CVE-2026-24153
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
31/03/2026
Last modified:
03/04/2026
Description
NVIDIA Jetson Linux has a vulnerability in initrd, where the nvluks trusted application is not disabled. A successful exploit of this vulnerability might lead to information disclosure.
Impact
Base Score 3.x
5.20
Severity 3.x
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:nvidia:jetson_linux:*:*:*:*:*:*:*:* | 35.6.4 (excluding) | |
| cpe:2.3:o:nvidia:jetson_linux:*:*:*:*:*:*:*:* | 36.0 (including) | 36.5 (excluding) |
| cpe:2.3:o:nvidia:jetson_linux:38.2:*:*:*:*:*:*:* | ||
| cpe:2.3:h:nvidia:jetson_agx_orin_32gb:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:nvidia:jetson_agx_orin_64gb:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:nvidia:jetson_agx_orin_developer_kit:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:nvidia:jetson_agx_orin_industrial:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:nvidia:jetson_agx_thor_developer_kit:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:nvidia:jetson_agx_xavier_32gb:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:nvidia:jetson_agx_xavier_64gb:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:nvidia:jetson_agx_xavier_industrial:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:nvidia:jetson_orin_nano_4gb:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:nvidia:jetson_orin_nano_8gb:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:nvidia:jetson_orin_nano_super_developer_kit:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:nvidia:jetson_orin_nx_16gb:-:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page