{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-15T15:10:39.583","vulnerabilities":[{"cve":{"id":"CVE-2022-28196","sourceIdentifier":"psirt@nvidia.com","published":"2022-04-27T18:15:08.097","lastModified":"2024-11-21T06:56:55.917","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"NVIDIA Jetson Linux Driver Package contains a vulnerability in the Cboot blob_decompress function, where insufficient validation of untrusted data may allow a local attacker with elevated privileges to cause a memory buffer overflow, which may lead to code execution, limited loss of Integrity, and limited denial of service. The scope of impact can extend to other components."},{"lang":"es","value":"El paquete de controladores de NVIDIA Jetson para Linux contiene una vulnerabilidad en la función Cboot blob_decompress, en la que una validación insuficiente de los datos que no son de confianza puede permitir a un atacante local con privilegios elevados provocar un desbordamiento del búfer de memoria, lo que puede conducir a la ejecución de código, una pérdida limitada de integridad y una denegación de servicio limitada. El alcance del impacto puede extenderse a otros componentes"}],"metrics":{"cvssMetricV31":[{"source":"psirt@nvidia.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:L","baseScore":4.6,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":1.5,"impactScore":2.7},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:L","baseScore":4.6,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":1.5,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:N/I:P/A:P","baseScore":3.6,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"LOW","exploitabilityScore":3.9,"impactScore":4.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"psirt@nvidia.com","type":"Secondary","description":[{"lang":"en","value":"CWE-20"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:nvidia:jetson_linux:*:*:*:*:*:*:*:*","versionEndExcluding":"32.7.2","matchCriteriaId":"5C65BE02-61B8-4A4D-84A8-52BCA6895C34"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:nvidia:jetson_agx_xavier:-:*:*:*:*:*:*:*","matchCriteriaId":"5DD3D2AA-2A9F-470D-BB0F-A7B7C2EC2490"},{"vulnerable":false,"criteria":"cpe:2.3:h:nvidia:jetson_tx2:-:*:*:*:*:*:*:*","matchCriteriaId":"DE9D4A55-A232-4AF2-B7E9-CD58D7D17479"},{"vulnerable":false,"criteria":"cpe:2.3:h:nvidia:jetson_tx2_nx:-:*:*:*:*:*:*:*","matchCriteriaId":"64C3FB58-08AA-4FE4-97BE-21B254BA229F"},{"vulnerable":false,"criteria":"cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:*:*:*:*:*:*","matchCriteriaId":"B0AA5976-FD71-4A53-BD4F-D342E871FEB0"}]}]}],"references":[{"url":"https://nvidia.custhelp.com/app/answers/detail/a_id/5343","source":"psirt@nvidia.com","tags":["Vendor Advisory"]},{"url":"https://nvidia.custhelp.com/app/answers/detail/a_id/5343","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}