Every CVE whose affected-product data names Nvidia Jetson Linux, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (49)
CVE-2024-0108 — CVSS 8.7 (high): NVIDIA Jetson Linux contains a vulnerability in NvGPU where error handling paths in GPU MMU mapping code fail to clean up a failed mapping…
CVE-2026-24148 — CVSS 8.3 (high): NVIDIA Jetson for JetPack contains a vulnerability in the system initialization logic, where an unprivileged attacker could cause the…
CVE-2021-34372 — CVSS 8.2 (high): Trusty (the trusted OS produced by NVIDIA for Jetson devices) driver contains a vulnerability in the NVIDIA OTE protocol message parsing…
CVE-2022-42269 — CVSS 7.9 (high): NVIDIA Trusted OS contains a vulnerability in an SMC call handler, where failure to validate untrusted input may allow a highly privileged…
CVE-2021-34373 — CVSS 7.9 (high): Trusty trusted Linux kernel (TLK) contains a vulnerability in the NVIDIA TLK kernel where a lack of heap hardening could cause heap…
CVE-2021-1107 — CVSS 7.8 (high): NVIDIA Linux kernel distributions contain a vulnerability in nvmap NVMAP_IOC_WRITE* paths, where improper access controls may lead to code…
CVE-2022-42270 — CVSS 7.8 (high): NVIDIA distributions of Linux contain a vulnerability in nvdla_emu_task_submit, where unvalidated input may allow a local attacker to cause…
CVE-2021-1106 — CVSS 7.8 (high): NVIDIA Linux kernel distributions contain a vulnerability in nvmap, where writes may be allowed to read-only buffers, which may result in…
CVE-2021-34376 — CVSS 7.7 (high): Trusty contains a vulnerability in the HDCP service TA where bounds checking in command 5 is missing. Improper restriction of operations…
CVE-2021-34379 — CVSS 7.7 (high): Trusty contains a vulnerability in the HDCP service TA where bounds checking in command 10 is missing. The length of an I/O buffer…
CVE-2021-34378 — CVSS 7.7 (high): Trusty contains a vulnerability in the HDCP service TA where bounds checking in command 11 is missing. Improper restriction of operations…
CVE-2021-34374 — CVSS 7.7 (high): Trusty contains a vulnerability in command handlers where the length of input buffers is not verified. This vulnerability can cause memory…
CVE-2021-34375 — CVSS 7.7 (high): Trusty contains a vulnerability in all trusted applications (TAs) where the stack cookie was not randomized, which might result in…
CVE-2021-34377 — CVSS 7.7 (high): Trusty contains a vulnerability in the HDCP service TA where bounds checking in command 9 is missing. Improper restriction of operations…
CVE-2026-24154 — CVSS 7.6 (high): NVIDIA Jetson Linux has vulnerability in initrd, where an unprivileged attacker with physical access coul inject incorrect command line…
CVE-2022-21819 — CVSS 7.6 (high): NVIDIA distributions of Jetson Linux contain a vulnerability where an error in the IOMMU configuration may allow an unprivileged attacker…
CVE-2022-28194 — CVSS 7.3 (high): NVIDIA Jetson Linux Driver Package contains a vulnerability in the Cboot module tegrabl_cbo.c, where, if TFTP is enabled, a local attacker…
CVE-2021-1108 — CVSS 7.3 (high): NVIDIA Linux kernel distributions contain a vulnerability in FuSa Capture (VI/ISP), where integer underflow due to lack of input validation…
CVE-2021-1109 — CVSS 7.2 (high): NVIDIA camera firmware contains a multistep, timing-related vulnerability where an unauthorized modification by camera resources may result…
CVE-2023-25518 — CVSS 7.1 (high): NVIDIA Jetson contains a vulnerability in CBoot, where the PCIe controller is initialized without IOMMU, which may allow an attacker with…
CVE-2021-1110 — CVSS 7.1 (high): NVIDIA Linux kernel distributions on Jetson Xavier contain a vulnerability in camera firmware where a user can change input data after…
CVE-2021-34380 — CVSS 7.0 (high): Bootloader contains a vulnerability in NVIDIA MB2 where potential heap overflow might cause corruption of the heap metadata, which might…
CVE-2021-1111 — CVSS 6.7 (medium): Bootloader contains a vulnerability in the NV3P server where any user with physical access through USB can trigger an incorrect bounds…
CVE-2021-34381 — CVSS 6.7 (medium): Trusty TLK contains a vulnerability in the NVIDIA TLK kernel function where a lack of checks allows the exploitation of an integer overflow…
