All the vulnerabilites related to nvidia - jetson_tx2_nx
Vulnerability from fkie_nvd
Published
2021-06-30 11:15
Modified
2024-11-21 06:10
Severity ?
6.4 (Medium) - CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Bootloader contains a vulnerability in NVIDIA MB2 where a potential heap overflow might lead to denial of service or escalation of privileges.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| nvidia | jetson_linux | * | |
| nvidia | jetson_agx_xavier_16gb | - | |
| nvidia | jetson_agx_xavier_32gb | - | |
| nvidia | jetson_agx_xavier_8gb | - | |
| nvidia | jetson_tx2 | - | |
| nvidia | jetson_tx2_4gb | - | |
| nvidia | jetson_tx2_nx | - | |
| nvidia | jetson_tx2i | - | |
| nvidia | jetson_xavier_nx | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nvidia:jetson_linux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E8941F71-0292-414E-AEA5-DD55EA3C2009",
"versionEndExcluding": "32.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nvidia:jetson_agx_xavier_16gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0E081CB-B6EC-42DC-BA04-BCA13C17D190",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_agx_xavier_32gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F92D471-8E65-41FC-A5DE-255136F6F989",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_agx_xavier_8gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E29459F7-997A-4B87-9164-6E3B5158ADC3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE9D4A55-A232-4AF2-B7E9-CD58D7D17479",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2_4gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "71994F94-5279-4107-99F5-48990AE0C686",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2_nx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64C3FB58-08AA-4FE4-97BE-21B254BA229F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5DF55ABB-1B4F-452E-9D84-C01A638F88A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0AA5976-FD71-4A53-BD4F-D342E871FEB0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Bootloader contains a vulnerability in NVIDIA MB2 where a potential heap overflow might lead to denial of service or escalation of privileges."
},
{
"lang": "es",
"value": "El cargador de arranque contiene una vulnerabilidad en NVIDIA MB2 donde un potencial desbordamiento de pila podr\u00eda conllevar a una denegaci\u00f3n de servicio o una escalada de privilegios"
}
],
"id": "CVE-2021-34383",
"lastModified": "2024-11-21T06:10:16.950",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.5,
"impactScore": 5.9,
"source": "psirt@nvidia.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-06-30T11:15:08.800",
"references": [
{
"source": "psirt@nvidia.com",
"tags": [
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5205"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5205"
}
],
"sourceIdentifier": "psirt@nvidia.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-11-20 15:15
Modified
2024-11-21 05:43
Severity ?
4.1 (Medium) - CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:N
4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
Summary
NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to corrupt program data.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nvidia:dgx-1_p100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "47EAF1F2-41D7-4F6F-A6F4-CDC36F544204",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:dgx-1_v100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CBFD6294-13E6-4615-8BB0-7863CC5E62B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:dgx-2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2578180E-CD9E-4D45-B092-CEFDC3653878",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:dgx_station_a100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "96A05233-855C-4099-BF73-0D04F8F58A44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gt_605:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6A6FE1DB-4930-46B5-868D-4445EF312A33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gt_610:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B600A94B-877D-42BA-B4F7-360198F3ECF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gt_620:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36438CBB-37FB-455B-AE50-D68726E092BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gt_625:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EC98A0F7-89B0-4BE0-A6EE-58EA39781E53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gt_630:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B8C2CAC-B37E-47AD-AF02-C6BF5952DF87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gt_635:-:*:*:*:*:*:*:*",
"matchCriteriaId": "635D27CF-65F3-4166-867E-7FD25EEE5303",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gt_640:-:*:*:*:*:*:*:*",
"matchCriteriaId": "95DB79D1-C580-4A62-B177-7E47737147F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gt_705:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0225FE8D-16A7-4400-94F2-CE857D2255C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gt_710:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B72BBAC-CEBD-4405-B1EC-7535794FF5EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gt_720:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BCC9048C-F848-48AD-BD5D-59D36E684949",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gt_730:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2C9365F-B4A5-4EA2-917B-2F07457017EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gt_740:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21FE9995-2F38-4257-9FE1-2495D05D1993",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_1050:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D835EE77-6031-40D6-8305-F962F42E7018",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_1050_ti:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49C8D547-A817-4A62-9045-789843998A18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_1060:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F0ED6F8E-1F82-4C50-9EEF-A5F58DB440AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_1070:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E884CEDD-CAA5-489D-A526-B628BB3DE460",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_1070_ti:-:*:*:*:*:*:*:*",
"matchCriteriaId": "73F427BC-F15D-443D-B7F8-B0BB0C52C427",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_1080:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9E3455DE-4408-4603-86B2-5ECE76ED459C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_1080_ti:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57CA2FAC-9170-4E68-B6A6-E2CD9CCF0600",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_645:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C519FF2F-0AE9-4290-8115-F60EB9B830C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0D0E7C6F-C42F-40E1-9DF1-2ED17938DCC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_650_ti:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3A978D1E-BD96-4534-83FE-434F0157AB54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_650_ti_boost:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FCD9648-DA33-4F4F-9AC7-7FB826205729",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_660:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89B38FD5-B548-4BF7-8E35-37701320569C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_660_ti:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7AD0960F-EBEF-4876-8DC6-7B42B799105F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_670:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4A4F5E65-0E6F-47FD-8E5B-D00D5F82D467",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_680:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07F9F2F5-AE1B-4BE5-8D6B-D16967A208F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_690:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8416729C-0339-4B1C-99AC-C132D45744C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_745:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E733A3A-347E-4147-89AE-9EEC9B4DB787",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_750:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EDC42D37-5DDE-4545-A4B9-7701749C0982",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_750_ti:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7F2F1B32-CFEE-4417-843D-880302E4D6FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_760:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5176FD7-C3F6-4642-831C-1FE33D3E3B35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_760_ti:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F61534DC-EA6D-42E8-9AE5-AE6420906318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_770:-:*:*:*:*:*:*:*",
"matchCriteriaId": "530C2C04-A37D-442C-BB0E-BEA01864D73C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_780:-:*:*:*:*:*:*:*",
"matchCriteriaId": "22A5378C-2395-4D23-BD06-0995C5637857",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_780_ti:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D651C50E-63D1-4FC6-8EEA-095E17A1342A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_950:-:*:*:*:*:*:*:*",
"matchCriteriaId": "52379F40-A0B8-404F-8187-26D085F3568A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_960:-:*:*:*:*:*:*:*",
"matchCriteriaId": "29D0D308-1A59-4D8C-930C-2B480E718FB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_970:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B957ED4F-2A0E-4E6E-AF06-CC09722A4008",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_980:-:*:*:*:*:*:*:*",
"matchCriteriaId": "280BE7CC-3E8C-4630-BDA3-CFC409C2E5A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_titan_x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5A7ED258-77DC-45FA-B6AE-B9310049ECDE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:gtx_titan:-:*:*:*:*:*:*:*",
"matchCriteriaId": "114895F2-AE45-4A46-BCFF-FD7C2573D88B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:gtx_titan_black:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E4A83155-9EA1-4F67-803F-3F8F692C6729",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:gtx_titan_z:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FED1874A-9E4B-4725-A130-6CA872D491CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_agx_xavier_16gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0E081CB-B6EC-42DC-BA04-BCA13C17D190",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_agx_xavier_32gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F92D471-8E65-41FC-A5DE-255136F6F989",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_agx_xavier_8gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E29459F7-997A-4B87-9164-6E3B5158ADC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_nano:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B2B041F-21A8-4F0B-BBAF-7CDD8B911547",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_nano:-:*:-:*:*:*:*:*",
"matchCriteriaId": "9244F123-8518-4D81-AD26-5695F27F413B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_nano:-:*:developer_kit:*:*:*:*:*",
"matchCriteriaId": "80BF53A0-8FDF-4827-9C00-ED082C4A68C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "86D1FDAD-C594-43D9-9BF6-F7461177AB91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE9D4A55-A232-4AF2-B7E9-CD58D7D17479",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2_4gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "71994F94-5279-4107-99F5-48990AE0C686",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2_nx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64C3FB58-08AA-4FE4-97BE-21B254BA229F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5DF55ABB-1B4F-452E-9D84-C01A638F88A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0AA5976-FD71-4A53-BD4F-D342E871FEB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:developer_kit:*:*:*:*:*",
"matchCriteriaId": "3E54B955-F0E2-44BD-9B8C-3C788BBCF2A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:production:*:*:*:*:*",
"matchCriteriaId": "3E0C93C3-26F6-48E4-BADA-4DB05A7BA9D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:nvidia_hgx-2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D697CF9-CBAE-4E29-AA3C-50FEDEB4F20E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_gv100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A30CCD00-60D7-42B5-B88C-AF2BD81B796F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m1000m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3896B47E-8787-45D2-96B3-BF4892780F35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m1200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A1E9293F-C51A-40B0-9461-83A31366C8C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m2000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "316C9573-7C7D-4429-8563-B74FD752AC51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m2000m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6FEC13EF-BB2F-4ED2-BC8B-8234ABAEEE02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m2200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E607C924-1682-4348-B6BF-31912E3A3D13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m3000m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5E13B65-F61B-44D4-B1D7-1E96D9CB45BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m4000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76ABA317-6621-4D57-874F-307451EC9C2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m4000m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "477D72B5-A3EA-440A-B495-8A09E8564E8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F2B507EE-F005-4806-A8FC-8C8D9A31B0DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m5000m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DAD67DC6-AA36-4F93-B8DB-77EB8C153BCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m500m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E707A80B-6482-47DD-8BF3-6E58BC2C697A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m520:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F5E94B4-0DF1-4F79-87A0-C90A6131091B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m5500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0E8D2AC7-DC75-4BBA-BF4E-58BF88B49B11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m6000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ED233BC3-6982-41E1-9205-5159C17A4A56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m600m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7C186F38-89C7-4616-A424-201804F842C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m620:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB2D3A4D-0C03-402F-BB8A-2DE5AE14FDA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_p1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DFB1F23E-99C5-4FBC-9E9C-8AD8A05AE8C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_p2000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "05069DB9-7DD0-4FF1-8D98-8DC3A0B2AF77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_p2200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "02BC9134-0188-4F79-BAB6-77409617D752",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_p3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BC64DC02-91A7-4E10-9023-6932A4A14D77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_p3200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C91BB45E-C2BF-4B48-892B-82EF5710AA7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_p400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5E7CC54F-15FE-4ED8-AA5D-900AAFFAEEC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_p4000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8FBB9DDD-963E-4B10-B0BC-99588C82969F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_p4200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CECB5A97-0088-4ACD-9A9C-964D4C3DE699",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_p500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E57FD81-AC93-49BE-B0E1-FB5699CE7A52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_p5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DCDC421C-3B8F-4EAA-A2D4-14C14CD7F3DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_p520:-:*:*:*:*:*:*:*",
"matchCriteriaId": "453E0F78-7B35-42B2-B5FA-43ACE9F7602A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_p5200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "004D6C59-E6C9-4E0E-BBA8-8E3AD0F0BC1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_p600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BC5FA1F3-5D7E-4085-B5D3-D86CF5A6E412",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_p6000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "60176B23-2751-4415-A0D3-DF1BE640F6C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_p620:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3F9219FD-849D-4A0A-97F0-85492B4B2189",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:shield_tv:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49F85C44-6B7E-4B7C-AC8D-9D5727DFA0B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:shield_tv_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76300BC2-B496-4B4D-979B-6C56F590449A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:tesla_m10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "343850DA-E975-467A-99A2-852E24135DD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:tesla_m4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B8C459A6-EE1D-482F-BC23-866836870512",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:tesla_m40:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A6DDBF7C-C346-4515-AD0D-922E7E2F09E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:tesla_m6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2E92C2C2-1CF7-4531-B431-D67BF6049635",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:tesla_m60:-:*:*:*:*:*:*:*",
"matchCriteriaId": "44B63168-6671-4D31-A984-B0A0F71CB799",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:tesla_p100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6299665D-182A-4F2C-B451-1103B943CAE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:tesla_p4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EDCAD45A-986C-42AE-80F6-728E9427187C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:tesla_p40:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B4D9D634-1F0C-49A7-B680-24423CA6468E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:tesla_p6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "656DD5D8-A9DC-4A18-A444-C1D73580C6E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:tesla_v100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2CC382C-4F8D-471B-B525-DE28D60E14EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:tesla_v100s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E5E8719D-831E-4703-9989-A33782F4FFBE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:titan_v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8751F9FE-920A-4438-B0E3-F6F493B1B72C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:titan_x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FABA79A-A70A-40A5-ADA7-893EAB42FE9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:titan_xp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0C9A97E1-2F0F-495D-97E8-0538AAC066EE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to corrupt program data."
},
{
"lang": "es",
"value": "La GPU NVIDIA y el hardware Tegra contienen una vulnerabilidad en el microcontrolador interno que puede permitir a un usuario con altos privilegios corromper los datos del programa"
}
],
"id": "CVE-2021-1125",
"lastModified": "2024-11-21T05:43:38.677",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:C/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.5,
"impactScore": 3.6,
"source": "psirt@nvidia.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-11-20T15:15:07.790",
"references": [
{
"source": "psirt@nvidia.com",
"tags": [
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5263"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5263"
}
],
"sourceIdentifier": "psirt@nvidia.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-11-20 15:15
Modified
2024-11-21 06:10
Severity ?
