Vulnerabilites related to nvidia - jetson_tx1_firmware
Vulnerability from fkie_nvd
Published
2019-07-19 20:15
Modified
2024-11-21 04:45
Severity ?
Summary
In NVIDIA Jetson TX1 L4T R32 version branch prior to R32.2, Tegra bootloader contains a vulnerability in nvtboot in which the nvtboot-cpu image is loaded without the load address first being validated, which may lead to code execution, denial of service, or escalation of privileges.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| nvidia | jetson_tx1_firmware | * | |
| nvidia | jetson_tx1 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nvidia:jetson_tx1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "87211101-FEC0-4248-94AC-65E2E81442E6",
"versionEndExcluding": "r32.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "86D1FDAD-C594-43D9-9BF6-F7461177AB91",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In NVIDIA Jetson TX1 L4T R32 version branch prior to R32.2, Tegra bootloader contains a vulnerability in nvtboot in which the nvtboot-cpu image is loaded without the load address first being validated, which may lead to code execution, denial of service, or escalation of privileges."
},
{
"lang": "es",
"value": "En Jetson TX1 L4T rango de versi\u00f3n de R32 anterior a R32.2 de NVIDIA, el cargador de arranque Tegra contiene una vulnerabilidad en nvtboot en la que se carga la imagen nvtboot-cpu sin que la direcci\u00f3n de carga sea comprobada primero, lo que puede conllevar a la ejecuci\u00f3n del c\u00f3digo, la denegaci\u00f3n del servicio o la escalada de privilegios."
}
],
"id": "CVE-2019-5680",
"lastModified": "2024-11-21T04:45:20.120",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-07-19T20:15:12.383",
"references": [
{
"source": "psirt@nvidia.com",
"url": "http://www.securityfocus.com/bid/109341"
},
{
"source": "psirt@nvidia.com",
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4804"
},
{
"source": "psirt@nvidia.com",
"tags": [
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4835"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/109341"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4804"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4835"
}
],
"sourceIdentifier": "psirt@nvidia.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-03-26 16:29
Modified
2024-11-21 03:29
Severity ?
Summary
NVIDIA Tegra kernel contains a vulnerability in the CORE DVFS Thermal driver where there is the potential to read or write a buffer using an index or pointer that references a memory location after the end of the buffer, which may lead to a denial of service or possible escalation of privileges.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| nvidia | jetson_tx1_firmware | * | |
| nvidia | jetson_tx1 | - | |
| nvidia | jetson_tx1_firmware | * | |
| nvidia | jetson_tx1 | - | |
| nvidia | jetson_tk1_firmware | * | |
| nvidia | jetson_tk1 | - | |
| nvidia | tegra_k1_firmware | * | |
| nvidia | tegra_k1 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nvidia:jetson_tx1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "793B313B-6FB5-4F93-881F-FF642DBCC010",
"versionEndIncluding": "24.2.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "86D1FDAD-C594-43D9-9BF6-F7461177AB91",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nvidia:jetson_tx1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EF603C72-0BD8-4B30-93C8-10EB14843961",
"versionEndIncluding": "28.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "86D1FDAD-C594-43D9-9BF6-F7461177AB91",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nvidia:jetson_tk1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CB7AB0B7-97FA-43BD-9848-0D32ECAE6549",
"versionEndIncluding": "21.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nvidia:jetson_tk1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "810B05A3-29CF-464F-9E63-8238AA0651AF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nvidia:tegra_k1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BBF80A23-E509-4327-BE03-8F9C440DDCC3",
"versionEndIncluding": "21.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nvidia:tegra_k1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "839C2B2C-58AA-451A-BAEF-855D4F6DC852",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "NVIDIA Tegra kernel contains a vulnerability in the CORE DVFS Thermal driver where there is the potential to read or write a buffer using an index or pointer that references a memory location after the end of the buffer, which may lead to a denial of service or possible escalation of privileges."
},
{
"lang": "es",
"value": "El kernel de NVIDIA Tegra contiene una vulnerabilidad en el controlador CORE DVFS Thermal, donde existe la posibilidad de que se produzca una lectura o escritura de b\u00fafer empleando un \u00edndice o un puntero que haga referencia a una ubicaci\u00f3n en la memoria despu\u00e9s del final del b\u00fafer, lo que puede conducir a una denegaci\u00f3n de servicio (DoS) o a un posible escalado de privilegios."
}
],
"id": "CVE-2017-6278",
"lastModified": "2024-11-21T03:29:25.907",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-03-26T16:29:00.287",
"references": [
{
"source": "psirt@nvidia.com",
"tags": [
"Vendor Advisory"
],
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4635"
},
{
"source": "psirt@nvidia.com",
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4635"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787"
}
],
"sourceIdentifier": "psirt@nvidia.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cve-2019-5680
Vulnerability from cvelistv5
Published
2019-07-19 19:57
Modified
2024-08-04 20:01
Severity ?
