CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
EPSS
Percentile
12.6%
This notice is a response to a published research paper on vulnerabilities in Tegra systems on a chip (SOCs).
Go to NVIDIA Product Security.
This section provides a summary of potential vulnerabilities and their impact. Descriptions use CWE™, and base scores and vectors use CVSS v3.1 standards.
Note:
The NVIDIA risk assessment is based on an average of risk across a diverse set of installed systems and may not represent the true risk to your local installation. NVIDIA recommends consulting a security or IT professional to evaluate the risk to your specific configuration.
Note: Ampere products are not affected
CVE IDs | Hardware Architecture Type* |
---|---|
CVE‑2021‑1125 | Maxwell, Pascal, Volta, Tegra X1, Tegra X1+, Tegra TX2, Xavier |
CVE‑2021‑23217 | Maxwell, GP100, Tegra X1, Tegra X1+, Tegra TX2 |
CVE‑2021‑23219 | Maxwell (except GM206), Tegra X1, Tegra X1+ |
CVE‑2021‑23201 | |
CVE‑2021‑34400 | |
CVE‑2021‑34399 | |
CVE‑2021‑1105 | |
CVE‑2021‑1088 | Turing, Volta, Pascal, Maxwell, Tegra X1, Tegra X1+, Tegra TX2, Xavier |
*These vulnerabilities impact both Windows and Linux operating systems
The following table lists NVIDIA products affected.
Product Category | Hardware Architecture Type* | Impacted | Notes |
---|---|---|---|
GPU | Turing, Volta, Pascal, Maxwell | Yes | |
GPU | Kepler | No | Kepler does not contain security features impacted by these vulnerabilities |
GPU | Ampere | No | |
Tegra SoC | Tegra X1, Tegra X1+, Tegra TX2, Xavier | Yes |
*See the table below for the product names corresponding to the architecture for each segment.
Hardware Architecture | Product Name |
---|---|
Turing | GeForce RTX 20-series, GeForce GTX 16-series, Titan RTX |
Volta | Titan V Series |
Pascal (except P100) | GeForce GTX 10-series, Titan X, Titan Xp |
Maxwell, Pascal P100 | GeForce 900-series, GeForce GTX Titan X |
Kepler | GeForce 600-series, GeForce 700-series, GTX Titan, GTX Titan Black, GTX Titan Z |
Hardware Architecture | Product Name |
---|---|
Turing | NVIDIA T4 |
Volta | Tesla V100 (16GB, 32GB), Tesla V100S, HGX-2 |
Pascal (except GP100) | Tesla P40, Tesla P6, Tesla P4 |
Maxwell, Pascal GP100 | Tesla P100 (12GB, 16GB) Tesla M_xx_, Tesla M_xxxx_ |
Kepler | Tesla Kxx/Kxxx, GRID Kx/Kxxx |
Hardware Architecture | Product Name |
---|---|
Turing | NVIDIA Quadro RTX_xxxx_, NVIDIA Quadro T-series, NVIDIA T-series |
Volta | NVIDIA Quadro GV100 |
Pascal (except GP100) | NVIDIA Quadro P-series (P_xx_/P_xxx_) |
Maxwell, Pascal GP100 | NVIDIA Quadro M-series (M_xx_/M_xxx_) |
Kepler | NVIDIA Quadro K-series (K_xx_/K_xxx_) |
Hardware Architecture | Product Name |
---|---|
Xavier | Jetson Xavier Series, Jetson Xavier NX |
Tegra TX2 | Jetson TX2 Series |
Tegra X1 | Jetson Nano Series, Jetson TX1 |
Hardware Architecture | Product Name |
---|---|
Tegra X1, Tegra X1+ | SHIELD TV - All Versions |
Hardware Architecture | Product Name |
---|---|
Volta | NVIDIA DGX-1 (with V100), NVIDIA DGX-2, NVIDIA DGX Station |
Pascal GP100 | NVIDIA DGX-1 (with P100) |
Hardware Architecture | Product Name |
---|---|
Turing | NVIDIA DRIVE Constellation |
NVIDIA recommends following security best practices for managing access to computer systems. Limit administrative and kernel access to trusted users only.
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
EPSS
Percentile
12.6%