 p.m.

Design/Logic Flaw

2023-06-2318:15:00

PRIOn knowledge base

www.prio-n.com

nvidia

jetson

cboot

vulnerability

pcie controller

iommu

code execution

denial of service

information disclosure

integrity

6.6 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

23.2%

JSON

NVIDIA Jetson contains a vulnerability in CBoot, where the PCIe controller is initialized without IOMMU, which may allow an attacker with physical access to the target device to read and write to arbitrary memory. A successful exploit of this vulnerability may lead to code execution, denial of service, information disclosure, and loss of integrity.

CPENameOperatorVersion
jetson_linuxlt32.7.4

CPE	Name	Operator	Version
	jetson_linux	lt	32.7.4

References

nvidia.custhelp.com/app/answers/detail/a_id/5466