4.1 (Medium) - CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Summary
NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to gain access to information from unscrubbed memory, which may lead to information disclosure.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nvidia:dgx-1_p100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "47EAF1F2-41D7-4F6F-A6F4-CDC36F544204",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:dgx-1_v100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CBFD6294-13E6-4615-8BB0-7863CC5E62B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:dgx-2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2578180E-CD9E-4D45-B092-CEFDC3653878",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:dgx_station_a100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "96A05233-855C-4099-BF73-0D04F8F58A44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:drive_constellation:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36517415-0642-4DF2-9CAF-CC73DFD301D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gt_605:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6A6FE1DB-4930-46B5-868D-4445EF312A33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gt_610:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B600A94B-877D-42BA-B4F7-360198F3ECF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gt_620:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36438CBB-37FB-455B-AE50-D68726E092BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gt_625:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EC98A0F7-89B0-4BE0-A6EE-58EA39781E53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gt_630:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B8C2CAC-B37E-47AD-AF02-C6BF5952DF87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gt_635:-:*:*:*:*:*:*:*",
"matchCriteriaId": "635D27CF-65F3-4166-867E-7FD25EEE5303",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gt_640:-:*:*:*:*:*:*:*",
"matchCriteriaId": "95DB79D1-C580-4A62-B177-7E47737147F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gt_705:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0225FE8D-16A7-4400-94F2-CE857D2255C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gt_710:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B72BBAC-CEBD-4405-B1EC-7535794FF5EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gt_720:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BCC9048C-F848-48AD-BD5D-59D36E684949",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gt_730:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2C9365F-B4A5-4EA2-917B-2F07457017EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gt_740:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21FE9995-2F38-4257-9FE1-2495D05D1993",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_1050:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D835EE77-6031-40D6-8305-F962F42E7018",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_1050_ti:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49C8D547-A817-4A62-9045-789843998A18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_1060:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F0ED6F8E-1F82-4C50-9EEF-A5F58DB440AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_1070:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E884CEDD-CAA5-489D-A526-B628BB3DE460",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_1070_ti:-:*:*:*:*:*:*:*",
"matchCriteriaId": "73F427BC-F15D-443D-B7F8-B0BB0C52C427",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_1080:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9E3455DE-4408-4603-86B2-5ECE76ED459C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_1080_ti:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57CA2FAC-9170-4E68-B6A6-E2CD9CCF0600",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_1650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2E8B18CF-58CF-48C8-A4AE-F6922E215E5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_1650_super:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FD84C049-7F87-4C92-9FCB-7BD7382E25E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_1660:-:*:*:*:*:*:*:*",
"matchCriteriaId": "573887F7-E422-48AA-8205-56166D81536C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_1660_super:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA37A3BB-35DF-4863-9A95-29B631587DB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_1660_ti:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3913E75-6B38-498F-9C6A-A4A8B752D5BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_645:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C519FF2F-0AE9-4290-8115-F60EB9B830C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0D0E7C6F-C42F-40E1-9DF1-2ED17938DCC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_650_ti:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3A978D1E-BD96-4534-83FE-434F0157AB54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_650_ti_boost:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FCD9648-DA33-4F4F-9AC7-7FB826205729",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_660:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89B38FD5-B548-4BF7-8E35-37701320569C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_660_ti:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7AD0960F-EBEF-4876-8DC6-7B42B799105F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_670:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4A4F5E65-0E6F-47FD-8E5B-D00D5F82D467",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_680:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07F9F2F5-AE1B-4BE5-8D6B-D16967A208F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_690:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8416729C-0339-4B1C-99AC-C132D45744C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_745:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E733A3A-347E-4147-89AE-9EEC9B4DB787",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_750:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EDC42D37-5DDE-4545-A4B9-7701749C0982",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_750_ti:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7F2F1B32-CFEE-4417-843D-880302E4D6FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_760:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5176FD7-C3F6-4642-831C-1FE33D3E3B35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_760_ti:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F61534DC-EA6D-42E8-9AE5-AE6420906318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_770:-:*:*:*:*:*:*:*",
"matchCriteriaId": "530C2C04-A37D-442C-BB0E-BEA01864D73C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_780:-:*:*:*:*:*:*:*",
"matchCriteriaId": "22A5378C-2395-4D23-BD06-0995C5637857",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_780_ti:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D651C50E-63D1-4FC6-8EEA-095E17A1342A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_950:-:*:*:*:*:*:*:*",
"matchCriteriaId": "52379F40-A0B8-404F-8187-26D085F3568A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_960:-:*:*:*:*:*:*:*",
"matchCriteriaId": "29D0D308-1A59-4D8C-930C-2B480E718FB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_970:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B957ED4F-2A0E-4E6E-AF06-CC09722A4008",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_980:-:*:*:*:*:*:*:*",
"matchCriteriaId": "280BE7CC-3E8C-4630-BDA3-CFC409C2E5A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_titan_x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5A7ED258-77DC-45FA-B6AE-B9310049ECDE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_rtx_2060:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5743279-2E97-4D92-A43B-732B9AE0979C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_rtx_2060_super:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A54F1D17-30C3-4912-858B-B656AE636C58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_rtx_2070:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9472E1FC-B22D-437B-A62E-9476A903F2BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_rtx_2070_super:-:*:*:*:*:*:*:*",
"matchCriteriaId": "483E83C0-FD09-4473-8036-A2E1C362A2E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_rtx_2080:-:*:*:*:*:*:*:*",
"matchCriteriaId": "88DEB01F-0C63-4EA1-878A-2DC9701DAA41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_rtx_2080_super:-:*:*:*:*:*:*:*",
"matchCriteriaId": "633AB383-A5D6-4F0F-A973-FE777117A856",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_rtx_2080_ti:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0BF0DE98-5862-4738-A8D5-06C9599B5317",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:gtx_titan:-:*:*:*:*:*:*:*",
"matchCriteriaId": "114895F2-AE45-4A46-BCFF-FD7C2573D88B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:gtx_titan_black:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E4A83155-9EA1-4F67-803F-3F8F692C6729",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:gtx_titan_z:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FED1874A-9E4B-4725-A130-6CA872D491CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_agx_xavier_16gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0E081CB-B6EC-42DC-BA04-BCA13C17D190",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_agx_xavier_32gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F92D471-8E65-41FC-A5DE-255136F6F989",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_agx_xavier_8gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E29459F7-997A-4B87-9164-6E3B5158ADC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_nano:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B2B041F-21A8-4F0B-BBAF-7CDD8B911547",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_nano:-:*:-:*:*:*:*:*",
"matchCriteriaId": "9244F123-8518-4D81-AD26-5695F27F413B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_nano:-:*:developer_kit:*:*:*:*:*",
"matchCriteriaId": "80BF53A0-8FDF-4827-9C00-ED082C4A68C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "86D1FDAD-C594-43D9-9BF6-F7461177AB91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE9D4A55-A232-4AF2-B7E9-CD58D7D17479",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2_4gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "71994F94-5279-4107-99F5-48990AE0C686",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2_nx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64C3FB58-08AA-4FE4-97BE-21B254BA229F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5DF55ABB-1B4F-452E-9D84-C01A638F88A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0AA5976-FD71-4A53-BD4F-D342E871FEB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:developer_kit:*:*:*:*:*",
"matchCriteriaId": "3E54B955-F0E2-44BD-9B8C-3C788BBCF2A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:production:*:*:*:*:*",
"matchCriteriaId": "3E0C93C3-26F6-48E4-BADA-4DB05A7BA9D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:nvidia_hgx-2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D697CF9-CBAE-4E29-AA3C-50FEDEB4F20E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:nvidia_t1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "284CDDF2-12D5-4A35-9A1F-496E9112F798",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:nvidia_t2000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "98CD730F-BBB7-4EE0-93B5-88555B9494B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:nvidia_t4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1292795D-A6ED-40D6-BE2D-D396909C5D59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:nvidia_t400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80AA0372-BA25-4C5E-B464-13AB660D1D98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:nvidia_t600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6A7C069-DE2C-4390-8B2C-8A3175D692F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_gv100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A30CCD00-60D7-42B5-B88C-AF2BD81B796F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m1000m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3896B47E-8787-45D2-96B3-BF4892780F35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m1200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A1E9293F-C51A-40B0-9461-83A31366C8C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m2000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "316C9573-7C7D-4429-8563-B74FD752AC51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m2000m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6FEC13EF-BB2F-4ED2-BC8B-8234ABAEEE02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m2200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E607C924-1682-4348-B6BF-31912E3A3D13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m3000m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5E13B65-F61B-44D4-B1D7-1E96D9CB45BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m4000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76ABA317-6621-4D57-874F-307451EC9C2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m4000m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "477D72B5-A3EA-440A-B495-8A09E8564E8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F2B507EE-F005-4806-A8FC-8C8D9A31B0DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m5000m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DAD67DC6-AA36-4F93-B8DB-77EB8C153BCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m500m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E707A80B-6482-47DD-8BF3-6E58BC2C697A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m520:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F5E94B4-0DF1-4F79-87A0-C90A6131091B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m5500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0E8D2AC7-DC75-4BBA-BF4E-58BF88B49B11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m6000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ED233BC3-6982-41E1-9205-5159C17A4A56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m600m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7C186F38-89C7-4616-A424-201804F842C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m620:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB2D3A4D-0C03-402F-BB8A-2DE5AE14FDA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_p1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DFB1F23E-99C5-4FBC-9E9C-8AD8A05AE8C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_p2000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "05069DB9-7DD0-4FF1-8D98-8DC3A0B2AF77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_p2200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "02BC9134-0188-4F79-BAB6-77409617D752",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_p3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BC64DC02-91A7-4E10-9023-6932A4A14D77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_p3200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C91BB45E-C2BF-4B48-892B-82EF5710AA7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_p400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5E7CC54F-15FE-4ED8-AA5D-900AAFFAEEC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_p4000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8FBB9DDD-963E-4B10-B0BC-99588C82969F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_p4200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CECB5A97-0088-4ACD-9A9C-964D4C3DE699",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_p500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E57FD81-AC93-49BE-B0E1-FB5699CE7A52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_p5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DCDC421C-3B8F-4EAA-A2D4-14C14CD7F3DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_p520:-:*:*:*:*:*:*:*",
"matchCriteriaId": "453E0F78-7B35-42B2-B5FA-43ACE9F7602A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_p5200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "004D6C59-E6C9-4E0E-BBA8-8E3AD0F0BC1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_p600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BC5FA1F3-5D7E-4085-B5D3-D86CF5A6E412",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_p6000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "60176B23-2751-4415-A0D3-DF1BE640F6C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_p620:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3F9219FD-849D-4A0A-97F0-85492B4B2189",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_rtx_3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7F4AB1BC-2B82-4C12-96B0-B269462032B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_rtx_4000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "323643CB-D03C-47D1-9FAF-0A5C0777DF61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_rtx_5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A5175F77-1E61-4296-AFDD-F00D1C0B5560",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_rtx_6000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F06F4994-5EDF-4652-B673-4F90907994DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_rtx_8000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66216B9A-F79D-4681-BBC4-6F5D80A3E5EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_t1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "33D439F5-86EC-47FC-826A-229C028EB149",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_t2000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD476101-4981-46F9-9898-717701C0CAE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_t400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "85351FD4-28CD-4392-B154-90E4DE270F7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_t600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "109B8099-C1AD-4695-877A-13B4301FEBB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:shield_tv:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49F85C44-6B7E-4B7C-AC8D-9D5727DFA0B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:shield_tv_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76300BC2-B496-4B4D-979B-6C56F590449A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:tesla_m10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "343850DA-E975-467A-99A2-852E24135DD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:tesla_m4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B8C459A6-EE1D-482F-BC23-866836870512",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:tesla_m40:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A6DDBF7C-C346-4515-AD0D-922E7E2F09E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:tesla_m6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2E92C2C2-1CF7-4531-B431-D67BF6049635",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:tesla_m60:-:*:*:*:*:*:*:*",
"matchCriteriaId": "44B63168-6671-4D31-A984-B0A0F71CB799",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:tesla_p100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6299665D-182A-4F2C-B451-1103B943CAE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:tesla_p4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EDCAD45A-986C-42AE-80F6-728E9427187C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:tesla_p40:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B4D9D634-1F0C-49A7-B680-24423CA6468E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:tesla_p6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "656DD5D8-A9DC-4A18-A444-C1D73580C6E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:tesla_v100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2CC382C-4F8D-471B-B525-DE28D60E14EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:tesla_v100s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E5E8719D-831E-4703-9989-A33782F4FFBE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:titan_rtx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C494A0AF-5DBF-47BE-8156-3CB876BAE779",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:titan_v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8751F9FE-920A-4438-B0E3-F6F493B1B72C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:titan_x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FABA79A-A70A-40A5-ADA7-893EAB42FE9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:titan_xp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0C9A97E1-2F0F-495D-97E8-0538AAC066EE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to gain access to information from unscrubbed memory, which may lead to information disclosure."
},
{
"lang": "es",
"value": "La GPU NVIDIA y el hardware Tegra contienen una vulnerabilidad en el microcontrolador interno que puede permitir a un usuario con altos privilegios acceder a informaci\u00f3n de la memoria no depurada, que puede conllevar a una divulgaci\u00f3n de informaci\u00f3n"
}
],
"id": "CVE-2021-34400",
"lastModified": "2024-11-21T06:10:19.293",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.5,
"impactScore": 3.6,
"source": "psirt@nvidia.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-11-20T15:15:08.033",
"references": [
{
"source": "psirt@nvidia.com",
"tags": [
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5263"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5263"
}
],
"sourceIdentifier": "psirt@nvidia.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-11-20 15:15
Modified
2024-11-21 05:51
Severity ?
4.1 (Medium) - CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
4.1 (Medium) - CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
4.1 (Medium) - CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
Summary
NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller, which may allow a user with elevated privileges to access protected information by identifying, exploiting, and loading vulnerable microcode. Such an attack may lead to information disclosure.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nvidia:dgx-1_p100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "47EAF1F2-41D7-4F6F-A6F4-CDC36F544204",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:dgx-1_v100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CBFD6294-13E6-4615-8BB0-7863CC5E62B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:dgx-2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2578180E-CD9E-4D45-B092-CEFDC3653878",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:dgx_station_a100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "96A05233-855C-4099-BF73-0D04F8F58A44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:drive_constellation:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36517415-0642-4DF2-9CAF-CC73DFD301D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gt_605:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6A6FE1DB-4930-46B5-868D-4445EF312A33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gt_610:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B600A94B-877D-42BA-B4F7-360198F3ECF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gt_620:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36438CBB-37FB-455B-AE50-D68726E092BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gt_625:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EC98A0F7-89B0-4BE0-A6EE-58EA39781E53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gt_630:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B8C2CAC-B37E-47AD-AF02-C6BF5952DF87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gt_635:-:*:*:*:*:*:*:*",
"matchCriteriaId": "635D27CF-65F3-4166-867E-7FD25EEE5303",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gt_640:-:*:*:*:*:*:*:*",
"matchCriteriaId": "95DB79D1-C580-4A62-B177-7E47737147F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gt_705:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0225FE8D-16A7-4400-94F2-CE857D2255C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gt_710:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B72BBAC-CEBD-4405-B1EC-7535794FF5EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gt_720:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BCC9048C-F848-48AD-BD5D-59D36E684949",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gt_730:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2C9365F-B4A5-4EA2-917B-2F07457017EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gt_740:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21FE9995-2F38-4257-9FE1-2495D05D1993",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_1050:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D835EE77-6031-40D6-8305-F962F42E7018",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_1050_ti:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49C8D547-A817-4A62-9045-789843998A18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_1060:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F0ED6F8E-1F82-4C50-9EEF-A5F58DB440AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_1070:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E884CEDD-CAA5-489D-A526-B628BB3DE460",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_1070_ti:-:*:*:*:*:*:*:*",
"matchCriteriaId": "73F427BC-F15D-443D-B7F8-B0BB0C52C427",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_1080:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9E3455DE-4408-4603-86B2-5ECE76ED459C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_1080_ti:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57CA2FAC-9170-4E68-B6A6-E2CD9CCF0600",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_1650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2E8B18CF-58CF-48C8-A4AE-F6922E215E5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_1650_super:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FD84C049-7F87-4C92-9FCB-7BD7382E25E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_1660:-:*:*:*:*:*:*:*",
"matchCriteriaId": "573887F7-E422-48AA-8205-56166D81536C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_1660_super:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA37A3BB-35DF-4863-9A95-29B631587DB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_1660_ti:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3913E75-6B38-498F-9C6A-A4A8B752D5BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_645:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C519FF2F-0AE9-4290-8115-F60EB9B830C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0D0E7C6F-C42F-40E1-9DF1-2ED17938DCC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_650_ti:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3A978D1E-BD96-4534-83FE-434F0157AB54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_650_ti_boost:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FCD9648-DA33-4F4F-9AC7-7FB826205729",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_660:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89B38FD5-B548-4BF7-8E35-37701320569C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_660_ti:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7AD0960F-EBEF-4876-8DC6-7B42B799105F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_670:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4A4F5E65-0E6F-47FD-8E5B-D00D5F82D467",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_680:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07F9F2F5-AE1B-4BE5-8D6B-D16967A208F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_690:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8416729C-0339-4B1C-99AC-C132D45744C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_745:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E733A3A-347E-4147-89AE-9EEC9B4DB787",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_750:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EDC42D37-5DDE-4545-A4B9-7701749C0982",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_750_ti:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7F2F1B32-CFEE-4417-843D-880302E4D6FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_760:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5176FD7-C3F6-4642-831C-1FE33D3E3B35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_760_ti:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F61534DC-EA6D-42E8-9AE5-AE6420906318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_770:-:*:*:*:*:*:*:*",
"matchCriteriaId": "530C2C04-A37D-442C-BB0E-BEA01864D73C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_780:-:*:*:*:*:*:*:*",
"matchCriteriaId": "22A5378C-2395-4D23-BD06-0995C5637857",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_780_ti:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D651C50E-63D1-4FC6-8EEA-095E17A1342A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_950:-:*:*:*:*:*:*:*",
"matchCriteriaId": "52379F40-A0B8-404F-8187-26D085F3568A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_960:-:*:*:*:*:*:*:*",
"matchCriteriaId": "29D0D308-1A59-4D8C-930C-2B480E718FB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_970:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B957ED4F-2A0E-4E6E-AF06-CC09722A4008",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_980:-:*:*:*:*:*:*:*",
"matchCriteriaId": "280BE7CC-3E8C-4630-BDA3-CFC409C2E5A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_titan_x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5A7ED258-77DC-45FA-B6AE-B9310049ECDE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_rtx_2060:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5743279-2E97-4D92-A43B-732B9AE0979C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_rtx_2060_super:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A54F1D17-30C3-4912-858B-B656AE636C58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_rtx_2070:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9472E1FC-B22D-437B-A62E-9476A903F2BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_rtx_2070_super:-:*:*:*:*:*:*:*",
"matchCriteriaId": "483E83C0-FD09-4473-8036-A2E1C362A2E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_rtx_2080:-:*:*:*:*:*:*:*",
"matchCriteriaId": "88DEB01F-0C63-4EA1-878A-2DC9701DAA41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_rtx_2080_super:-:*:*:*:*:*:*:*",
"matchCriteriaId": "633AB383-A5D6-4F0F-A973-FE777117A856",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_rtx_2080_ti:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0BF0DE98-5862-4738-A8D5-06C9599B5317",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:gtx_titan:-:*:*:*:*:*:*:*",
"matchCriteriaId": "114895F2-AE45-4A46-BCFF-FD7C2573D88B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:gtx_titan_black:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E4A83155-9EA1-4F67-803F-3F8F692C6729",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:gtx_titan_z:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FED1874A-9E4B-4725-A130-6CA872D491CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_agx_xavier_16gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0E081CB-B6EC-42DC-BA04-BCA13C17D190",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_agx_xavier_32gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F92D471-8E65-41FC-A5DE-255136F6F989",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_agx_xavier_8gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E29459F7-997A-4B87-9164-6E3B5158ADC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_nano:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B2B041F-21A8-4F0B-BBAF-7CDD8B911547",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_nano:-:*:-:*:*:*:*:*",
"matchCriteriaId": "9244F123-8518-4D81-AD26-5695F27F413B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_nano:-:*:developer_kit:*:*:*:*:*",
"matchCriteriaId": "80BF53A0-8FDF-4827-9C00-ED082C4A68C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "86D1FDAD-C594-43D9-9BF6-F7461177AB91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE9D4A55-A232-4AF2-B7E9-CD58D7D17479",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2_4gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "71994F94-5279-4107-99F5-48990AE0C686",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2_nx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64C3FB58-08AA-4FE4-97BE-21B254BA229F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5DF55ABB-1B4F-452E-9D84-C01A638F88A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0AA5976-FD71-4A53-BD4F-D342E871FEB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:developer_kit:*:*:*:*:*",
"matchCriteriaId": "3E54B955-F0E2-44BD-9B8C-3C788BBCF2A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:production:*:*:*:*:*",
"matchCriteriaId": "3E0C93C3-26F6-48E4-BADA-4DB05A7BA9D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:nvidia_hgx-2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D697CF9-CBAE-4E29-AA3C-50FEDEB4F20E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:nvidia_t1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "284CDDF2-12D5-4A35-9A1F-496E9112F798",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:nvidia_t2000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "98CD730F-BBB7-4EE0-93B5-88555B9494B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:nvidia_t4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1292795D-A6ED-40D6-BE2D-D396909C5D59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:nvidia_t400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80AA0372-BA25-4C5E-B464-13AB660D1D98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:nvidia_t600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6A7C069-DE2C-4390-8B2C-8A3175D692F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_gv100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A30CCD00-60D7-42B5-B88C-AF2BD81B796F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m1000m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3896B47E-8787-45D2-96B3-BF4892780F35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m1200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A1E9293F-C51A-40B0-9461-83A31366C8C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m2000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "316C9573-7C7D-4429-8563-B74FD752AC51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m2000m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6FEC13EF-BB2F-4ED2-BC8B-8234ABAEEE02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m2200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E607C924-1682-4348-B6BF-31912E3A3D13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m3000m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5E13B65-F61B-44D4-B1D7-1E96D9CB45BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m4000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76ABA317-6621-4D57-874F-307451EC9C2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m4000m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "477D72B5-A3EA-440A-B495-8A09E8564E8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F2B507EE-F005-4806-A8FC-8C8D9A31B0DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m5000m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DAD67DC6-AA36-4F93-B8DB-77EB8C153BCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m500m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E707A80B-6482-47DD-8BF3-6E58BC2C697A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m520:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F5E94B4-0DF1-4F79-87A0-C90A6131091B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m5500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0E8D2AC7-DC75-4BBA-BF4E-58BF88B49B11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m6000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ED233BC3-6982-41E1-9205-5159C17A4A56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m600m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7C186F38-89C7-4616-A424-201804F842C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m620:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB2D3A4D-0C03-402F-BB8A-2DE5AE14FDA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_p1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DFB1F23E-99C5-4FBC-9E9C-8AD8A05AE8C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_p2000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "05069DB9-7DD0-4FF1-8D98-8DC3A0B2AF77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_p2200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "02BC9134-0188-4F79-BAB6-77409617D752",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_p3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BC64DC02-91A7-4E10-9023-6932A4A14D77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_p3200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C91BB45E-C2BF-4B48-892B-82EF5710AA7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_p400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5E7CC54F-15FE-4ED8-AA5D-900AAFFAEEC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_p4000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8FBB9DDD-963E-4B10-B0BC-99588C82969F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_p4200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CECB5A97-0088-4ACD-9A9C-964D4C3DE699",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_p500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E57FD81-AC93-49BE-B0E1-FB5699CE7A52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_p5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DCDC421C-3B8F-4EAA-A2D4-14C14CD7F3DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_p520:-:*:*:*:*:*:*:*",
"matchCriteriaId": "453E0F78-7B35-42B2-B5FA-43ACE9F7602A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_p5200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "004D6C59-E6C9-4E0E-BBA8-8E3AD0F0BC1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_p600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BC5FA1F3-5D7E-4085-B5D3-D86CF5A6E412",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_p6000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "60176B23-2751-4415-A0D3-DF1BE640F6C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_p620:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3F9219FD-849D-4A0A-97F0-85492B4B2189",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_rtx_3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7F4AB1BC-2B82-4C12-96B0-B269462032B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_rtx_4000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "323643CB-D03C-47D1-9FAF-0A5C0777DF61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_rtx_5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A5175F77-1E61-4296-AFDD-F00D1C0B5560",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_rtx_6000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F06F4994-5EDF-4652-B673-4F90907994DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_rtx_8000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66216B9A-F79D-4681-BBC4-6F5D80A3E5EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_t1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "33D439F5-86EC-47FC-826A-229C028EB149",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_t2000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD476101-4981-46F9-9898-717701C0CAE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_t400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "85351FD4-28CD-4392-B154-90E4DE270F7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_t600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "109B8099-C1AD-4695-877A-13B4301FEBB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:shield_tv:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49F85C44-6B7E-4B7C-AC8D-9D5727DFA0B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:shield_tv_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76300BC2-B496-4B4D-979B-6C56F590449A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:tesla_m10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "343850DA-E975-467A-99A2-852E24135DD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:tesla_m4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B8C459A6-EE1D-482F-BC23-866836870512",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:tesla_m40:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A6DDBF7C-C346-4515-AD0D-922E7E2F09E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:tesla_m6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2E92C2C2-1CF7-4531-B431-D67BF6049635",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:tesla_m60:-:*:*:*:*:*:*:*",
"matchCriteriaId": "44B63168-6671-4D31-A984-B0A0F71CB799",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:tesla_p100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6299665D-182A-4F2C-B451-1103B943CAE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:tesla_p4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EDCAD45A-986C-42AE-80F6-728E9427187C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:tesla_p40:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B4D9D634-1F0C-49A7-B680-24423CA6468E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:tesla_p6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "656DD5D8-A9DC-4A18-A444-C1D73580C6E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:tesla_v100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2CC382C-4F8D-471B-B525-DE28D60E14EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:tesla_v100s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E5E8719D-831E-4703-9989-A33782F4FFBE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:titan_rtx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C494A0AF-5DBF-47BE-8156-3CB876BAE779",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:titan_v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8751F9FE-920A-4438-B0E3-F6F493B1B72C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:titan_x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FABA79A-A70A-40A5-ADA7-893EAB42FE9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:titan_xp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0C9A97E1-2F0F-495D-97E8-0538AAC066EE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller, which may allow a user with elevated privileges to access protected information by identifying, exploiting, and loading vulnerable microcode. Such an attack may lead to information disclosure."
},
{
"lang": "es",
"value": "La GPU NVIDIA y el hardware Tegra contienen una vulnerabilidad en el microcontrolador interno que puede permitir a un usuario con privilegios elevados acceder a informaci\u00f3n protegida identificando, explotando y cargando microc\u00f3digo vulnerable. Un ataque de este tipo puede conducir a la divulgaci\u00f3n de informaci\u00f3n"
}
],
"id": "CVE-2021-23219",
"lastModified": "2024-11-21T05:51:23.760",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 1.9,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.5,
"impactScore": 3.6,
"source": "psirt@nvidia.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.5,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-11-20T15:15:07.933",
"references": [
{
"source": "psirt@nvidia.com",
"tags": [
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5263"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5263"
}
],
"sourceIdentifier": "psirt@nvidia.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-06-22 22:15
Modified
2024-11-21 06:10
Severity ?
3.0 (Low) - CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:L
2.3 (Low) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L
2.3 (Low) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L
Summary
Bootloader contains a vulnerability in access permission settings where unauthorized software may be able to overwrite NVIDIA MB2 code, which would result in limited denial of service.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| nvidia | jetson_linux | * | |
| nvidia | jetson_tx2 | - | |
| nvidia | jetson_tx2_4gb | - | |
| nvidia | jetson_tx2_nx | - | |
| nvidia | jetson_tx2i | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nvidia:jetson_linux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E8941F71-0292-414E-AEA5-DD55EA3C2009",
"versionEndExcluding": "32.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE9D4A55-A232-4AF2-B7E9-CD58D7D17479",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2_4gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "71994F94-5279-4107-99F5-48990AE0C686",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2_nx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64C3FB58-08AA-4FE4-97BE-21B254BA229F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5DF55ABB-1B4F-452E-9D84-C01A638F88A0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Bootloader contains a vulnerability in access permission settings where unauthorized software may be able to overwrite NVIDIA MB2 code, which would result in limited denial of service."
},
{
"lang": "es",
"value": "El cargador de arranque contiene una vulnerabilidad en la configuraci\u00f3n de los permisos de acceso donde el software no autorizado podr\u00eda sobrescribir el c\u00f3digo NVIDIA MB2, lo que podr\u00eda resultar en una denegaci\u00f3n de servicio limitada"
}
],
"id": "CVE-2021-34396",
"lastModified": "2024-11-21T06:10:18.710",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 3.0,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 0.5,
"impactScore": 2.5,
"source": "psirt@nvidia.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 2.3,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-06-22T22:15:09.400",
"references": [
{
"source": "psirt@nvidia.com",
"tags": [
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5205"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5205"
}
],
"sourceIdentifier": "psirt@nvidia.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-06-22 22:15
Modified
2024-11-21 06:10
Severity ?
4.2 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N
4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Summary
Trusty contains a vulnerability in TSEC TA which deserializes the incoming messages even though the TSEC TA does not expose any command. This vulnerability might allow an attacker to exploit the deserializer to impact code execution, causing information disclosure.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| nvidia | jetson_linux | * | |
| nvidia | jetson_agx_xavier_16gb | - | |
| nvidia | jetson_agx_xavier_32gb | - | |
| nvidia | jetson_agx_xavier_8gb | - | |
| nvidia | jetson_tx1 | - | |
| nvidia | jetson_tx2 | - | |
| nvidia | jetson_tx2_4gb | - | |
| nvidia | jetson_tx2_nx | - | |
| nvidia | jetson_tx2i | - | |
| nvidia | jetson_xavier_nx | - | |
| nvidia | jetson_xavier_nx | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nvidia:jetson_linux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E8941F71-0292-414E-AEA5-DD55EA3C2009",
"versionEndExcluding": "32.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nvidia:jetson_agx_xavier_16gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0E081CB-B6EC-42DC-BA04-BCA13C17D190",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_agx_xavier_32gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F92D471-8E65-41FC-A5DE-255136F6F989",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_agx_xavier_8gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E29459F7-997A-4B87-9164-6E3B5158ADC3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "86D1FDAD-C594-43D9-9BF6-F7461177AB91",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE9D4A55-A232-4AF2-B7E9-CD58D7D17479",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2_4gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "71994F94-5279-4107-99F5-48990AE0C686",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2_nx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64C3FB58-08AA-4FE4-97BE-21B254BA229F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5DF55ABB-1B4F-452E-9D84-C01A638F88A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:developer_kit:*:*:*:*:*",
"matchCriteriaId": "3E54B955-F0E2-44BD-9B8C-3C788BBCF2A9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:production:*:*:*:*:*",
"matchCriteriaId": "3E0C93C3-26F6-48E4-BADA-4DB05A7BA9D1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Trusty contains a vulnerability in TSEC TA which deserializes the incoming messages even though the TSEC TA does not expose any command. This vulnerability might allow an attacker to exploit the deserializer to impact code execution, causing information disclosure."
},
{
"lang": "es",
"value": "Trusty contiene una vulnerabilidad en TSEC TA que deserializa los mensajes entrantes incluso aunque el TSEC TA no exponga ning\u00fan comando. Esta vulnerabilidad podr\u00eda permitir a un atacante explotar el deserializador para impactar en la ejecuci\u00f3n de c\u00f3digo, causando divulgaci\u00f3n de informaci\u00f3n"
}
],
"id": "CVE-2021-34393",
"lastModified": "2024-11-21T06:10:18.307",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.6,
"impactScore": 3.6,
"source": "psirt@nvidia.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-06-22T22:15:09.210",
"references": [
{
"source": "psirt@nvidia.com",
"tags": [
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5205"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5205"
}
],
"sourceIdentifier": "psirt@nvidia.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-502"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-06-23 18:15
Modified
2024-11-21 07:49
Severity ?
4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
NVIDIA Jetson Linux Driver Package contains a vulnerability in nvbootctrl, where a privileged local attacker can configure invalid settings, resulting in denial of service.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| nvidia | jetson_linux | * | |
| nvidia | jetson_agx_xavier | - | |
| nvidia | jetson_tx2 | - | |
| nvidia | jetson_tx2_nx | - | |
| nvidia | jetson_xavier_nx | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nvidia:jetson_linux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4F98866A-11A7-4529-B67F-106637A95767",
"versionEndExcluding": "32.7.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nvidia:jetson_agx_xavier:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5DD3D2AA-2A9F-470D-BB0F-A7B7C2EC2490",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE9D4A55-A232-4AF2-B7E9-CD58D7D17479",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2_nx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64C3FB58-08AA-4FE4-97BE-21B254BA229F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0AA5976-FD71-4A53-BD4F-D342E871FEB0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "\nNVIDIA Jetson Linux Driver Package contains a vulnerability in nvbootctrl, where a privileged local attacker can configure invalid settings, resulting in denial of service.\n\n"
}
],
"id": "CVE-2023-25520",
"lastModified": "2024-11-21T07:49:39.520",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6,
"source": "psirt@nvidia.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-06-23T18:15:11.033",
"references": [
{
"source": "psirt@nvidia.com",
"tags": [
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5466"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5466"
}
],
"sourceIdentifier": "psirt@nvidia.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "psirt@nvidia.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-08-11 22:15
Modified
2024-11-21 05:43
Severity ?
