Lucene search

NvidiaCVELIST:CVE-2021-34381

HistoryJun 30, 2021 - 10:24 a.m.

CVE-2021-34381

2021-06-3010:24:34

nvidia

www.cve.org

trusty tlk

nvidia

kernel function

vulnerability

integer overflow

denial of service

information disclosure

data tampering

CVSS3

6.7

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

AI Score

7.9

Confidence

High

EPSS

Percentile

12.6%

JSON

Trusty TLK contains a vulnerability in the NVIDIA TLK kernel function where a lack of checks allows the exploitation of an integer overflow on the size parameter of the tz_map_shared_mem function, which might lead to denial of service, information disclosure, or data tampering.

CNA Affected

[
  {
    "product": "NVIDIA Jetson TX1",
    "vendor": "NVIDIA",
    "versions": [
      {
        "status": "affected",
        "version": "All Jetson Linux versions prior to r32.5.1"
      }
    ]
  }
]

References

nvidia.custhelp.com/app/answers/detail/a_id/5205

CVSS3

6.7

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

AI Score

7.9

Confidence

High

EPSS

Percentile

12.6%

JSON

Related for CVELIST:CVE-2021-34381