Home
HIGH: 7.6 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:HDefault status
unaffected
All versions prior to 35.6.4
affected
Default status
unaffected
All versions prior to 36.5
affected
Default status
unaffected
38.2
affected
Description
NVIDIA Jetson Linux has vulnerability in initrd, where an unprivileged attacker with physical access coul inject incorrect command line arguments. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, denial of service, data tampering, and information disclosure.
Problem types
CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Product status
All versions prior to 35.6.4
All versions prior to 36.5
38.2
References
nvd.nist.gov/vuln/detail/CVE-2026-24154
www.cve.org/CVERecord?id=CVE-2026-24154
nvidia.custhelp.com/app/answers/detail/a_id/5797