CVE-2018-6269
HIGHNvidia Jetson Tx2 < r28.3 - Incorrect Permission Assignment
Title source: ruleDescription
NVIDIA Jetson TX2 contains a vulnerability in the kernel driver where input/output control (IOCTL) handling for user mode requests could create a non-trusted pointer dereference, which may lead to information disclosure, denial of service, escalation of privileges, or code execution. The updates apply to all versions prior to R28.3.
References (2)
Core 2
Core References
Vendor Advisory x_refsource_confirm
https://nvidia.custhelp.com/app/answers/detail/a_id/4787
Vendor Advisory x_refsource_confirm
https://nvidia.custhelp.com/app/answers/detail/a_id/4804
Scores
CVSS v3
7.8
EPSS
0.0005
EPSS Percentile
15.9%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-732
Status
published
Products (1)
nvidia/jetson_tx2
< r28.3
Published
Apr 12, 2019
Tracked Since
Feb 18, 2026