{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-18T02:24:34.154","vulnerabilities":[{"cve":{"id":"CVE-2022-28195","sourceIdentifier":"psirt@nvidia.com","published":"2022-04-27T18:15:08.037","lastModified":"2024-11-21T06:56:55.783","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"NVIDIA Jetson Linux Driver Package contains a vulnerability in the Cboot ext4_read_file function, where insufficient validation of untrusted data may allow a highly privileged local attacker to cause a integer overflow, which may lead to code execution, escalation of privileges, limited denial of service, and some impact to confidentiality and integrity. The scope of impact can extend to other components."},{"lang":"es","value":"El paquete de controladores de NVIDIA Jetson para Linux contiene una vulnerabilidad en la función Cboot ext4_read_file, en la que una validación insuficiente de los datos que no son de confianza puede permitir a un atacante local con muchos privilegios provocar un desbordamiento de enteros, lo que puede dar lugar a la ejecución de código, una escalada de privilegios, una denegación de servicio limitada y cierto impacto en la confidencialidad y la integridad. El alcance del impacto puede extenderse a otros componentes"}],"metrics":{"cvssMetricV31":[{"source":"psirt@nvidia.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L","baseScore":5.7,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":1.5,"impactScore":3.7},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L","baseScore":5.7,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":1.5,"impactScore":3.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:P/I:P/A:P","baseScore":4.6,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":3.9,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"psirt@nvidia.com","type":"Secondary","description":[{"lang":"en","value":"CWE-20"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-190"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:nvidia:jetson_linux:*:*:*:*:*:*:*:*","versionEndExcluding":"32.7.2","matchCriteriaId":"5C65BE02-61B8-4A4D-84A8-52BCA6895C34"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:nvidia:jetson_agx_xavier:-:*:*:*:*:*:*:*","matchCriteriaId":"5DD3D2AA-2A9F-470D-BB0F-A7B7C2EC2490"},{"vulnerable":false,"criteria":"cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:*:*:*:*:*:*","matchCriteriaId":"B0AA5976-FD71-4A53-BD4F-D342E871FEB0"}]}]}],"references":[{"url":"https://nvidia.custhelp.com/app/answers/detail/a_id/5343","source":"psirt@nvidia.com","tags":["Vendor Advisory"]},{"url":"https://nvidia.custhelp.com/app/answers/detail/a_id/5343","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}