Lucene search

[email protected]CVE-2021-23217

HistoryNov 20, 2021 - 3:15 p.m.

CVE-2021-23217

2021-11-2015:15:07

[email protected]

web.nvd.nist.gov

nvidia

gpu

tegra

hardware

vulnerability

microcontroller

dma write operation

code execution

corruption

confidentiality

integrity

availability.

6.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

7.5 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

0.0004 Low

EPSS

Percentile

12.7%

JSON

NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller, which may allow a user with elevated privileges to instantiate a DMA write operation only within a specific time window timed to corrupt code execution, which may impact confidentiality, integrity, or availability. The scope impact may extend to other components.

Affected configurations

NVD

Node

nvidiageforce_gt_605Match-

nvidiageforce_gt_610Match-

nvidiageforce_gt_620Match-

nvidiageforce_gt_625Match-

nvidiageforce_gt_630Match-

nvidiageforce_gt_635Match-

nvidiageforce_gt_640Match-

nvidiageforce_gt_705Match-

nvidiageforce_gt_710Match-

nvidiageforce_gt_720Match-

nvidiageforce_gt_730Match-

nvidiageforce_gt_740Match-

nvidiageforce_gtx_645Match-

nvidiageforce_gtx_650Match-

nvidiageforce_gtx_650_tiMatch-

nvidiageforce_gtx_650_ti_boostMatch-

nvidiageforce_gtx_660Match-

nvidiageforce_gtx_660_tiMatch-

nvidiageforce_gtx_670Match-

nvidiageforce_gtx_680Match-

nvidiageforce_gtx_690Match-

nvidiageforce_gtx_745Match-

nvidiageforce_gtx_750Match-

nvidiageforce_gtx_750_tiMatch-

nvidiageforce_gtx_760Match-

nvidiageforce_gtx_760_tiMatch-

nvidiageforce_gtx_770Match-

nvidiageforce_gtx_780Match-

nvidiageforce_gtx_780_tiMatch-

nvidiageforce_gtx_950Match-

nvidiageforce_gtx_960Match-

nvidiageforce_gtx_970Match-

nvidiageforce_gtx_980Match-

nvidiageforce_gtx_titan_xMatch-

nvidiagtx_titanMatch-

nvidiagtx_titan_blackMatch-

nvidiagtx_titan_zMatch-

nvidiajetson_nanoMatch-

nvidiajetson_nanoMatch--

nvidiajetson_nanoMatch-developer_kit

nvidiajetson_tx1Match-

nvidiaquadro_m1000mMatch-

nvidiaquadro_m1200Match-

nvidiaquadro_m2000Match-

nvidiaquadro_m2000mMatch-

nvidiaquadro_m2200Match-

nvidiaquadro_m3000mMatch-

nvidiaquadro_m4000Match-

nvidiaquadro_m4000mMatch-

nvidiaquadro_m5000Match-

nvidiaquadro_m5000mMatch-

nvidiaquadro_m500mMatch-

nvidiaquadro_m520Match-

nvidiaquadro_m5500Match-

nvidiaquadro_m6000Match-

nvidiaquadro_m600mMatch-

nvidiaquadro_m620Match-

nvidiashield_tvMatch-

nvidiashield_tv_proMatch-

nvidiatesla_m10Match-

nvidiatesla_m4Match-

nvidiatesla_m40Match-

nvidiatesla_m6Match-

nvidiatesla_m60Match-

nvidiatesla_p100Match-

AND

linuxlinux_kernelMatch-

microsoftwindowsMatch-

CPENameOperatorVersion
nvidia:geforce_gt_605nvidia geforce gt 605eq-
nvidia:geforce_gt_610nvidia geforce gt 610eq-
nvidia:geforce_gt_620nvidia geforce gt 620eq-
nvidia:geforce_gt_625nvidia geforce gt 625eq-
nvidia:geforce_gt_630nvidia geforce gt 630eq-
nvidia:geforce_gt_635nvidia geforce gt 635eq-
nvidia:geforce_gt_640nvidia geforce gt 640eq-
nvidia:geforce_gt_705nvidia geforce gt 705eq-
nvidia:geforce_gt_710nvidia geforce gt 710eq-
nvidia:geforce_gt_720nvidia geforce gt 720eq-

CPE	Name	Operator	Version
nvidia:geforce_gt_605	nvidia geforce gt 605	eq	-
nvidia:geforce_gt_610	nvidia geforce gt 610	eq	-
nvidia:geforce_gt_620	nvidia geforce gt 620	eq	-
nvidia:geforce_gt_625	nvidia geforce gt 625	eq	-
nvidia:geforce_gt_630	nvidia geforce gt 630	eq	-
nvidia:geforce_gt_635	nvidia geforce gt 635	eq	-
nvidia:geforce_gt_640	nvidia geforce gt 640	eq	-
nvidia:geforce_gt_705	nvidia geforce gt 705	eq	-
nvidia:geforce_gt_710	nvidia geforce gt 710	eq	-
nvidia:geforce_gt_720	nvidia geforce gt 720	eq	-

Rows per page:

1-10 of 631

CNA Affected

[
  {
    "product": "NVIDIA GPU and Tegra hardware",
    "vendor": "NVIDIA",
    "versions": [
      {
        "status": "affected",
        "version": "Maxwell, GP100, Tegra X1, Tegra X1+, Tegra TX2"
      }
    ]
  }
]

References

nvidia.custhelp.com/app/answers/detail/a_id/5263

6.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

7.5 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

0.0004 Low

EPSS

Percentile

12.7%

JSON

Related for CVE-2021-23217

cvelist1 nvd1 prion1 nvidia1