Lucene search

[email protected]NVD:CVE-2021-34389

HistoryJun 21, 2021 - 10:15 p.m.

CVE-2021-34389

2021-06-2122:15:07

CWE-401

[email protected]

web.nvd.nist.gov

1.9 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:M/Au:N/C:P/I:N/A:N

5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N

0.0004 Low

EPSS

Percentile

15.8%

JSON

Trusty contains a vulnerability in NVIDIA OTE protocol message parsing code, which is present in all the TAs. An incorrect bounds check can allow a local user through a malicious client to access memory from the heap in the TrustZone, which may lead to information disclosure.

Affected configurations

NVD

Node

nvidiajetson_agx_xavier_16gbMatch-

nvidiajetson_agx_xavier_32gbMatch-

nvidiajetson_agx_xavier_8gbMatch-

nvidiajetson_tx2Match-

nvidiajetson_tx2_4gbMatch-

nvidiajetson_tx2_nxMatch-

nvidiajetson_tx2iMatch-

nvidiajetson_xavier_nxMatch-developer_kit

nvidiajetson_xavier_nxMatch-production

AND

nvidiajetson_linuxRange<32.5.1

References

nvidia.custhelp.com/app/answers/detail/a_id/5205

1.9 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:M/Au:N/C:P/I:N/A:N

5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N

0.0004 Low

EPSS

Percentile

15.8%

JSON

Related for NVD:CVE-2021-34389

cvelist1 cnvd1 cve1 prion1 nvidia1