Impact
The Linux kernel module for NVIDIA Tegra’s Crossbar Bridge (cbb) was incorrectly using the base address of one fabric while accessing registers belonging to another fabric during an error interrupt. This caused the kernel to dereference an invalid address and triggered a page fault. The fault leads to an unhandled kernel exception, resulting in a system crash and denial of service for any processes running on the affected device. The flaw is a kernel‑space memory access bug that can be exploited if the error interrupt can be triggered, but it does not provide arbitrary code execution.
Affected Systems
All Linux kernel builds that contain the Tegra Soc cbb driver are susceptible, as the vulnerability is tied to the general cross‑fabric target timeout lookup logic rather than a specific release. Systems with NVIDIA Tegra SoCs that use the soc/tegra: cbb driver, such as various embedded and mobile platforms, fall into this category. No version restrictions were supplied in the data, so any installation running the affected driver code is at risk.
Risk and Exploitability
The CVSS score of 5.5 indicates a moderate severity, and the EPSS score of < 1% suggests a very low likelihood of exploitation in the wild. It is not listed in CISA’s KEV catalog, implying no known active exploitation. The likely attack vector requires an attacker to trigger a fabric error interrupt that leads to an incorrect base address lookup; this is generally a local or privileged operation within the kernel. Though remote exploitation is improbable, any kernel crash immediately terminates all user processes, creating a denial of service that could impact availability of the device. In the absence of a current exploitation record, the risk remains moderate until a patch is applied.
OpenCVE Enrichment