11 matches found
CVE-2018-3639
CVE-2018-3639 is a speculative execution side‑channel vulnerability (SSB) that can leak memory via speculative stores. The Connected ALMA doc notes a mitigation: SSB is disabled by the new alt-java launcher, reducing impact at the cost of performance, and it references OpenJDK 8u282 as part of th...
CVE-2017-1000251
CVE-2017-1000251 affects the Linux kernel Bluetooth subsystem (BlueZ) in L2CAP processing, causing a stack buffer overflow when handling configuration responses. Affected range includes kernels from 2.6.32 up to 4.13.1. Exploitation could crash the system or, in some deployments, allow remote cod...
CVE-2021-23201
CVE-2021-23201 describes a vulnerability in an internal microcontroller of NVIDIA GPU and Tegra hardware that could allow a user with elevated privileges to generate valid microcode by identifying, exploiting and loading vulnerable microcode. The impact could include information disclosure, data ...
CVE-2019-5672
CVE-2019-5672 affects NVIDIA Jetson TX1/TX2 running Linux for Tegra (L4T) prior to R28.3, where SSH keys in the sample rootfs are not replaced with unique host keys after generation/flash, potentially leading to information disclosure. The NVIDIA Security Bulletin lists updates for Jetson TX1/TX2...
CVE-2021-1105
CVE-2021-1105 affects NVIDIA GPU and Tegra hardware, stemming from a vulnerability in the internal microcontroller that could allow a user with elevated privileges to access debug registers at runtime, potentially leading to information disclosure. Connected documents corroborate that the impact ...
CVE-2021-1088
Summary: CVE-2021-1088 affects NVIDIA GPU/Tegra hardware via an internal microcontroller vulnerability that may allow a user with elevated privileges to exploit debug mechanisms with insufficient access control, potentially leading to information disclosure. The CVE applies to multiple NVIDIA arc...
CVE-2021-1125
CVE-2021-1125 affects NVIDIA GPU and Tegra hardware. A vulnerability in the internal microcontroller could allow a user with elevated privileges (local access, HIGH privileges) to corrupt program data. The public records describe this as a local impact with no user interaction, and the CVSS/metri...
CVE-2021-23219
CVE-2021-23219 affects NVIDIA GPU and Tegra hardware via an internal microcontroller vulnerability. The issue could allow a user with elevated privileges to access protected information by identifying, exploiting, and loading vulnerable microcode, potentially leading to information disclosure. Af...
CVE-2021-34399
The CVE-2021-34399 entry refers to a vulnerability in NVIDIA GPU and Tegra hardware where an internal microcontroller could permit a user with elevated privileges to access information from unscrubbed registers, potentially leading to information disclosure. Connected NVIDIA materials enumerate a...
CVE-2021-23217
NVIDIA CVE-2021-23217 affects GPU/Tegra hardware with an internal microcontroller flaw that may let an elevated-privilege user instantiate a DMA write within a specific time window, potentially corrupting code execution and impacting confidentiality, integrity, or availability. Affected architect...
CVE-2021-34400
The CVE-2021-34400 entry describes a vulnerability in the internal microcontroller of NVIDIA GPU and Tegra hardware that may allow a user with elevated privileges to access information from unscrubbed memory, leading to information disclosure. Affected components include NVIDIA GPU and Tegra micr...