4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Summary
NVIDIA Linux kernel distributions contain a vulnerability in the kernel crypto node, where use after free may lead to complete denial of service.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| nvidia | jetson_linux | * | |
| nvidia | jetson_agx_xavier | - | |
| nvidia | jetson_tx2 | - | |
| nvidia | jetson_tx2_nx | - | |
| nvidia | jetson_xavier_nx | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nvidia:jetson_linux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9E69A431-2B5A-4718-BCD2-CA2D1077641B",
"versionEndExcluding": "32.6.1",
"versionStartIncluding": "32.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nvidia:jetson_agx_xavier:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5DD3D2AA-2A9F-470D-BB0F-A7B7C2EC2490",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE9D4A55-A232-4AF2-B7E9-CD58D7D17479",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2_nx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64C3FB58-08AA-4FE4-97BE-21B254BA229F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0AA5976-FD71-4A53-BD4F-D342E871FEB0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "NVIDIA Linux kernel distributions contain a vulnerability in the kernel crypto node, where use after free may lead to complete denial of service."
},
{
"lang": "es",
"value": "Las distribuciones del kernel de Linux de NVIDIA contienen una vulnerabilidad en el nodo criptogr\u00e1fico del kernel, donde un uso de memoria previamente liberada puede conllevar a una denegaci\u00f3n de servicio completa"
}
],
"id": "CVE-2021-1114",
"lastModified": "2024-11-21T05:43:37.500",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6,
"source": "psirt@nvidia.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-08-11T22:15:08.537",
"references": [
{
"source": "psirt@nvidia.com",
"tags": [
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5216"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5216"
}
],
"sourceIdentifier": "psirt@nvidia.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-04-27 18:15
Modified
2024-11-21 06:56
Severity ?
4.6 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:L
4.6 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:L
4.6 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:L
Summary
NVIDIA Jetson Linux Driver Package contains a vulnerability in the Cboot blob_decompress function, where insufficient validation of untrusted data may allow a local attacker with elevated privileges to cause a memory buffer overflow, which may lead to code execution, limited loss of Integrity, and limited denial of service. The scope of impact can extend to other components.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| nvidia | jetson_linux | * | |
| nvidia | jetson_agx_xavier | - | |
| nvidia | jetson_tx2 | - | |
| nvidia | jetson_tx2_nx | - | |
| nvidia | jetson_xavier_nx | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nvidia:jetson_linux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5C65BE02-61B8-4A4D-84A8-52BCA6895C34",
"versionEndExcluding": "32.7.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nvidia:jetson_agx_xavier:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5DD3D2AA-2A9F-470D-BB0F-A7B7C2EC2490",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE9D4A55-A232-4AF2-B7E9-CD58D7D17479",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2_nx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64C3FB58-08AA-4FE4-97BE-21B254BA229F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0AA5976-FD71-4A53-BD4F-D342E871FEB0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "NVIDIA Jetson Linux Driver Package contains a vulnerability in the Cboot blob_decompress function, where insufficient validation of untrusted data may allow a local attacker with elevated privileges to cause a memory buffer overflow, which may lead to code execution, limited loss of Integrity, and limited denial of service. The scope of impact can extend to other components."
},
{
"lang": "es",
"value": "El paquete de controladores de NVIDIA Jetson para Linux contiene una vulnerabilidad en la funci\u00f3n Cboot blob_decompress, en la que una validaci\u00f3n insuficiente de los datos que no son de confianza puede permitir a un atacante local con privilegios elevados provocar un desbordamiento del b\u00fafer de memoria, lo que puede conducir a la ejecuci\u00f3n de c\u00f3digo, una p\u00e9rdida limitada de integridad y una denegaci\u00f3n de servicio limitada. El alcance del impacto puede extenderse a otros componentes"
}
],
"id": "CVE-2022-28196",
"lastModified": "2024-11-21T06:56:55.917",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 3.6,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 1.5,
"impactScore": 2.7,
"source": "psirt@nvidia.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 1.5,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-04-27T18:15:08.097",
"references": [
{
"source": "psirt@nvidia.com",
"tags": [
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5343"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5343"
}
],
"sourceIdentifier": "psirt@nvidia.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "psirt@nvidia.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-08-11 22:15
Modified
2024-11-21 05:43
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
NVIDIA Linux kernel distributions contain a vulnerability in nvmap NVMAP_IOC_WRITE* paths, where improper access controls may lead to code execution, complete denial of service, and seriously compromised integrity of all system components.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| nvidia | jetson_linux | * | |
| nvidia | jetson_agx_xavier | - | |
| nvidia | jetson_nano | - | |
| nvidia | jetson_nano_2gb | - | |
| nvidia | jetson_tx1 | - | |
| nvidia | jetson_tx2 | - | |
| nvidia | jetson_tx2_nx | - | |
| nvidia | jetson_xavier_nx | - | |
| nvidia | shield_experience | * | |
| nvidia | shield_tv | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nvidia:jetson_linux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9E69A431-2B5A-4718-BCD2-CA2D1077641B",
"versionEndExcluding": "32.6.1",
"versionStartIncluding": "32.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nvidia:jetson_agx_xavier:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5DD3D2AA-2A9F-470D-BB0F-A7B7C2EC2490",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_nano:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B2B041F-21A8-4F0B-BBAF-7CDD8B911547",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_nano_2gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "52E153CA-BE89-4C66-8B72-8901BF592423",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "86D1FDAD-C594-43D9-9BF6-F7461177AB91",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE9D4A55-A232-4AF2-B7E9-CD58D7D17479",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2_nx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64C3FB58-08AA-4FE4-97BE-21B254BA229F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0AA5976-FD71-4A53-BD4F-D342E871FEB0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nvidia:shield_experience:*:*:*:*:*:*:*:*",
"matchCriteriaId": "71B40848-51B9-47D6-83D9-B45EDBA785DA",
"versionEndExcluding": "9.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nvidia:shield_tv:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49F85C44-6B7E-4B7C-AC8D-9D5727DFA0B8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "NVIDIA Linux kernel distributions contain a vulnerability in nvmap NVMAP_IOC_WRITE* paths, where improper access controls may lead to code execution, complete denial of service, and seriously compromised integrity of all system components."
},
{
"lang": "es",
"value": "Las distribuciones del kernel de Linux de NVIDIA contienen una vulnerabilidad en las rutas nvmap NVMAP_IOC_WRITE*, donde unos controles de acceso inapropiados pueden conllevar a una ejecuci\u00f3n de c\u00f3digo, una denegaci\u00f3n de servicio completa y un grave compromiso de integridad de todos los componentes del sistema"
}
],
"id": "CVE-2021-1107",
"lastModified": "2024-11-21T05:43:36.680",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "psirt@nvidia.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-08-11T22:15:08.063",
"references": [
{
"source": "psirt@nvidia.com",
"tags": [
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5216"
},
{
"source": "psirt@nvidia.com",
"tags": [
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5259"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5216"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5259"
}
],
"sourceIdentifier": "psirt@nvidia.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-06-30 11:15
Modified
2024-11-21 06:10
Severity ?
7.7 (High) - CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Trusty contains a vulnerability in the HDCP service TA where bounds checking in command 5 is missing. Improper restriction of operations within the bounds of a memory buffer might lead to denial of service, escalation of privileges, and information disclosure.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| nvidia | jetson_linux | * | |
| nvidia | jetson_agx_xavier_16gb | - | |
| nvidia | jetson_agx_xavier_32gb | - | |
| nvidia | jetson_agx_xavier_8gb | - | |
| nvidia | jetson_tx2 | - | |
| nvidia | jetson_tx2_4gb | - | |
| nvidia | jetson_tx2_nx | - | |
| nvidia | jetson_tx2i | - | |
| nvidia | jetson_xavier_nx | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nvidia:jetson_linux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E8941F71-0292-414E-AEA5-DD55EA3C2009",
"versionEndExcluding": "32.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nvidia:jetson_agx_xavier_16gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0E081CB-B6EC-42DC-BA04-BCA13C17D190",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_agx_xavier_32gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F92D471-8E65-41FC-A5DE-255136F6F989",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_agx_xavier_8gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E29459F7-997A-4B87-9164-6E3B5158ADC3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE9D4A55-A232-4AF2-B7E9-CD58D7D17479",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2_4gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "71994F94-5279-4107-99F5-48990AE0C686",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2_nx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64C3FB58-08AA-4FE4-97BE-21B254BA229F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5DF55ABB-1B4F-452E-9D84-C01A638F88A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0AA5976-FD71-4A53-BD4F-D342E871FEB0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Trusty contains a vulnerability in the HDCP service TA where bounds checking in command 5 is missing. Improper restriction of operations within the bounds of a memory buffer might lead to denial of service, escalation of privileges, and information disclosure."
},
{
"lang": "es",
"value": "Trusty contiene una vulnerabilidad en el servicio HDCP TA donde falta la comprobaci\u00f3n de l\u00edmites en el comando 5. La restricci\u00f3n inapropiada de las operaciones dentro de los l\u00edmites de un b\u00fafer de memoria podr\u00eda conllevar a una denegaci\u00f3n de servicio, una escalada de privilegios y la divulgaci\u00f3n de informaci\u00f3n"
}
],
"id": "CVE-2021-34376",
"lastModified": "2024-11-21T06:10:16.007",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.1,
"impactScore": 6.0,
"source": "psirt@nvidia.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-06-30T11:15:08.390",
"references": [
{
"source": "psirt@nvidia.com",
"tags": [
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5205"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5205"
}
],
"sourceIdentifier": "psirt@nvidia.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-06-30 11:15
Modified
2024-11-21 06:10
Severity ?
7.7 (High) - CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Trusty contains a vulnerability in the HDCP service TA where bounds checking in command 10 is missing. The length of an I/O buffer parameter is not checked, which might lead to memory corruption.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| nvidia | jetson_linux | * | |
| nvidia | jetson_agx_xavier_16gb | - | |
| nvidia | jetson_agx_xavier_32gb | - | |
| nvidia | jetson_agx_xavier_8gb | - | |
| nvidia | jetson_tx2 | - | |
| nvidia | jetson_tx2_4gb | - | |
| nvidia | jetson_tx2_nx | - | |
| nvidia | jetson_tx2i | - | |
| nvidia | jetson_xavier_nx | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nvidia:jetson_linux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E8941F71-0292-414E-AEA5-DD55EA3C2009",
"versionEndExcluding": "32.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nvidia:jetson_agx_xavier_16gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0E081CB-B6EC-42DC-BA04-BCA13C17D190",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_agx_xavier_32gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F92D471-8E65-41FC-A5DE-255136F6F989",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_agx_xavier_8gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E29459F7-997A-4B87-9164-6E3B5158ADC3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE9D4A55-A232-4AF2-B7E9-CD58D7D17479",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2_4gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "71994F94-5279-4107-99F5-48990AE0C686",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2_nx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64C3FB58-08AA-4FE4-97BE-21B254BA229F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5DF55ABB-1B4F-452E-9D84-C01A638F88A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0AA5976-FD71-4A53-BD4F-D342E871FEB0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Trusty contains a vulnerability in the HDCP service TA where bounds checking in command 10 is missing. The length of an I/O buffer parameter is not checked, which might lead to memory corruption."
},
{
"lang": "es",
"value": "Trusty contiene una vulnerabilidad en el servicio HDCP TA donde falta la comprobaci\u00f3n de l\u00edmites en el comando 10. La longitud de un par\u00e1metro del b\u00fafer I/O no es comprobada, lo que podr\u00eda conllevar a una corrupci\u00f3n de memoria"
}
],
"id": "CVE-2021-34379",
"lastModified": "2024-11-21T06:10:16.430",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.1,
"impactScore": 6.0,
"source": "psirt@nvidia.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-06-30T11:15:08.560",
"references": [
{
"source": "psirt@nvidia.com",
"tags": [
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5205"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5205"
}
],
"sourceIdentifier": "psirt@nvidia.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-06-30 11:15
Modified
2024-11-21 06:10
Severity ?
7.7 (High) - CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Trusty contains a vulnerability in the HDCP service TA where bounds checking in command 11 is missing. Improper restriction of operations within the bounds of a memory buffer might lead to information disclosure, denial of service, or escalation of privileges.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| nvidia | jetson_linux | * | |
| nvidia | jetson_agx_xavier_16gb | - | |
| nvidia | jetson_agx_xavier_32gb | - | |
| nvidia | jetson_agx_xavier_8gb | - | |
| nvidia | jetson_tx2 | - | |
| nvidia | jetson_tx2_4gb | - | |
| nvidia | jetson_tx2_nx | - | |
| nvidia | jetson_tx2i | - | |
| nvidia | jetson_xavier_nx | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nvidia:jetson_linux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E8941F71-0292-414E-AEA5-DD55EA3C2009",
"versionEndExcluding": "32.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nvidia:jetson_agx_xavier_16gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0E081CB-B6EC-42DC-BA04-BCA13C17D190",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_agx_xavier_32gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F92D471-8E65-41FC-A5DE-255136F6F989",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_agx_xavier_8gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E29459F7-997A-4B87-9164-6E3B5158ADC3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE9D4A55-A232-4AF2-B7E9-CD58D7D17479",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2_4gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "71994F94-5279-4107-99F5-48990AE0C686",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2_nx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64C3FB58-08AA-4FE4-97BE-21B254BA229F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5DF55ABB-1B4F-452E-9D84-C01A638F88A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0AA5976-FD71-4A53-BD4F-D342E871FEB0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Trusty contains a vulnerability in the HDCP service TA where bounds checking in command 11 is missing. Improper restriction of operations within the bounds of a memory buffer might lead to information disclosure, denial of service, or escalation of privileges."
},
{
"lang": "es",
"value": "Trusty contiene una vulnerabilidad en el servicio HDCP TA donde falta la comprobaci\u00f3n de l\u00edmites en el comando 11. La restricci\u00f3n inapropiada de las operaciones dentro de los l\u00edmites de un b\u00fafer de memoria podr\u00eda conllevar a una divulgaci\u00f3n de informaci\u00f3n, la denegaci\u00f3n de servicio o la escalada de privilegios"
}
],
"id": "CVE-2021-34378",
"lastModified": "2024-11-21T06:10:16.290",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.1,
"impactScore": 6.0,
"source": "psirt@nvidia.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-06-30T11:15:08.503",
"references": [
{
"source": "psirt@nvidia.com",
"tags": [
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5205"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5205"
}
],
"sourceIdentifier": "psirt@nvidia.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-08-08 17:15
Modified
2024-09-16 19:27
Severity ?
