Lucene search

NvidiaCVELIST:CVE-2021-1106

HistoryAug 11, 2021 - 9:32 p.m.

CVE-2021-1106

2021-08-1121:32:58

nvidia

www.cve.org

nvidia

linux kernel

nvmap

privilege escalation

denial of service

data tampering

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

7.8

Confidence

High

EPSS

Percentile

12.6%

JSON

NVIDIA Linux kernel distributions contain a vulnerability in nvmap, where writes may be allowed to read-only buffers, which may result in escalation of privileges, complete denial of service, unconstrained information disclosure, and serious data tampering of all processes on the system.

CNA Affected

[
  {
    "product": "Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX, Jetson Nano, Jetson Nano 2GB, Jetson TX1",
    "vendor": "NVIDIA",
    "versions": [
      {
        "status": "affected",
        "version": "All Jetson Linux versions prior to r32.6.1"
      }
    ]
  },
  {
    "product": "Shield TV",
    "vendor": "NVIDIA",
    "versions": [
      {
        "status": "affected",
        "version": "All versions prior to SE 9.0"
      }
    ]
  }
]

References

nvidia.custhelp.com/app/answers/detail/a_id/5216

nvidia.custhelp.com/app/answers/detail/a_id/5259

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

7.8

Confidence

High

EPSS

Percentile

12.6%

JSON

Related for CVELIST:CVE-2021-1106