CVE-2021-34382 — CVSS 6.7 (medium): Trusty TLK contains a vulnerability in the NVIDIA TLK kernel’s tz_map_shared_mem function where an integer overflow on the size parameter…
CVE-2021-34383 — CVSS 6.4 (medium): Bootloader contains a vulnerability in NVIDIA MB2 where a potential heap overflow might lead to denial of service or escalation of…
CVE-2021-34384 — CVSS 6.3 (medium): Bootloader contains a vulnerability in NVIDIA MB2 where a potential heap overflow could cause memory corruption, which might lead to denial…
CVE-2021-34388 — CVSS 6.3 (medium): Bootloader contains a vulnerability in NVIDIA TegraBoot where a potential heap overflow might allow an attacker to control all the RAM…
CVE-2021-34387 — CVSS 6.3 (medium): The ARM TrustZone Technology on which Trusty is based on contains a vulnerability in access permission settings where the portion of the…
CVE-2021-34386 — CVSS 6.3 (medium): Trusty TLK contains a vulnerability in the NVIDIA TLK kernel where an integer overflow in the calloc size calculation can cause the…
CVE-2021-34385 — CVSS 6.3 (medium): Trusty TLK contains a vulnerability in the NVIDIA TLK kernel where an integer overflow in the calculation of a length could lead to a heap…
CVE-2022-28195 — CVSS 5.7 (medium): NVIDIA Jetson Linux Driver Package contains a vulnerability in the Cboot ext4_read_file function, where insufficient validation of…
CVE-2022-28193 — CVSS 5.6 (medium): NVIDIA Jetson Linux Driver Package contains a vulnerability in the Cboot module tegrabl_cbo.c, where insufficient validation of untrusted…
CVE-2021-1112 — CVSS 5.5 (medium): NVIDIA Linux kernel distributions contain a vulnerability in nvmap, where a null pointer dereference may lead to complete denial of service.
CVE-2021-34391 — CVSS 5.3 (medium): Trusty contains a vulnerability in the NVIDIA TLK kernel function where a lack of checks allows the exploitation of an integer overflow…
CVE-2021-34390 — CVSS 5.3 (medium): Trusty contains a vulnerability in the NVIDIA TLK kernel function where a lack of checks allows the exploitation of an integer overflow…
CVE-2026-24153 — CVSS 5.2 (medium): NVIDIA Jetson Linux has a vulnerability in initrd, where the nvluks trusted application is not disabled. A successful exploit of this…
CVE-2021-34389 — CVSS 5.0 (medium): Trusty contains a vulnerability in NVIDIA OTE protocol message parsing code, which is present in all the TAs. An incorrect bounds check can…
CVE-2022-28197 — CVSS 5.0 (medium): NVIDIA Jetson Linux Driver Package contains a vulnerability in the Cboot ext4_mount function, where Insufficient validation of untrusted…
CVE-2021-1113 — CVSS 4.7 (medium): NVIDIA camera firmware contains a difficult to exploit vulnerability where a highly privileged attacker can cause unauthorized modification…
CVE-2022-28196 — CVSS 4.6 (medium): NVIDIA Jetson Linux Driver Package contains a vulnerability in the Cboot blob_decompress function, where insufficient validation of…
CVE-2021-1114 — CVSS 4.4 (medium): NVIDIA Linux kernel distributions contain a vulnerability in the kernel crypto node, where use after free may lead to complete denial of…
CVE-2021-34392 — CVSS 4.4 (medium): Trusty TLK contains a vulnerability in the NVIDIA TLK kernel where an integer overflow in the tz_map_shared_mem function can bypass…
CVE-2023-25520 — CVSS 4.4 (medium): NVIDIA Jetson Linux Driver Package contains a vulnerability in nvbootctrl, where a privileged local attacker can configure invalid…
CVE-2021-34393 — CVSS 4.2 (medium): Trusty contains a vulnerability in TSEC TA which deserializes the incoming messages even though the TSEC TA does not expose any command…
CVE-2021-34394 — CVSS 4.2 (medium): Trusty contains a vulnerability in the NVIDIA OTE protocol that is present in all TAs. An incorrect message stream deserialization allows…
CVE-2021-34395 — CVSS 3.9 (low): Trusty TLK contains a vulnerability in its access permission settings where it does not properly restrict access to a resource from a user…
CVE-2021-34396 — CVSS 3.0 (low): Bootloader contains a vulnerability in access permission settings where unauthorized software may be able to overwrite NVIDIA MB2 code…
CVE-2021-34397 — CVSS 1.9 (low): Bootloader contains a vulnerability in NVIDIA MB2, which may cause free-the-wrong-heap, which may lead to limited denial of service.