Lucene search

[email protected]NVD:CVE-2021-34375

HistoryJun 30, 2021 - 11:15 a.m.

CVE-2021-34375

2021-06-3011:15:08

CWE-787

[email protected]

web.nvd.nist.gov

trusty

vulnerability

tas

stack cookie

randomized

buffer overflow

denial of service

escalation of privileges

information disclosure

CVSS2

4.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

CVSS3

6.7

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

EPSS

Percentile

12.6%

JSON

Trusty contains a vulnerability in all trusted applications (TAs) where the stack cookie was not randomized, which might result in stack-based buffer overflow, leading to denial of service, escalation of privileges, and information disclosure.

Affected configurations

Nvd

Node

nvidiajetson_linuxRange<32.5.1

AND

nvidiajetson_agx_xavier_16gbMatch-

nvidiajetson_agx_xavier_32gbMatch-

nvidiajetson_agx_xavier_8gbMatch-

nvidiajetson_tx2Match-

nvidiajetson_tx2_4gbMatch-

nvidiajetson_tx2_nxMatch-

nvidiajetson_tx2iMatch-

nvidiajetson_xavier_nxMatch-

VendorProductVersionCPE
nvidiajetson_linux*cpe:2.3:o:nvidia:jetson_linux:*:*:*:*:*:*:*:*
nvidiajetson_agx_xavier_16gb-cpe:2.3:h:nvidia:jetson_agx_xavier_16gb:-:*:*:*:*:*:*:*
nvidiajetson_agx_xavier_32gb-cpe:2.3:h:nvidia:jetson_agx_xavier_32gb:-:*:*:*:*:*:*:*
nvidiajetson_agx_xavier_8gb-cpe:2.3:h:nvidia:jetson_agx_xavier_8gb:-:*:*:*:*:*:*:*
nvidiajetson_tx2-cpe:2.3:h:nvidia:jetson_tx2:-:*:*:*:*:*:*:*
nvidiajetson_tx2_4gb-cpe:2.3:h:nvidia:jetson_tx2_4gb:-:*:*:*:*:*:*:*
nvidiajetson_tx2_nx-cpe:2.3:h:nvidia:jetson_tx2_nx:-:*:*:*:*:*:*:*
nvidiajetson_tx2i-cpe:2.3:h:nvidia:jetson_tx2i:-:*:*:*:*:*:*:*
nvidiajetson_xavier_nx-cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
nvidia	jetson_linux	*	cpe:2.3:o:nvidia:jetson_linux::::::::
nvidia	jetson_agx_xavier_16gb	-	cpe:2.3:h:nvidia:jetson_agx_xavier_16gb:-:::::::*
nvidia	jetson_agx_xavier_32gb	-	cpe:2.3:h:nvidia:jetson_agx_xavier_32gb:-:::::::*
nvidia	jetson_agx_xavier_8gb	-	cpe:2.3:h:nvidia:jetson_agx_xavier_8gb:-:::::::*
nvidia	jetson_tx2	-	cpe:2.3:h:nvidia:jetson_tx2:-:::::::*
nvidia	jetson_tx2_4gb	-	cpe:2.3:h:nvidia:jetson_tx2_4gb:-:::::::*
nvidia	jetson_tx2_nx	-	cpe:2.3:h:nvidia:jetson_tx2_nx:-:::::::*
nvidia	jetson_tx2i	-	cpe:2.3:h:nvidia:jetson_tx2i:-:::::::*
nvidia	jetson_xavier_nx	-	cpe:2.3:h:nvidia:jetson_xavier_nx:-:::::::*

References

nvidia.custhelp.com/app/answers/detail/a_id/5205

CVSS2

4.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

CVSS3

6.7

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

EPSS

Percentile

12.6%

JSON

Related for NVD:CVE-2021-34375

cve1 cvelist1 prion1 threatpost1 nvidia1