CVE-2026-24154

HIGH 7.6

CVSS Score

7.6

EPSS Score

0.0%

EPSS Percentile

0th

NVIDIA Jetson Linux has vulnerability in initrd, where an unprivileged attacker with physical access coul inject incorrect command line arguments. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, denial of service, data tampering, and information disclosure.

CWE	CWE-78
Vendor	nvidia
Product	jetson xavier series, jetson orin series and jetson thor
Published	Mar 31, 2026
Last Updated	Mar 31, 2026

Stay Ahead of the Next One

Get instant alerts for nvidia jetson xavier series, jetson orin series and jetson thor

Be the first to know when new high vulnerabilities affecting nvidia jetson xavier series, jetson orin series and jetson thor are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Attack Vector

Physical

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Changed

Confidentiality

High

Integrity

High

Availability

High

Affected Versions

NVIDIA / Jetson Xavier Series, Jetson Orin Series and Jetson Thor

All versions prior to 35.6.4

NVIDIA / Jetson Xavier Series, Jetson Orin Series and Jetson Thor

All versions prior to 36.5

NVIDIA / Jetson Xavier Series, Jetson Orin Series and Jetson Thor

38.2

References

NVD ↗ CVE.org ↗ EPSS Data ↗

nvd.nist.gov: https://nvd.nist.gov/vuln/detail/CVE-2026-24154 cve.org: https://www.cve.org/CVERecord?id=CVE-2026-24154 nvidia.custhelp.com: https://nvidia.custhelp.com/app/answers/detail/a_id/5797