CVE-2026-24148

EUVD-2026-17510
NVIDIA Jetson for JetPack contains a vulnerability in the system initialization logic, where an unprivileged attacker could cause the initialization of a resource with an insecure default. A successful exploit of this vulnerability might lead to information disclosure of encrypted data, data tampering, and partial denial of service across devices sharing the same machine ID.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
8.3 HIGH
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
Base Score
CVSS 3.x
EPSS Score
Percentile: 13%
Affected Products (NVD)
VendorProductVersion
nvidiajetson_linux
𝑥
< 35.6.4
nvidiajetson_linux
36.0 ≤
𝑥
< 36.5
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://nvd.nist.gov/vuln/detail/CVE-2026-24148
https://nvidia.custhelp.com/app/answers/detail/a_id/5797
https://www.cve.org/CVERecord?id=CVE-2026-24148