PT-2020-18864 · Nvidia · Nvidia Jetpack Sdk

Michael De Gans

Published

2020-07-08

Updated

2020-07-14

CVE-2020-5974

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions NVIDIA JetPack SDK versions 4.2 through 4.3

Description The issue is related to incorrect permissions set on certain directories by the installation scripts, potentially leading to escalation of privileges.

Recommendations For NVIDIA JetPack SDK versions 4.2 through 4.3, manually correct the permissions on the affected directories to prevent privilege escalation. As a temporary workaround, consider restricting access to the affected directories until a patch is available.

Fix

Incorrect Default Permissions

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-276

Related Identifiers

CVE-2020-5974

Affected Products

Nvidia Jetpack Sdk

PT-2020-18864 · Nvidia · Nvidia Jetpack Sdk

CVE-2020-5974

Weakness Enumeration

Related Identifiers

Affected Products

References · 3