CVE-2022-21819
moderate-risk
Published 2022-03-11
NVIDIA distributions of Jetson Linux contain a vulnerability where an error in the IOMMU configuration may allow an unprivileged attacker with physical access to the board direct read/write access to the entire system address space through the PCI bus. Such an attack could result in denial of service, code execution, escalation of privileges, and impact to data integrity and confidentiality. The scope impact may extend to other components.
Do I need to act?
-
0.14% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
7
CVSS 7.6/10
High
PHYSICAL
/ LOW complexity
Affected Products (1)
Affected Vendors
References (4)
Vendor Advisory
https://nvidia.custhelp.com/app/answers/detail/a_id/5321
Vendor Advisory
https://nvidia.custhelp.com/app/answers/detail/a_id/5321
30
/ 100
moderate-risk
Severity
24/34 · High
Exploitability
1/34 · Minimal
Exposure
5/34 · Minimal