I have some questions about CVE-2017-6264:

  1. Does CVE-2017-6264 affect the Jetson Nano?
  2. Is CVE-2017-6264 fixed in L4T 32.7.3 / JetPack 4.6.3?
  3. Are there any known mitigations?

Also when will NVIDIA ship the latest bug fixes for the 4.9 kernel (Linux v4.9.337)?

hello roger1,

you may check this… NVIDIA Product Security | NVIDIA
however, CVE-2017-6264 it address the issue on Android, this CVE does not apply to software in Ubuntu archives.

what’s the issue you’re mentioned? did you meant the upstream kernel fixes?

Thanks for the clarification @JerryChang!

L4T 32.7.3 contains Linux v4.9.299. My question is when will NVIDIA provide L4T with v4.9.337 for the Jetson Nano.

hello roger1,

please refer to JetPack Archive | NVIDIA Developer.
since rel-32 code-line it’s quite old, and it doesn’t support with the latest Jetson platforms.
so… I don’t have solid release date about next rel-32 code-line update.

Thanks for the answers @JerryChang.

It’s a shame that NVIDIA abandoned the software support for Jetson Nano before it’s EOL.
This has led my company to decide to move away from Tegra processors for future products.

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.