EPSS score ?
Summary
In NVIDIA Jetson TX1 L4T R32 version branch prior to R32.2, Tegra bootloader contains a vulnerability in nvtboot in which the nvtboot-cpu image is loaded without the load address first being validated, which may lead to code execution, denial of service, or escalation of privileges.
References
| ▼ | URL | Tags |
|---|---|---|
| https://nvidia.custhelp.com/app/answers/detail/a_id/4835 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/109341 | vdb-entry, x_refsource_BID | |
| https://nvidia.custhelp.com/app/answers/detail/a_id/4804 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | NVIDIA | NVIDIA Jetson TX1 |
Version: R32 versions prior to 32.2 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T20:01:52.198Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4835"
},
{
"name": "109341",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/109341"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4804"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "NVIDIA Jetson TX1",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "R32 versions prior to 32.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In NVIDIA Jetson TX1 L4T R32 version branch prior to R32.2, Tegra bootloader contains a vulnerability in nvtboot in which the nvtboot-cpu image is loaded without the load address first being validated, which may lead to code execution, denial of service, or escalation of privileges."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "code execution/denial of service/escalation of privileges",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-02T21:06:06",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4835"
},
{
"name": "109341",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/109341"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4804"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@nvidia.com",
"ID": "CVE-2019-5680",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "NVIDIA Jetson TX1",
"version": {
"version_data": [
{
"version_value": "R32 versions prior to 32.2"
}
]
}
}
]
},
"vendor_name": "NVIDIA"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In NVIDIA Jetson TX1 L4T R32 version branch prior to R32.2, Tegra bootloader contains a vulnerability in nvtboot in which the nvtboot-cpu image is loaded without the load address first being validated, which may lead to code execution, denial of service, or escalation of privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "code execution/denial of service/escalation of privileges"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://nvidia.custhelp.com/app/answers/detail/a_id/4835",
"refsource": "CONFIRM",
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4835"
},
{
"name": "109341",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/109341"
},
{
"name": "https://nvidia.custhelp.com/app/answers/detail/a_id/4804",
"refsource": "CONFIRM",
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4804"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2019-5680",
"datePublished": "2019-07-19T19:57:04",
"dateReserved": "2019-01-07T00:00:00",
"dateUpdated": "2024-08-04T20:01:52.198Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-6278
Vulnerability from cvelistv5
Published
2018-03-26 16:00
Modified
2024-09-17 00:10
Severity ?
EPSS score ?
Summary
NVIDIA Tegra kernel contains a vulnerability in the CORE DVFS Thermal driver where there is the potential to read or write a buffer using an index or pointer that references a memory location after the end of the buffer, which may lead to a denial of service or possible escalation of privileges.
References
| ▼ | URL | Tags |
|---|---|---|
| http://nvidia.custhelp.com/app/answers/detail/a_id/4635 | x_refsource_CONFIRM | |
| https://nvidia.custhelp.com/app/answers/detail/a_id/4787 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Nvidia Corporation | NVIDIA Tegra |
Version: N/A |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T15:25:48.439Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4635"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "NVIDIA Tegra",
"vendor": "Nvidia Corporation",
"versions": [
{
"status": "affected",
"version": "N/A"
}
]
}
],
"datePublic": "2018-03-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "NVIDIA Tegra kernel contains a vulnerability in the CORE DVFS Thermal driver where there is the potential to read or write a buffer using an index or pointer that references a memory location after the end of the buffer, which may lead to a denial of service or possible escalation of privileges."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of service Escalation of privileges",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-04-02T17:06:08",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4635"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@nvidia.com",
"DATE_PUBLIC": "2018-03-20T00:00:00",
"ID": "CVE-2017-6278",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "NVIDIA Tegra",
"version": {
"version_data": [
{
"version_value": "N/A"
}
]
}
}
]
},
"vendor_name": "Nvidia Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NVIDIA Tegra kernel contains a vulnerability in the CORE DVFS Thermal driver where there is the potential to read or write a buffer using an index or pointer that references a memory location after the end of the buffer, which may lead to a denial of service or possible escalation of privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of service Escalation of privileges"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://nvidia.custhelp.com/app/answers/detail/a_id/4635",
"refsource": "CONFIRM",
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4635"
},
{
"name": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787",
"refsource": "CONFIRM",
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2017-6278",
"datePublished": "2018-03-26T16:00:00Z",
"dateReserved": "2017-02-23T00:00:00",
"dateUpdated": "2024-09-17T00:10:50.586Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}