Primary

Context

NVIDIA Jetson Linux Command Line Argument Injection Vulnerability in initrd Allowing Privilege Escalation and Code Execution

Vulnerability

Patched

A vulnerability exists in the initialization ramdisk (initrd) of NVIDIA Jetson Linux. This issue allows an unprivileged attacker with physical access to inject incorrect command line arguments. Exploitation of this vulnerability could result in unauthorized code execution, escalation of privileges, denial of service, data tampering, and information disclosure.

Impact

Exploitation of this vulnerability could lead to unauthorized code execution, elevated privileges, denial of service, data tampering, and unauthorized information disclosure.

Remediation

Users can download and install the latest software update from the APT server, the Jetson Download Center, or the IGX Download Center. Instructions for accessing these resources are available on the NVIDIA Product Security website.

Added: Mar 31, 2026, 5:28 PM

Updated: Mar 31, 2026, 5:28 PM

Vulnerability Rating

Custom Algorithm

spread

5.7

impact

7.5

exploitability

3.5

remediation

7.7

relevance

5.0

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

5.7

impact

7.5

exploitability

3.5

remediation

7.7

relevance

5.0

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

NVIDIA Jetson Linux Command Line Argument Injection Vulnerability in initrd Allowing Privilege Escalation and Code Execution

Vulnerability

Impact

Remediation

Affected Products

NVIDIA Jetson Linux

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating