NVIDIA Isaac Launchable is a software development kit for building autonomous vehicles. It allows developers to create and test AI models in a simulated environment. The vulnerability discovered in NVIDIA Isaac Launchable enables an attacker to execute code with unnecessary privileges, potentially leading to code execution, privilege escalation, denial of service, information disclosure, and data tampering.
You're affected if you use NVIDIA Isaac Launchable version 3.0.1 or earlier (version info not specified in the advisory). To check if your system is affected, run nvidia-isaac-launchable --version to verify the installed version.
To fix this vulnerability, upgrade to NVIDIA Isaac Launchable version 3.0.2 or later. You can download the latest version from the NVIDIA website. If an immediate upgrade isn't possible, consider implementing the following mitigations: