Lucene search

NvidiaCVELIST:CVE-2021-34394

HistoryJun 22, 2021 - 9:25 p.m.

CVE-2021-34394

2021-06-2221:25:29

nvidia

www.cve.org

4.2 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H

7.1 High

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

17.2%

JSON

Trusty contains a vulnerability in the NVIDIA OTE protocol that is present in all TAs. An incorrect message stream deserialization allows an attacker to use the malicious CA that is run by the user to cause the buffer overflow, which may lead to information disclosure and data modification.

CNA Affected

[
  {
    "product": "NVIDIA Jetson TX2 series, TX2 NX, AGX Xavier series, Xavier NX",
    "vendor": "NVIDIA",
    "versions": [
      {
        "status": "affected",
        "version": "All Jetson Linux versions prior to  r32.5.1"
      }
    ]
  }
]

References

nvidia.custhelp.com/app/answers/detail/a_id/5205

4.2 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H

7.1 High

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

17.2%

JSON

Related for CVELIST:CVE-2021-34394