CVE-2023-25518 - OpenCVE

NVIDIA Jetson contains a vulnerability in CBoot, where the PCIe controller is initialized without IOMMU, which may allow an attacker with physical access to the target device to read and write to arbitrary memory. A successful exploit of this vulnerability may lead to code execution, denial of service, information disclosure, and loss of integrity.

No CVSS v4.0

Attack Vector Physical

Attack Complexity High

Privileges Required None

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Nvidia	Jetson Agx Xavier Jetson Linux Jetson Xavier Nx

Configuration 1 [-]

AND

cpe:2.3:o:nvidia:jetson_linux:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:nvidia:jetson_agx_xavier:-:::::::*
	cpe:2.3:h:nvidia:jetson_xavier_nx:-:::::::*

No data.

References

Link	Providers
https://https://nvidia.custhelp.com/app/answers/detail/a_id/5466

History

No history.

MITRE

Status: PUBLISHED

Assigner: nvidia

Published: 2023-06-23T17:09:10.859Z

Updated: 2024-08-02T11:25:18.620Z

Reserved: 2023-02-07T02:57:17.084Z

Link: CVE-2023-25518

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2023-06-23T18:15:10.970

Modified: 2023-07-04T01:52:44.287

Link: CVE-2023-25518

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-25518", "assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6", "state": "PUBLISHED", "assignerShortName": "nvidia", "dateReserved": "2023-02-07T02:57:17.084Z", "datePublished": "2023-06-23T17:09:10.859Z", "dateUpdated": "2024-08-02T11:25:18.620Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Jetson AGX Xavier series, Jetson Xavier NX", "vendor": "NVIDIA", "versions": [{"status": "affected", "version": "All versions prior to 32.7.4"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "\n\n<span style=\"background-color: rgb(255, 255, 255);\">NVIDIA Jetson contains a vulnerability in CBoot, where the PCIe controller is initialized without IOMMU, which may allow an attacker with physical access to the target device to read and write to arbitrary memory. A successful exploit of this vulnerability may lead to code execution, denial of service, information disclosure, and loss of integrity. </span>\n\n"}], "value": "\nNVIDIA Jetson contains a vulnerability in CBoot, where the PCIe controller is initialized without IOMMU, which may allow an attacker with physical access to the target device to read and write to arbitrary memory. A successful exploit of this vulnerability may lead to code execution, denial of service, information disclosure, and loss of integrity. \n\n"}], "impacts": [{"descriptions": [{"lang": "en", "value": "code execution, denial of service, information disclosure, and loss of integrity"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "PHYSICAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-923", "description": "CWE-923", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6", "shortName": "nvidia", "dateUpdated": "2023-06-23T17:09:10.859Z"}, "references": [{"url": "https://https://nvidia.custhelp.com/app/answers/detail/a_id/5466"}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T11:25:18.620Z"}, "title": "CVE Program Container", "references": [{"url": "https://https://nvidia.custhelp.com/app/answers/detail/a_id/5466", "tags": ["x_transferred"]}]}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:nvidia:jetson_linux:*:*:*:*:*:*:*:*", "matchCriteriaId": "4F98866A-11A7-4529-B67F-106637A95767", "versionEndExcluding": "32.7.4", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:nvidia:jetson_agx_xavier:-:*:*:*:*:*:*:*", "matchCriteriaId": "5DD3D2AA-2A9F-470D-BB0F-A7B7C2EC2490", "vulnerable": false}, {"criteria": "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:*:*:*:*:*:*", "matchCriteriaId": "B0AA5976-FD71-4A53-BD4F-D342E871FEB0", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "\nNVIDIA Jetson contains a vulnerability in CBoot, where the PCIe controller is initialized without IOMMU, which may allow an attacker with physical access to the target device to read and write to arbitrary memory. A successful exploit of this vulnerability may lead to code execution, denial of service, information disclosure, and loss of integrity. \n\n"}], "id": "CVE-2023-25518", "lastModified": "2023-07-04T01:52:44.287", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "PHYSICAL", "availabilityImpact": "HIGH", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 0.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "PHYSICAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 0.5, "impactScore": 6.0, "source": "psirt@nvidia.com", "type": "Secondary"}]}, "published": "2023-06-23T18:15:10.970", "references": [{"source": "psirt@nvidia.com", "tags": ["Vendor Advisory"], "url": "https://https://nvidia.custhelp.com/app/answers/detail/a_id/5466"}], "sourceIdentifier": "psirt@nvidia.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-923"}], "source": "psirt@nvidia.com", "type": "Secondary"}]}