8.7 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L
8.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Summary
NVIDIA Jetson Linux contains a vulnerability in NvGPU where error handling paths in GPU MMU mapping code fail to clean up a failed mapping attempt. A successful exploit of this vulnerability may lead to denial of service, code execution, and escalation of privileges.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@nvidia.com | https://nvidia.custhelp.com/app/answers/detail/a_id/5555 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nvidia:jetson_linux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C62FF93F-21E6-41E4-A82C-07AC7DC7951E",
"versionEndExcluding": "32.7.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nvidia:jetson_agx_xavier:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5DD3D2AA-2A9F-470D-BB0F-A7B7C2EC2490",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_agx_xavier_16gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0E081CB-B6EC-42DC-BA04-BCA13C17D190",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_agx_xavier_32gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F92D471-8E65-41FC-A5DE-255136F6F989",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_agx_xavier_64gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B51F666B-F3ED-4CF3-B48E-B39BDE1C2579",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_agx_xavier_8gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E29459F7-997A-4B87-9164-6E3B5158ADC3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_agx_xavier_industrial:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3C7C6B22-EBD3-4465-9852-4A4844AA714A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_nano:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B2B041F-21A8-4F0B-BBAF-7CDD8B911547",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_nano:-:*:-:*:*:*:*:*",
"matchCriteriaId": "9244F123-8518-4D81-AD26-5695F27F413B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_nano:-:*:developer_kit:*:*:*:*:*",
"matchCriteriaId": "80BF53A0-8FDF-4827-9C00-ED082C4A68C7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_nano_2gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "52E153CA-BE89-4C66-8B72-8901BF592423",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "86D1FDAD-C594-43D9-9BF6-F7461177AB91",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx1_l4t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F08A43AD-CA33-4EA7-9456-C7BDE622FD05",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE9D4A55-A232-4AF2-B7E9-CD58D7D17479",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2_4gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "71994F94-5279-4107-99F5-48990AE0C686",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2_nx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64C3FB58-08AA-4FE4-97BE-21B254BA229F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5DF55ABB-1B4F-452E-9D84-C01A638F88A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0AA5976-FD71-4A53-BD4F-D342E871FEB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:developer_kit:*:*:*:*:*",
"matchCriteriaId": "3E54B955-F0E2-44BD-9B8C-3C788BBCF2A9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:production:*:*:*:*:*",
"matchCriteriaId": "3E0C93C3-26F6-48E4-BADA-4DB05A7BA9D1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_xavier_nx_16gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A36028A3-EE83-4158-9039-5C6C795FA048",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "NVIDIA Jetson Linux contains a vulnerability in NvGPU where error handling paths in GPU MMU mapping code fail to clean up a failed mapping attempt. A successful exploit of this vulnerability may lead to denial of service, code execution, and escalation of privileges."
},
{
"lang": "es",
"value": "NVIDIA Jetson Linux contiene una vulnerabilidad en NvGPU donde las rutas de manejo de errores en el c\u00f3digo de mapeo de GPU MMU no logran limpiar un intento fallido de mapeo. Una explotaci\u00f3n exitosa de esta vulnerabilidad puede provocar denegaci\u00f3n de servicio, ejecuci\u00f3n de c\u00f3digo y escalada de privilegios."
}
],
"id": "CVE-2024-0108",
"lastModified": "2024-09-16T19:27:19.833",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.0,
"impactScore": 6.0,
"source": "psirt@nvidia.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.0,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-08-08T17:15:18.473",
"references": [
{
"source": "psirt@nvidia.com",
"tags": [
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5555"
}
],
"sourceIdentifier": "psirt@nvidia.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-755"
}
],
"source": "psirt@nvidia.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-755"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-06-30 11:15
Modified
2024-11-21 06:10
Severity ?
7.7 (High) - CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Trusty contains a vulnerability in all trusted applications (TAs) where the stack cookie was not randomized, which might result in stack-based buffer overflow, leading to denial of service, escalation of privileges, and information disclosure.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| nvidia | jetson_linux | * | |
| nvidia | jetson_agx_xavier_16gb | - | |
| nvidia | jetson_agx_xavier_32gb | - | |
| nvidia | jetson_agx_xavier_8gb | - | |
| nvidia | jetson_tx2 | - | |
| nvidia | jetson_tx2_4gb | - | |
| nvidia | jetson_tx2_nx | - | |
| nvidia | jetson_tx2i | - | |
| nvidia | jetson_xavier_nx | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nvidia:jetson_linux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E8941F71-0292-414E-AEA5-DD55EA3C2009",
"versionEndExcluding": "32.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nvidia:jetson_agx_xavier_16gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0E081CB-B6EC-42DC-BA04-BCA13C17D190",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_agx_xavier_32gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F92D471-8E65-41FC-A5DE-255136F6F989",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_agx_xavier_8gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E29459F7-997A-4B87-9164-6E3B5158ADC3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE9D4A55-A232-4AF2-B7E9-CD58D7D17479",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2_4gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "71994F94-5279-4107-99F5-48990AE0C686",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2_nx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64C3FB58-08AA-4FE4-97BE-21B254BA229F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5DF55ABB-1B4F-452E-9D84-C01A638F88A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0AA5976-FD71-4A53-BD4F-D342E871FEB0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Trusty contains a vulnerability in all trusted applications (TAs) where the stack cookie was not randomized, which might result in stack-based buffer overflow, leading to denial of service, escalation of privileges, and information disclosure."
},
{
"lang": "es",
"value": "Trusty contiene una vulnerabilidad en todas las aplicaciones confiables (TAs) donde la cookie de la pila no fue aleatoria, lo que podr\u00eda resultar en un desbordamiento del b\u00fafer en la regi\u00f3n stack de la memoria, conllevando a una denegaci\u00f3n de servicio, escalada de privilegios y divulgaci\u00f3n de informaci\u00f3n"
}
],
"id": "CVE-2021-34375",
"lastModified": "2024-11-21T06:10:15.873",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.1,
"impactScore": 6.0,
"source": "psirt@nvidia.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-06-30T11:15:08.333",
"references": [
{
"source": "psirt@nvidia.com",
"tags": [
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5205"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5205"
}
],
"sourceIdentifier": "psirt@nvidia.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-08-11 22:15
Modified
2024-11-21 05:43
Severity ?
7.2 (High) - CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:H/A:H
6.3 (Medium) - CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H
6.3 (Medium) - CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H
Summary
NVIDIA camera firmware contains a multistep, timing-related vulnerability where an unauthorized modification by camera resources may result in loss of data integrity or denial of service across several streams.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| nvidia | jetson_linux | * | |
| nvidia | jetson_agx_xavier | - | |
| nvidia | jetson_nano | - | |
| nvidia | jetson_nano_2gb | - | |
| nvidia | jetson_tx1 | - | |
| nvidia | jetson_tx2 | - | |
| nvidia | jetson_tx2_nx | - | |
| nvidia | jetson_xavier_nx | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nvidia:jetson_linux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9E69A431-2B5A-4718-BCD2-CA2D1077641B",
"versionEndExcluding": "32.6.1",
"versionStartIncluding": "32.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nvidia:jetson_agx_xavier:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5DD3D2AA-2A9F-470D-BB0F-A7B7C2EC2490",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_nano:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B2B041F-21A8-4F0B-BBAF-7CDD8B911547",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_nano_2gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "52E153CA-BE89-4C66-8B72-8901BF592423",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "86D1FDAD-C594-43D9-9BF6-F7461177AB91",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE9D4A55-A232-4AF2-B7E9-CD58D7D17479",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2_nx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64C3FB58-08AA-4FE4-97BE-21B254BA229F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0AA5976-FD71-4A53-BD4F-D342E871FEB0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "NVIDIA camera firmware contains a multistep, timing-related vulnerability where an unauthorized modification by camera resources may result in loss of data integrity or denial of service across several streams."
},
{
"lang": "es",
"value": "El firmware de la c\u00e1mara NVIDIA contiene una vulnerabilidad relacionada con la temporizaci\u00f3n en la que una modificaci\u00f3n no autorizada de recursos de la c\u00e1mara puede resultar en una p\u00e9rdida de la integridad de datos o una denegaci\u00f3n de servicio en varios flujos"
}
],
"id": "CVE-2021-1109",
"lastModified": "2024-11-21T05:43:36.923",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 3.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:M/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.8,
"source": "psirt@nvidia.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.0,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-08-11T22:15:08.193",
"references": [
{
"source": "psirt@nvidia.com",
"tags": [
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5216"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5216"
}
],
"sourceIdentifier": "psirt@nvidia.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-11-20 15:15
Modified
2024-11-21 05:43
Severity ?
4.1 (Medium) - CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Summary
NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to utilize debug mechanisms with insufficient access control, which may lead to information disclosure.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nvidia:dgx-1_p100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "47EAF1F2-41D7-4F6F-A6F4-CDC36F544204",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:dgx-1_v100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CBFD6294-13E6-4615-8BB0-7863CC5E62B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:dgx-2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2578180E-CD9E-4D45-B092-CEFDC3653878",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:dgx_station_a100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "96A05233-855C-4099-BF73-0D04F8F58A44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:drive_constellation:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36517415-0642-4DF2-9CAF-CC73DFD301D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gt_605:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6A6FE1DB-4930-46B5-868D-4445EF312A33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gt_610:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B600A94B-877D-42BA-B4F7-360198F3ECF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gt_620:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36438CBB-37FB-455B-AE50-D68726E092BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gt_625:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EC98A0F7-89B0-4BE0-A6EE-58EA39781E53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gt_630:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B8C2CAC-B37E-47AD-AF02-C6BF5952DF87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gt_635:-:*:*:*:*:*:*:*",
"matchCriteriaId": "635D27CF-65F3-4166-867E-7FD25EEE5303",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gt_640:-:*:*:*:*:*:*:*",
"matchCriteriaId": "95DB79D1-C580-4A62-B177-7E47737147F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gt_705:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0225FE8D-16A7-4400-94F2-CE857D2255C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gt_710:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B72BBAC-CEBD-4405-B1EC-7535794FF5EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gt_720:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BCC9048C-F848-48AD-BD5D-59D36E684949",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gt_730:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2C9365F-B4A5-4EA2-917B-2F07457017EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gt_740:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21FE9995-2F38-4257-9FE1-2495D05D1993",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_1050:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D835EE77-6031-40D6-8305-F962F42E7018",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_1050_ti:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49C8D547-A817-4A62-9045-789843998A18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_1060:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F0ED6F8E-1F82-4C50-9EEF-A5F58DB440AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_1070:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E884CEDD-CAA5-489D-A526-B628BB3DE460",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_1070_ti:-:*:*:*:*:*:*:*",
"matchCriteriaId": "73F427BC-F15D-443D-B7F8-B0BB0C52C427",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_1080:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9E3455DE-4408-4603-86B2-5ECE76ED459C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_1080_ti:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57CA2FAC-9170-4E68-B6A6-E2CD9CCF0600",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_1650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2E8B18CF-58CF-48C8-A4AE-F6922E215E5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_1650_super:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FD84C049-7F87-4C92-9FCB-7BD7382E25E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_1660:-:*:*:*:*:*:*:*",
"matchCriteriaId": "573887F7-E422-48AA-8205-56166D81536C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_1660_super:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA37A3BB-35DF-4863-9A95-29B631587DB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_1660_ti:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3913E75-6B38-498F-9C6A-A4A8B752D5BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_645:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C519FF2F-0AE9-4290-8115-F60EB9B830C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0D0E7C6F-C42F-40E1-9DF1-2ED17938DCC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_650_ti:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3A978D1E-BD96-4534-83FE-434F0157AB54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_650_ti_boost:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FCD9648-DA33-4F4F-9AC7-7FB826205729",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_660:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89B38FD5-B548-4BF7-8E35-37701320569C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_660_ti:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7AD0960F-EBEF-4876-8DC6-7B42B799105F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_670:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4A4F5E65-0E6F-47FD-8E5B-D00D5F82D467",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_680:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07F9F2F5-AE1B-4BE5-8D6B-D16967A208F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_690:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8416729C-0339-4B1C-99AC-C132D45744C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_745:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E733A3A-347E-4147-89AE-9EEC9B4DB787",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_750:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EDC42D37-5DDE-4545-A4B9-7701749C0982",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_750_ti:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7F2F1B32-CFEE-4417-843D-880302E4D6FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_760:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5176FD7-C3F6-4642-831C-1FE33D3E3B35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_760_ti:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F61534DC-EA6D-42E8-9AE5-AE6420906318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_770:-:*:*:*:*:*:*:*",
"matchCriteriaId": "530C2C04-A37D-442C-BB0E-BEA01864D73C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_780:-:*:*:*:*:*:*:*",
"matchCriteriaId": "22A5378C-2395-4D23-BD06-0995C5637857",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_780_ti:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D651C50E-63D1-4FC6-8EEA-095E17A1342A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_950:-:*:*:*:*:*:*:*",
"matchCriteriaId": "52379F40-A0B8-404F-8187-26D085F3568A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_960:-:*:*:*:*:*:*:*",
"matchCriteriaId": "29D0D308-1A59-4D8C-930C-2B480E718FB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_970:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B957ED4F-2A0E-4E6E-AF06-CC09722A4008",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_980:-:*:*:*:*:*:*:*",
"matchCriteriaId": "280BE7CC-3E8C-4630-BDA3-CFC409C2E5A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_titan_x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5A7ED258-77DC-45FA-B6AE-B9310049ECDE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_rtx_2060:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5743279-2E97-4D92-A43B-732B9AE0979C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_rtx_2060_super:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A54F1D17-30C3-4912-858B-B656AE636C58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_rtx_2070:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9472E1FC-B22D-437B-A62E-9476A903F2BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_rtx_2070_super:-:*:*:*:*:*:*:*",
"matchCriteriaId": "483E83C0-FD09-4473-8036-A2E1C362A2E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_rtx_2080:-:*:*:*:*:*:*:*",
"matchCriteriaId": "88DEB01F-0C63-4EA1-878A-2DC9701DAA41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_rtx_2080_super:-:*:*:*:*:*:*:*",
"matchCriteriaId": "633AB383-A5D6-4F0F-A973-FE777117A856",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_rtx_2080_ti:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0BF0DE98-5862-4738-A8D5-06C9599B5317",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:gtx_titan:-:*:*:*:*:*:*:*",
"matchCriteriaId": "114895F2-AE45-4A46-BCFF-FD7C2573D88B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:gtx_titan_black:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E4A83155-9EA1-4F67-803F-3F8F692C6729",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:gtx_titan_z:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FED1874A-9E4B-4725-A130-6CA872D491CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_agx_xavier_16gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0E081CB-B6EC-42DC-BA04-BCA13C17D190",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_agx_xavier_32gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F92D471-8E65-41FC-A5DE-255136F6F989",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_agx_xavier_8gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E29459F7-997A-4B87-9164-6E3B5158ADC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_nano:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B2B041F-21A8-4F0B-BBAF-7CDD8B911547",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_nano:-:*:-:*:*:*:*:*",
"matchCriteriaId": "9244F123-8518-4D81-AD26-5695F27F413B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_nano:-:*:developer_kit:*:*:*:*:*",
"matchCriteriaId": "80BF53A0-8FDF-4827-9C00-ED082C4A68C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "86D1FDAD-C594-43D9-9BF6-F7461177AB91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE9D4A55-A232-4AF2-B7E9-CD58D7D17479",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2_4gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "71994F94-5279-4107-99F5-48990AE0C686",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2_nx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64C3FB58-08AA-4FE4-97BE-21B254BA229F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5DF55ABB-1B4F-452E-9D84-C01A638F88A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0AA5976-FD71-4A53-BD4F-D342E871FEB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:developer_kit:*:*:*:*:*",
"matchCriteriaId": "3E54B955-F0E2-44BD-9B8C-3C788BBCF2A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:production:*:*:*:*:*",
"matchCriteriaId": "3E0C93C3-26F6-48E4-BADA-4DB05A7BA9D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:nvidia_hgx-2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D697CF9-CBAE-4E29-AA3C-50FEDEB4F20E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:nvidia_t1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "284CDDF2-12D5-4A35-9A1F-496E9112F798",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:nvidia_t2000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "98CD730F-BBB7-4EE0-93B5-88555B9494B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:nvidia_t4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1292795D-A6ED-40D6-BE2D-D396909C5D59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:nvidia_t400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80AA0372-BA25-4C5E-B464-13AB660D1D98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:nvidia_t600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6A7C069-DE2C-4390-8B2C-8A3175D692F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_gv100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A30CCD00-60D7-42B5-B88C-AF2BD81B796F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m1000m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3896B47E-8787-45D2-96B3-BF4892780F35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m1200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A1E9293F-C51A-40B0-9461-83A31366C8C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m2000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "316C9573-7C7D-4429-8563-B74FD752AC51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m2000m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6FEC13EF-BB2F-4ED2-BC8B-8234ABAEEE02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m2200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E607C924-1682-4348-B6BF-31912E3A3D13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m3000m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5E13B65-F61B-44D4-B1D7-1E96D9CB45BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m4000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76ABA317-6621-4D57-874F-307451EC9C2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m4000m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "477D72B5-A3EA-440A-B495-8A09E8564E8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F2B507EE-F005-4806-A8FC-8C8D9A31B0DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m5000m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DAD67DC6-AA36-4F93-B8DB-77EB8C153BCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m500m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E707A80B-6482-47DD-8BF3-6E58BC2C697A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m520:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F5E94B4-0DF1-4F79-87A0-C90A6131091B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m5500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0E8D2AC7-DC75-4BBA-BF4E-58BF88B49B11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m6000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ED233BC3-6982-41E1-9205-5159C17A4A56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m600m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7C186F38-89C7-4616-A424-201804F842C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m620:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB2D3A4D-0C03-402F-BB8A-2DE5AE14FDA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_p1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DFB1F23E-99C5-4FBC-9E9C-8AD8A05AE8C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_p2000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "05069DB9-7DD0-4FF1-8D98-8DC3A0B2AF77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_p2200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "02BC9134-0188-4F79-BAB6-77409617D752",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_p3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BC64DC02-91A7-4E10-9023-6932A4A14D77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_p3200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C91BB45E-C2BF-4B48-892B-82EF5710AA7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_p400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5E7CC54F-15FE-4ED8-AA5D-900AAFFAEEC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_p4000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8FBB9DDD-963E-4B10-B0BC-99588C82969F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_p4200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CECB5A97-0088-4ACD-9A9C-964D4C3DE699",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_p500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E57FD81-AC93-49BE-B0E1-FB5699CE7A52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_p5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DCDC421C-3B8F-4EAA-A2D4-14C14CD7F3DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_p520:-:*:*:*:*:*:*:*",
"matchCriteriaId": "453E0F78-7B35-42B2-B5FA-43ACE9F7602A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_p5200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "004D6C59-E6C9-4E0E-BBA8-8E3AD0F0BC1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_p600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BC5FA1F3-5D7E-4085-B5D3-D86CF5A6E412",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_p6000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "60176B23-2751-4415-A0D3-DF1BE640F6C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_p620:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3F9219FD-849D-4A0A-97F0-85492B4B2189",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_rtx_3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7F4AB1BC-2B82-4C12-96B0-B269462032B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_rtx_4000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "323643CB-D03C-47D1-9FAF-0A5C0777DF61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_rtx_5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A5175F77-1E61-4296-AFDD-F00D1C0B5560",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_rtx_6000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F06F4994-5EDF-4652-B673-4F90907994DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_rtx_8000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66216B9A-F79D-4681-BBC4-6F5D80A3E5EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_t1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "33D439F5-86EC-47FC-826A-229C028EB149",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_t2000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD476101-4981-46F9-9898-717701C0CAE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_t400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "85351FD4-28CD-4392-B154-90E4DE270F7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_t600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "109B8099-C1AD-4695-877A-13B4301FEBB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:shield_tv:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49F85C44-6B7E-4B7C-AC8D-9D5727DFA0B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:shield_tv_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76300BC2-B496-4B4D-979B-6C56F590449A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:tesla_m10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "343850DA-E975-467A-99A2-852E24135DD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:tesla_m4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B8C459A6-EE1D-482F-BC23-866836870512",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:tesla_m40:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A6DDBF7C-C346-4515-AD0D-922E7E2F09E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:tesla_m6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2E92C2C2-1CF7-4531-B431-D67BF6049635",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:tesla_m60:-:*:*:*:*:*:*:*",
"matchCriteriaId": "44B63168-6671-4D31-A984-B0A0F71CB799",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:tesla_p100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6299665D-182A-4F2C-B451-1103B943CAE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:tesla_p4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EDCAD45A-986C-42AE-80F6-728E9427187C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:tesla_p40:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B4D9D634-1F0C-49A7-B680-24423CA6468E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:tesla_p6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "656DD5D8-A9DC-4A18-A444-C1D73580C6E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:tesla_v100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2CC382C-4F8D-471B-B525-DE28D60E14EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:tesla_v100s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E5E8719D-831E-4703-9989-A33782F4FFBE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:titan_rtx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C494A0AF-5DBF-47BE-8156-3CB876BAE779",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:titan_v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8751F9FE-920A-4438-B0E3-F6F493B1B72C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:titan_x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FABA79A-A70A-40A5-ADA7-893EAB42FE9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:titan_xp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0C9A97E1-2F0F-495D-97E8-0538AAC066EE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to utilize debug mechanisms with insufficient access control, which may lead to information disclosure."
},
{
"lang": "es",
"value": "La GPU NVIDIA y el hardware Tegra contienen una vulnerabilidad en el microcontrolador interno que puede permitir a un usuario con altos privilegios usar mecanismos de depuraci\u00f3n con un control de acceso insuficiente, que puede conllevar a una divulgaci\u00f3n de informaci\u00f3n"
}
],
"id": "CVE-2021-1088",
"lastModified": "2024-11-21T05:43:34.367",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.5,
"impactScore": 3.6,
"source": "psirt@nvidia.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-11-20T15:15:07.647",
"references": [
{
"source": "psirt@nvidia.com",
"tags": [
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5263"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5263"
}
],
"sourceIdentifier": "psirt@nvidia.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-08-11 22:15
Modified
2024-11-21 05:43
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
NVIDIA Linux kernel distributions contain a vulnerability in nvmap, where writes may be allowed to read-only buffers, which may result in escalation of privileges, complete denial of service, unconstrained information disclosure, and serious data tampering of all processes on the system.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| nvidia | jetson_linux | * | |
| nvidia | jetson_agx_xavier | - | |
| nvidia | jetson_nano | - | |
| nvidia | jetson_nano_2gb | - | |
| nvidia | jetson_tx1 | - | |
| nvidia | jetson_tx2 | - | |
| nvidia | jetson_tx2_nx | - | |
| nvidia | jetson_xavier_nx | - | |
| nvidia | shield_experience | * | |
| nvidia | shield_tv | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nvidia:jetson_linux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9E69A431-2B5A-4718-BCD2-CA2D1077641B",
"versionEndExcluding": "32.6.1",
"versionStartIncluding": "32.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nvidia:jetson_agx_xavier:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5DD3D2AA-2A9F-470D-BB0F-A7B7C2EC2490",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_nano:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B2B041F-21A8-4F0B-BBAF-7CDD8B911547",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_nano_2gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "52E153CA-BE89-4C66-8B72-8901BF592423",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "86D1FDAD-C594-43D9-9BF6-F7461177AB91",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE9D4A55-A232-4AF2-B7E9-CD58D7D17479",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2_nx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64C3FB58-08AA-4FE4-97BE-21B254BA229F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0AA5976-FD71-4A53-BD4F-D342E871FEB0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nvidia:shield_experience:*:*:*:*:*:*:*:*",
"matchCriteriaId": "71B40848-51B9-47D6-83D9-B45EDBA785DA",
"versionEndExcluding": "9.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nvidia:shield_tv:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49F85C44-6B7E-4B7C-AC8D-9D5727DFA0B8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "NVIDIA Linux kernel distributions contain a vulnerability in nvmap, where writes may be allowed to read-only buffers, which may result in escalation of privileges, complete denial of service, unconstrained information disclosure, and serious data tampering of all processes on the system."
},
{
"lang": "es",
"value": "Las distribuciones del kernel de Linux de NVIDIA contienen una vulnerabilidad en nvmap, donde se pueden permitir escrituras en b\u00faferes de s\u00f3lo lectura, lo que puede resultar en una escalada de privilegios, una denegaci\u00f3n de servicio completa, una divulgaci\u00f3n de informaci\u00f3n sin restricciones y una grave alteraci\u00f3n de los datos de todos los procesos del sistema"
}
],
"id": "CVE-2021-1106",
"lastModified": "2024-11-21T05:43:36.550",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "psirt@nvidia.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-08-11T22:15:07.983",
"references": [
{
"source": "psirt@nvidia.com",
"tags": [
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5216"
},
{
"source": "psirt@nvidia.com",
"tags": [
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5259"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5216"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5259"
}
],
"sourceIdentifier": "psirt@nvidia.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-06-21 22:15
Modified
2024-11-21 06:10
Severity ?
6.3 (Medium) - CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Bootloader contains a vulnerability in NVIDIA TegraBoot where a potential heap overflow might allow an attacker to control all the RAM after the heap block, leading to denial of service or code execution.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| nvidia | jetson_linux | * | |
| nvidia | jetson_agx_xavier_16gb | - | |
| nvidia | jetson_agx_xavier_32gb | - | |
| nvidia | jetson_agx_xavier_8gb | - | |
| nvidia | jetson_nano | - | |
| nvidia | jetson_nano | - | |
| nvidia | jetson_nano_2gb | - | |
| nvidia | jetson_tx1 | - | |
| nvidia | jetson_tx2 | - | |
| nvidia | jetson_tx2_4gb | - | |
| nvidia | jetson_tx2_nx | - | |
| nvidia | jetson_tx2i | - | |
| nvidia | jetson_xavier_nx | - | |
| nvidia | jetson_xavier_nx | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nvidia:jetson_linux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E8941F71-0292-414E-AEA5-DD55EA3C2009",
"versionEndExcluding": "32.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nvidia:jetson_agx_xavier_16gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0E081CB-B6EC-42DC-BA04-BCA13C17D190",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_agx_xavier_32gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F92D471-8E65-41FC-A5DE-255136F6F989",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_agx_xavier_8gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E29459F7-997A-4B87-9164-6E3B5158ADC3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_nano:-:*:-:*:*:*:*:*",
"matchCriteriaId": "9244F123-8518-4D81-AD26-5695F27F413B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_nano:-:*:developer_kit:*:*:*:*:*",
"matchCriteriaId": "80BF53A0-8FDF-4827-9C00-ED082C4A68C7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_nano_2gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "52E153CA-BE89-4C66-8B72-8901BF592423",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "86D1FDAD-C594-43D9-9BF6-F7461177AB91",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE9D4A55-A232-4AF2-B7E9-CD58D7D17479",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2_4gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "71994F94-5279-4107-99F5-48990AE0C686",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2_nx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64C3FB58-08AA-4FE4-97BE-21B254BA229F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5DF55ABB-1B4F-452E-9D84-C01A638F88A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:developer_kit:*:*:*:*:*",
"matchCriteriaId": "3E54B955-F0E2-44BD-9B8C-3C788BBCF2A9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:production:*:*:*:*:*",
"matchCriteriaId": "3E0C93C3-26F6-48E4-BADA-4DB05A7BA9D1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Bootloader contains a vulnerability in NVIDIA TegraBoot where a potential heap overflow might allow an attacker to control all the RAM after the heap block, leading to denial of service or code execution."
},
{
"lang": "es",
"value": "El gestor de arranque contiene una vulnerabilidad en NVIDIA TegraBoot en la que un potencial desbordamiento de heap podr\u00eda permitir a un atacante controlar toda la RAM despu\u00e9s del bloque de heap, lo que llevar\u00eda a una denegaci\u00f3n de servicio o a la ejecuci\u00f3n de c\u00f3digo"
}
],
"id": "CVE-2021-34388",
"lastModified": "2024-11-21T06:10:17.633",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.0,
"impactScore": 5.2,
"source": "psirt@nvidia.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-06-21T22:15:07.760",
"references": [
{
"source": "psirt@nvidia.com",
"tags": [
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5205"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5205"
}
],
"sourceIdentifier": "psirt@nvidia.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-06-30 11:15
Modified
2024-11-21 06:10
Severity ?
7.7 (High) - CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Trusty contains a vulnerability in the HDCP service TA where bounds checking in command 9 is missing. Improper restriction of operations within the bounds of a memory buffer might lead to escalation of privileges, information disclosure, and denial of service.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| nvidia | jetson_linux | * | |
| nvidia | jetson_agx_xavier_16gb | - | |
| nvidia | jetson_agx_xavier_32gb | - | |
| nvidia | jetson_agx_xavier_8gb | - | |
| nvidia | jetson_tx2 | - | |
| nvidia | jetson_tx2_4gb | - | |
| nvidia | jetson_tx2_nx | - | |
| nvidia | jetson_tx2i | - | |
| nvidia | jetson_xavier_nx | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nvidia:jetson_linux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E8941F71-0292-414E-AEA5-DD55EA3C2009",
"versionEndExcluding": "32.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nvidia:jetson_agx_xavier_16gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0E081CB-B6EC-42DC-BA04-BCA13C17D190",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_agx_xavier_32gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F92D471-8E65-41FC-A5DE-255136F6F989",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_agx_xavier_8gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E29459F7-997A-4B87-9164-6E3B5158ADC3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE9D4A55-A232-4AF2-B7E9-CD58D7D17479",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2_4gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "71994F94-5279-4107-99F5-48990AE0C686",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2_nx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64C3FB58-08AA-4FE4-97BE-21B254BA229F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5DF55ABB-1B4F-452E-9D84-C01A638F88A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0AA5976-FD71-4A53-BD4F-D342E871FEB0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Trusty contains a vulnerability in the HDCP service TA where bounds checking in command 9 is missing. Improper restriction of operations within the bounds of a memory buffer might lead to escalation of privileges, information disclosure, and denial of service."
},
{
"lang": "es",
"value": "Trusty contiene una vulnerabilidad en el servicio HDCP TA donde falta la comprobaci\u00f3n de l\u00edmites en el comando 9. La restricci\u00f3n inapropiada de las operaciones dentro de los l\u00edmites de un b\u00fafer de memoria podr\u00eda conllevar a una escalada de privilegios, la divulgaci\u00f3n de informaci\u00f3n y una denegaci\u00f3n de servicio"
}
],
"id": "CVE-2021-34377",
"lastModified": "2024-11-21T06:10:16.150",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.1,
"impactScore": 6.0,
"source": "psirt@nvidia.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-06-30T11:15:08.447",
"references": [
{
"source": "psirt@nvidia.com",
"tags": [
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5205"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5205"
}
],
"sourceIdentifier": "psirt@nvidia.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-06-22 22:15
Modified
2024-11-21 06:10
Severity ?
8.2 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Trusty (the trusted OS produced by NVIDIA for Jetson devices) driver contains a vulnerability in the NVIDIA OTE protocol message parsing code where an integer overflow in a malloc() size calculation leads to a buffer overflow on the heap, which might result in information disclosure, escalation of privileges, and denial of service.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| nvidia | jetson_linux | * | |
| nvidia | jetson_agx_xavier_16gb | - | |
| nvidia | jetson_agx_xavier_32gb | - | |
| nvidia | jetson_agx_xavier_8gb | - | |
| nvidia | jetson_nano | - | |
| nvidia | jetson_nano | - | |
| nvidia | jetson_nano_2gb | - | |
| nvidia | jetson_tx1 | - | |
| nvidia | jetson_tx2 | - | |
| nvidia | jetson_tx2_4gb | - | |
| nvidia | jetson_tx2_nx | - | |
| nvidia | jetson_tx2i | - | |
| nvidia | jetson_xavier_nx | - | |
| nvidia | jetson_xavier_nx | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nvidia:jetson_linux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E8941F71-0292-414E-AEA5-DD55EA3C2009",
"versionEndExcluding": "32.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nvidia:jetson_agx_xavier_16gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0E081CB-B6EC-42DC-BA04-BCA13C17D190",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_agx_xavier_32gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F92D471-8E65-41FC-A5DE-255136F6F989",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_agx_xavier_8gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E29459F7-997A-4B87-9164-6E3B5158ADC3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_nano:-:*:-:*:*:*:*:*",
"matchCriteriaId": "9244F123-8518-4D81-AD26-5695F27F413B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_nano:-:*:developer_kit:*:*:*:*:*",
"matchCriteriaId": "80BF53A0-8FDF-4827-9C00-ED082C4A68C7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_nano_2gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "52E153CA-BE89-4C66-8B72-8901BF592423",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "86D1FDAD-C594-43D9-9BF6-F7461177AB91",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE9D4A55-A232-4AF2-B7E9-CD58D7D17479",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2_4gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "71994F94-5279-4107-99F5-48990AE0C686",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2_nx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64C3FB58-08AA-4FE4-97BE-21B254BA229F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5DF55ABB-1B4F-452E-9D84-C01A638F88A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:developer_kit:*:*:*:*:*",
"matchCriteriaId": "3E54B955-F0E2-44BD-9B8C-3C788BBCF2A9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:production:*:*:*:*:*",
"matchCriteriaId": "3E0C93C3-26F6-48E4-BADA-4DB05A7BA9D1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Trusty (the trusted OS produced by NVIDIA for Jetson devices) driver contains a vulnerability in the NVIDIA OTE protocol message parsing code where an integer overflow in a malloc() size calculation leads to a buffer overflow on the heap, which might result in information disclosure, escalation of privileges, and denial of service."
},
{
"lang": "es",
"value": "El controlador Trusty (el Sistema Operativo confiable producido por NVIDIA para los dispositivos Jetson) contiene una vulnerabilidad en el c\u00f3digo de an\u00e1lisis de mensajes del protocolo OTE de NVIDIA en la que un desbordamiento de enteros en el c\u00e1lculo del tama\u00f1o de malloc() conlleva un desbordamiento del b\u00fafer en la pila, que puede resultar en una divulgaci\u00f3n de informaci\u00f3n, escalada de privilegios y una denegaci\u00f3n de servicio"
}
],
"id": "CVE-2021-34372",
"lastModified": "2024-11-21T06:10:15.447",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.5,
"impactScore": 6.0,
"source": "psirt@nvidia.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-06-22T22:15:08.947",
"references": [
{
"source": "psirt@nvidia.com",
"tags": [
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5205"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5205"
}
],
"sourceIdentifier": "psirt@nvidia.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-190"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-11-20 15:15
Modified
2024-11-21 05:43
Severity ?
4.1 (Medium) - CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Summary
NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to access debug registers during runtime, which may lead to information disclosure.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nvidia:dgx-1_p100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "47EAF1F2-41D7-4F6F-A6F4-CDC36F544204",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:dgx-1_v100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CBFD6294-13E6-4615-8BB0-7863CC5E62B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:dgx-2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2578180E-CD9E-4D45-B092-CEFDC3653878",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:dgx_station_a100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "96A05233-855C-4099-BF73-0D04F8F58A44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:drive_constellation:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36517415-0642-4DF2-9CAF-CC73DFD301D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gt_605:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6A6FE1DB-4930-46B5-868D-4445EF312A33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gt_610:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B600A94B-877D-42BA-B4F7-360198F3ECF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gt_620:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36438CBB-37FB-455B-AE50-D68726E092BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gt_625:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EC98A0F7-89B0-4BE0-A6EE-58EA39781E53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gt_630:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B8C2CAC-B37E-47AD-AF02-C6BF5952DF87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gt_635:-:*:*:*:*:*:*:*",
"matchCriteriaId": "635D27CF-65F3-4166-867E-7FD25EEE5303",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gt_640:-:*:*:*:*:*:*:*",
"matchCriteriaId": "95DB79D1-C580-4A62-B177-7E47737147F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gt_705:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0225FE8D-16A7-4400-94F2-CE857D2255C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gt_710:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B72BBAC-CEBD-4405-B1EC-7535794FF5EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gt_720:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BCC9048C-F848-48AD-BD5D-59D36E684949",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gt_730:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2C9365F-B4A5-4EA2-917B-2F07457017EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gt_740:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21FE9995-2F38-4257-9FE1-2495D05D1993",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_1050:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D835EE77-6031-40D6-8305-F962F42E7018",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_1050_ti:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49C8D547-A817-4A62-9045-789843998A18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_1060:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F0ED6F8E-1F82-4C50-9EEF-A5F58DB440AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_1070:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E884CEDD-CAA5-489D-A526-B628BB3DE460",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_1070_ti:-:*:*:*:*:*:*:*",
"matchCriteriaId": "73F427BC-F15D-443D-B7F8-B0BB0C52C427",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_1080:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9E3455DE-4408-4603-86B2-5ECE76ED459C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_1080_ti:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57CA2FAC-9170-4E68-B6A6-E2CD9CCF0600",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_1650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2E8B18CF-58CF-48C8-A4AE-F6922E215E5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_1650_super:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FD84C049-7F87-4C92-9FCB-7BD7382E25E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_1660:-:*:*:*:*:*:*:*",
"matchCriteriaId": "573887F7-E422-48AA-8205-56166D81536C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_1660_super:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA37A3BB-35DF-4863-9A95-29B631587DB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_1660_ti:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3913E75-6B38-498F-9C6A-A4A8B752D5BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_645:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C519FF2F-0AE9-4290-8115-F60EB9B830C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0D0E7C6F-C42F-40E1-9DF1-2ED17938DCC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_650_ti:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3A978D1E-BD96-4534-83FE-434F0157AB54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_650_ti_boost:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FCD9648-DA33-4F4F-9AC7-7FB826205729",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_660:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89B38FD5-B548-4BF7-8E35-37701320569C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_660_ti:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7AD0960F-EBEF-4876-8DC6-7B42B799105F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_670:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4A4F5E65-0E6F-47FD-8E5B-D00D5F82D467",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_680:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07F9F2F5-AE1B-4BE5-8D6B-D16967A208F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_690:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8416729C-0339-4B1C-99AC-C132D45744C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_745:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E733A3A-347E-4147-89AE-9EEC9B4DB787",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_750:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EDC42D37-5DDE-4545-A4B9-7701749C0982",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_750_ti:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7F2F1B32-CFEE-4417-843D-880302E4D6FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_760:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5176FD7-C3F6-4642-831C-1FE33D3E3B35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_760_ti:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F61534DC-EA6D-42E8-9AE5-AE6420906318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_770:-:*:*:*:*:*:*:*",
"matchCriteriaId": "530C2C04-A37D-442C-BB0E-BEA01864D73C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_780:-:*:*:*:*:*:*:*",
"matchCriteriaId": "22A5378C-2395-4D23-BD06-0995C5637857",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_780_ti:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D651C50E-63D1-4FC6-8EEA-095E17A1342A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_950:-:*:*:*:*:*:*:*",
"matchCriteriaId": "52379F40-A0B8-404F-8187-26D085F3568A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_960:-:*:*:*:*:*:*:*",
"matchCriteriaId": "29D0D308-1A59-4D8C-930C-2B480E718FB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_970:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B957ED4F-2A0E-4E6E-AF06-CC09722A4008",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_980:-:*:*:*:*:*:*:*",
"matchCriteriaId": "280BE7CC-3E8C-4630-BDA3-CFC409C2E5A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_titan_x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5A7ED258-77DC-45FA-B6AE-B9310049ECDE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_rtx_2060:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5743279-2E97-4D92-A43B-732B9AE0979C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_rtx_2060_super:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A54F1D17-30C3-4912-858B-B656AE636C58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_rtx_2070:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9472E1FC-B22D-437B-A62E-9476A903F2BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_rtx_2070_super:-:*:*:*:*:*:*:*",
"matchCriteriaId": "483E83C0-FD09-4473-8036-A2E1C362A2E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_rtx_2080:-:*:*:*:*:*:*:*",
"matchCriteriaId": "88DEB01F-0C63-4EA1-878A-2DC9701DAA41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_rtx_2080_super:-:*:*:*:*:*:*:*",
"matchCriteriaId": "633AB383-A5D6-4F0F-A973-FE777117A856",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_rtx_2080_ti:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0BF0DE98-5862-4738-A8D5-06C9599B5317",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:gtx_titan:-:*:*:*:*:*:*:*",
"matchCriteriaId": "114895F2-AE45-4A46-BCFF-FD7C2573D88B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:gtx_titan_black:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E4A83155-9EA1-4F67-803F-3F8F692C6729",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:gtx_titan_z:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FED1874A-9E4B-4725-A130-6CA872D491CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_agx_xavier_16gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0E081CB-B6EC-42DC-BA04-BCA13C17D190",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_agx_xavier_32gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F92D471-8E65-41FC-A5DE-255136F6F989",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_agx_xavier_8gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E29459F7-997A-4B87-9164-6E3B5158ADC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_nano:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B2B041F-21A8-4F0B-BBAF-7CDD8B911547",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_nano:-:*:-:*:*:*:*:*",
"matchCriteriaId": "9244F123-8518-4D81-AD26-5695F27F413B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_nano:-:*:developer_kit:*:*:*:*:*",
"matchCriteriaId": "80BF53A0-8FDF-4827-9C00-ED082C4A68C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "86D1FDAD-C594-43D9-9BF6-F7461177AB91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE9D4A55-A232-4AF2-B7E9-CD58D7D17479",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2_4gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "71994F94-5279-4107-99F5-48990AE0C686",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2_nx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64C3FB58-08AA-4FE4-97BE-21B254BA229F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5DF55ABB-1B4F-452E-9D84-C01A638F88A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0AA5976-FD71-4A53-BD4F-D342E871FEB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:developer_kit:*:*:*:*:*",
"matchCriteriaId": "3E54B955-F0E2-44BD-9B8C-3C788BBCF2A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:production:*:*:*:*:*",
"matchCriteriaId": "3E0C93C3-26F6-48E4-BADA-4DB05A7BA9D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:nvidia_hgx-2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D697CF9-CBAE-4E29-AA3C-50FEDEB4F20E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:nvidia_t1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "284CDDF2-12D5-4A35-9A1F-496E9112F798",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:nvidia_t2000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "98CD730F-BBB7-4EE0-93B5-88555B9494B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:nvidia_t4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1292795D-A6ED-40D6-BE2D-D396909C5D59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:nvidia_t400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80AA0372-BA25-4C5E-B464-13AB660D1D98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:nvidia_t600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6A7C069-DE2C-4390-8B2C-8A3175D692F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_gv100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A30CCD00-60D7-42B5-B88C-AF2BD81B796F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m1000m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3896B47E-8787-45D2-96B3-BF4892780F35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m1200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A1E9293F-C51A-40B0-9461-83A31366C8C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m2000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "316C9573-7C7D-4429-8563-B74FD752AC51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m2000m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6FEC13EF-BB2F-4ED2-BC8B-8234ABAEEE02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m2200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E607C924-1682-4348-B6BF-31912E3A3D13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m3000m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5E13B65-F61B-44D4-B1D7-1E96D9CB45BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m4000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76ABA317-6621-4D57-874F-307451EC9C2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m4000m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "477D72B5-A3EA-440A-B495-8A09E8564E8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F2B507EE-F005-4806-A8FC-8C8D9A31B0DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m5000m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DAD67DC6-AA36-4F93-B8DB-77EB8C153BCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m500m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E707A80B-6482-47DD-8BF3-6E58BC2C697A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m520:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F5E94B4-0DF1-4F79-87A0-C90A6131091B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m5500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0E8D2AC7-DC75-4BBA-BF4E-58BF88B49B11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m6000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ED233BC3-6982-41E1-9205-5159C17A4A56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m600m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7C186F38-89C7-4616-A424-201804F842C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m620:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB2D3A4D-0C03-402F-BB8A-2DE5AE14FDA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_p1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DFB1F23E-99C5-4FBC-9E9C-8AD8A05AE8C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_p2000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "05069DB9-7DD0-4FF1-8D98-8DC3A0B2AF77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_p2200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "02BC9134-0188-4F79-BAB6-77409617D752",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_p3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BC64DC02-91A7-4E10-9023-6932A4A14D77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_p3200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C91BB45E-C2BF-4B48-892B-82EF5710AA7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_p400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5E7CC54F-15FE-4ED8-AA5D-900AAFFAEEC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_p4000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8FBB9DDD-963E-4B10-B0BC-99588C82969F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_p4200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CECB5A97-0088-4ACD-9A9C-964D4C3DE699",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_p500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E57FD81-AC93-49BE-B0E1-FB5699CE7A52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_p5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DCDC421C-3B8F-4EAA-A2D4-14C14CD7F3DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_p520:-:*:*:*:*:*:*:*",
"matchCriteriaId": "453E0F78-7B35-42B2-B5FA-43ACE9F7602A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_p5200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "004D6C59-E6C9-4E0E-BBA8-8E3AD0F0BC1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_p600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BC5FA1F3-5D7E-4085-B5D3-D86CF5A6E412",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_p6000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "60176B23-2751-4415-A0D3-DF1BE640F6C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_p620:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3F9219FD-849D-4A0A-97F0-85492B4B2189",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_rtx_3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7F4AB1BC-2B82-4C12-96B0-B269462032B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_rtx_4000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "323643CB-D03C-47D1-9FAF-0A5C0777DF61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_rtx_5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A5175F77-1E61-4296-AFDD-F00D1C0B5560",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_rtx_6000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F06F4994-5EDF-4652-B673-4F90907994DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_rtx_8000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66216B9A-F79D-4681-BBC4-6F5D80A3E5EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_t1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "33D439F5-86EC-47FC-826A-229C028EB149",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_t2000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD476101-4981-46F9-9898-717701C0CAE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_t400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "85351FD4-28CD-4392-B154-90E4DE270F7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_t600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "109B8099-C1AD-4695-877A-13B4301FEBB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:shield_tv:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49F85C44-6B7E-4B7C-AC8D-9D5727DFA0B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:shield_tv_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76300BC2-B496-4B4D-979B-6C56F590449A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:tesla_m10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "343850DA-E975-467A-99A2-852E24135DD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:tesla_m4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B8C459A6-EE1D-482F-BC23-866836870512",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:tesla_m40:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A6DDBF7C-C346-4515-AD0D-922E7E2F09E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:tesla_m6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2E92C2C2-1CF7-4531-B431-D67BF6049635",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:tesla_m60:-:*:*:*:*:*:*:*",
"matchCriteriaId": "44B63168-6671-4D31-A984-B0A0F71CB799",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:tesla_p100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6299665D-182A-4F2C-B451-1103B943CAE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:tesla_p4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EDCAD45A-986C-42AE-80F6-728E9427187C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:tesla_p40:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B4D9D634-1F0C-49A7-B680-24423CA6468E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:tesla_p6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "656DD5D8-A9DC-4A18-A444-C1D73580C6E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:tesla_v100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2CC382C-4F8D-471B-B525-DE28D60E14EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:tesla_v100s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E5E8719D-831E-4703-9989-A33782F4FFBE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:titan_rtx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C494A0AF-5DBF-47BE-8156-3CB876BAE779",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:titan_v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8751F9FE-920A-4438-B0E3-F6F493B1B72C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:titan_x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FABA79A-A70A-40A5-ADA7-893EAB42FE9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:titan_xp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0C9A97E1-2F0F-495D-97E8-0538AAC066EE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to access debug registers during runtime, which may lead to information disclosure."
},
{
"lang": "es",
"value": "La GPU NVIDIA y el hardware Tegra contienen una vulnerabilidad en el microcontrolador interno que puede permitir a un usuario con altos privilegios acceder a los registros de depuraci\u00f3n durante el tiempo de ejecuci\u00f3n, que puede conllevar a una divulgaci\u00f3n de informaci\u00f3n"
}
],
"id": "CVE-2021-1105",
"lastModified": "2024-11-21T05:43:36.420",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.5,
"impactScore": 3.6,
"source": "psirt@nvidia.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-11-20T15:15:07.743",
"references": [
{
"source": "psirt@nvidia.com",
"tags": [
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5263"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5263"
}
],
"sourceIdentifier": "psirt@nvidia.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-08-11 22:15
Modified
2024-11-21 05:43
Severity ?
4.7 (Medium) - CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:H
4.7 (Medium) - CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:H
4.7 (Medium) - CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:H
Summary
NVIDIA camera firmware contains a difficult to exploit vulnerability where a highly privileged attacker can cause unauthorized modification to camera resources, which may result in complete denial of service and partial loss of data integrity for all clients.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| nvidia | jetson_linux | * | |
| nvidia | jetson_agx_xavier | - | |
| nvidia | jetson_nano | - | |
| nvidia | jetson_nano_2gb | - | |
| nvidia | jetson_tx1 | - | |
| nvidia | jetson_tx2 | - | |
| nvidia | jetson_tx2_nx | - | |
| nvidia | jetson_xavier_nx | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nvidia:jetson_linux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9E69A431-2B5A-4718-BCD2-CA2D1077641B",
"versionEndExcluding": "32.6.1",
"versionStartIncluding": "32.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nvidia:jetson_agx_xavier:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5DD3D2AA-2A9F-470D-BB0F-A7B7C2EC2490",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_nano:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B2B041F-21A8-4F0B-BBAF-7CDD8B911547",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_nano_2gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "52E153CA-BE89-4C66-8B72-8901BF592423",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "86D1FDAD-C594-43D9-9BF6-F7461177AB91",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE9D4A55-A232-4AF2-B7E9-CD58D7D17479",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2_nx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64C3FB58-08AA-4FE4-97BE-21B254BA229F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0AA5976-FD71-4A53-BD4F-D342E871FEB0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "NVIDIA camera firmware contains a difficult to exploit vulnerability where a highly privileged attacker can cause unauthorized modification to camera resources, which may result in complete denial of service and partial loss of data integrity for all clients."
},
{
"lang": "es",
"value": "El firmware de la c\u00e1mara NVIDIA contiene una vulnerabilidad dif\u00edcil de explotar en la que un atacante con muchos privilegios puede provocar una modificaci\u00f3n no autorizada de los recursos de la c\u00e1mara, lo que puede provocar una denegaci\u00f3n de servicio completa y una p\u00e9rdida parcial de la integridad de los datos para todos los clientes"
}
],
"id": "CVE-2021-1113",
"lastModified": "2024-11-21T05:43:37.387",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 5.4,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:M/Au:N/C:N/I:P/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 7.8,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.5,
"impactScore": 4.2,
"source": "psirt@nvidia.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.5,
"impactScore": 4.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-08-11T22:15:08.467",
"references": [
{
"source": "psirt@nvidia.com",
"tags": [
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5216"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5216"
}
],
"sourceIdentifier": "psirt@nvidia.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "psirt@nvidia.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-06-22 22:15
Modified
2024-11-21 06:10
Severity ?
4.2 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Trusty contains a vulnerability in the NVIDIA OTE protocol that is present in all TAs. An incorrect message stream deserialization allows an attacker to use the malicious CA that is run by the user to cause the buffer overflow, which may lead to information disclosure and data modification.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| nvidia | jetson_linux | * | |
| nvidia | jetson_agx_xavier_16gb | - | |
| nvidia | jetson_agx_xavier_32gb | - | |
| nvidia | jetson_agx_xavier_8gb | - | |
| nvidia | jetson_tx2 | - | |
| nvidia | jetson_tx2_4gb | - | |
| nvidia | jetson_tx2_nx | - | |
| nvidia | jetson_tx2i | - | |
| nvidia | jetson_xavier_nx | - | |
| nvidia | jetson_xavier_nx | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nvidia:jetson_linux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E8941F71-0292-414E-AEA5-DD55EA3C2009",
"versionEndExcluding": "32.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nvidia:jetson_agx_xavier_16gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0E081CB-B6EC-42DC-BA04-BCA13C17D190",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_agx_xavier_32gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F92D471-8E65-41FC-A5DE-255136F6F989",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_agx_xavier_8gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E29459F7-997A-4B87-9164-6E3B5158ADC3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE9D4A55-A232-4AF2-B7E9-CD58D7D17479",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2_4gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "71994F94-5279-4107-99F5-48990AE0C686",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2_nx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64C3FB58-08AA-4FE4-97BE-21B254BA229F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5DF55ABB-1B4F-452E-9D84-C01A638F88A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:developer_kit:*:*:*:*:*",
"matchCriteriaId": "3E54B955-F0E2-44BD-9B8C-3C788BBCF2A9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:production:*:*:*:*:*",
"matchCriteriaId": "3E0C93C3-26F6-48E4-BADA-4DB05A7BA9D1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Trusty contains a vulnerability in the NVIDIA OTE protocol that is present in all TAs. An incorrect message stream deserialization allows an attacker to use the malicious CA that is run by the user to cause the buffer overflow, which may lead to information disclosure and data modification."
},
{
"lang": "es",
"value": "Trusty contiene una vulnerabilidad en el protocolo NVIDIA OTE que est\u00e1 presente en todos los AT. Una deserializaci\u00f3n incorrecta del flujo de mensajes permite a un atacante utilizar la AC maliciosa que ejecuta el usuario para provocar el desbordamiento del b\u00fafer, lo que puede llevar a la divulgaci\u00f3n de informaci\u00f3n y a la modificaci\u00f3n de datos"
}
],
"id": "CVE-2021-34394",
"lastModified": "2024-11-21T06:10:18.440",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.6,
"impactScore": 3.6,
"source": "psirt@nvidia.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-06-22T22:15:09.277",
"references": [
{
"source": "psirt@nvidia.com",
"tags": [
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5205"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5205"
}
],
"sourceIdentifier": "psirt@nvidia.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-502"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-06-30 11:15
Modified
2024-11-21 06:10
Severity ?
7.7 (High) - CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Trusty contains a vulnerability in command handlers where the length of input buffers is not verified. This vulnerability can cause memory corruption, which may lead to information disclosure, escalation of privileges, and denial of service.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| nvidia | jetson_linux | * | |
| nvidia | jetson_agx_xavier_16gb | - | |
| nvidia | jetson_agx_xavier_32gb | - | |
| nvidia | jetson_agx_xavier_8gb | - | |
| nvidia | jetson_tx2 | - | |
| nvidia | jetson_tx2_4gb | - | |
| nvidia | jetson_tx2_nx | - | |
| nvidia | jetson_tx2i | - | |
| nvidia | jetson_xavier_nx | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nvidia:jetson_linux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E8941F71-0292-414E-AEA5-DD55EA3C2009",
"versionEndExcluding": "32.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nvidia:jetson_agx_xavier_16gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0E081CB-B6EC-42DC-BA04-BCA13C17D190",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_agx_xavier_32gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F92D471-8E65-41FC-A5DE-255136F6F989",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_agx_xavier_8gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E29459F7-997A-4B87-9164-6E3B5158ADC3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE9D4A55-A232-4AF2-B7E9-CD58D7D17479",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2_4gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "71994F94-5279-4107-99F5-48990AE0C686",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2_nx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64C3FB58-08AA-4FE4-97BE-21B254BA229F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5DF55ABB-1B4F-452E-9D84-C01A638F88A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0AA5976-FD71-4A53-BD4F-D342E871FEB0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Trusty contains a vulnerability in command handlers where the length of input buffers is not verified. This vulnerability can cause memory corruption, which may lead to information disclosure, escalation of privileges, and denial of service."
},
{
"lang": "es",
"value": "Trusty contiene una vulnerabilidad en los manejadores de comandos donde la longitud de los b\u00faferes de entrada no es verificada. Esta vulnerabilidad puede causar una corrupci\u00f3n de la memoria, lo que puede conllevar a una divulgaci\u00f3n de informaci\u00f3n, escalada de privilegios y una denegaci\u00f3n de servicio"
}
],
"id": "CVE-2021-34374",
"lastModified": "2024-11-21T06:10:15.740",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.1,
"impactScore": 6.0,
"source": "psirt@nvidia.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-06-30T11:15:08.277",
"references": [
{
"source": "psirt@nvidia.com",
"tags": [
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5205"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5205"
}
],
"sourceIdentifier": "psirt@nvidia.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-06-30 11:15
Modified
2024-11-21 06:10
Severity ?
6.3 (Medium) - CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Bootloader contains a vulnerability in NVIDIA MB2 where a potential heap overflow could cause memory corruption, which might lead to denial of service or code execution.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| nvidia | jetson_linux | * | |
| nvidia | jetson_agx_xavier_16gb | - | |
| nvidia | jetson_agx_xavier_32gb | - | |
| nvidia | jetson_agx_xavier_8gb | - | |
| nvidia | jetson_tx2 | - | |
| nvidia | jetson_tx2_4gb | - | |
| nvidia | jetson_tx2_nx | - | |
| nvidia | jetson_tx2i | - | |
| nvidia | jetson_xavier_nx | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nvidia:jetson_linux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E8941F71-0292-414E-AEA5-DD55EA3C2009",
"versionEndExcluding": "32.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nvidia:jetson_agx_xavier_16gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0E081CB-B6EC-42DC-BA04-BCA13C17D190",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_agx_xavier_32gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F92D471-8E65-41FC-A5DE-255136F6F989",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_agx_xavier_8gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E29459F7-997A-4B87-9164-6E3B5158ADC3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE9D4A55-A232-4AF2-B7E9-CD58D7D17479",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2_4gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "71994F94-5279-4107-99F5-48990AE0C686",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2_nx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64C3FB58-08AA-4FE4-97BE-21B254BA229F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5DF55ABB-1B4F-452E-9D84-C01A638F88A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0AA5976-FD71-4A53-BD4F-D342E871FEB0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Bootloader contains a vulnerability in NVIDIA MB2 where a potential heap overflow could cause memory corruption, which might lead to denial of service or code execution."
},
{
"lang": "es",
"value": "El cargador de arranque contiene una vulnerabilidad en NVIDIA MB2 donde un potencial desbordamiento de pila podr\u00eda causar una corrupci\u00f3n de memoria, lo que podr\u00eda conllevar a una denegaci\u00f3n de servicio o una ejecuci\u00f3n de c\u00f3digo"
}
],
"id": "CVE-2021-34384",
"lastModified": "2024-11-21T06:10:17.090",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.0,
"impactScore": 5.2,
"source": "psirt@nvidia.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-06-30T11:15:08.857",
"references": [
{
"source": "psirt@nvidia.com",
"tags": [
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5205"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5205"
}
],
"sourceIdentifier": "psirt@nvidia.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-06-30 11:15
Modified
2024-11-21 06:10
Severity ?
7.0 (High) - CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Bootloader contains a vulnerability in NVIDIA MB2 where potential heap overflow might cause corruption of the heap metadata, which might lead to arbitrary code execution, denial of service, and information disclosure during secure boot.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| nvidia | jetson_linux | * | |
| nvidia | jetson_agx_xavier_16gb | - | |
| nvidia | jetson_agx_xavier_32gb | - | |
| nvidia | jetson_agx_xavier_8gb | - | |
| nvidia | jetson_tx2 | - | |
| nvidia | jetson_tx2_4gb | - | |
| nvidia | jetson_tx2_nx | - | |
| nvidia | jetson_tx2i | - | |
| nvidia | jetson_xavier_nx | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nvidia:jetson_linux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E8941F71-0292-414E-AEA5-DD55EA3C2009",
"versionEndExcluding": "32.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nvidia:jetson_agx_xavier_16gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0E081CB-B6EC-42DC-BA04-BCA13C17D190",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_agx_xavier_32gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F92D471-8E65-41FC-A5DE-255136F6F989",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_agx_xavier_8gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E29459F7-997A-4B87-9164-6E3B5158ADC3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE9D4A55-A232-4AF2-B7E9-CD58D7D17479",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2_4gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "71994F94-5279-4107-99F5-48990AE0C686",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2_nx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64C3FB58-08AA-4FE4-97BE-21B254BA229F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5DF55ABB-1B4F-452E-9D84-C01A638F88A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0AA5976-FD71-4A53-BD4F-D342E871FEB0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Bootloader contains a vulnerability in NVIDIA MB2 where potential heap overflow might cause corruption of the heap metadata, which might lead to arbitrary code execution, denial of service, and information disclosure during secure boot."
},
{
"lang": "es",
"value": "El cargador de arranque contiene una vulnerabilidad en NVIDIA MB2 en la que un posible desbordamiento de la pila podr\u00eda causar una corrupci\u00f3n de los metadatos de la pila, lo que podr\u00eda conllevar a una ejecuci\u00f3n de c\u00f3digo arbitraria, denegaci\u00f3n de servicio y una divulgaci\u00f3n de informaci\u00f3n durante el arranque seguro"
}
],
"id": "CVE-2021-34380",
"lastModified": "2024-11-21T06:10:16.567",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.0,
"impactScore": 5.9,
"source": "psirt@nvidia.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-06-30T11:15:08.617",
"references": [
{
"source": "psirt@nvidia.com",
"tags": [
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5205"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5205"
}
],
"sourceIdentifier": "psirt@nvidia.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-08-11 22:15
Modified
2024-11-21 05:43
Severity ?
6.7 (Medium) - CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:H
6.7 (Medium) - CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:H
6.7 (Medium) - CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:H
Summary
Bootloader contains a vulnerability in the NV3P server where any user with physical access through USB can trigger an incorrect bounds check, which may lead to buffer overflow, resulting in limited information disclosure, limited data integrity, and denial of service across all components.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| nvidia | jetson_linux | * | |
| nvidia | jetson_agx_xavier | - | |
| nvidia | jetson_tx2 | - | |
| nvidia | jetson_tx2_nx | - | |
| nvidia | jetson_xavier_nx | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nvidia:jetson_linux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9E69A431-2B5A-4718-BCD2-CA2D1077641B",
"versionEndExcluding": "32.6.1",
"versionStartIncluding": "32.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nvidia:jetson_agx_xavier:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5DD3D2AA-2A9F-470D-BB0F-A7B7C2EC2490",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE9D4A55-A232-4AF2-B7E9-CD58D7D17479",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2_nx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64C3FB58-08AA-4FE4-97BE-21B254BA229F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0AA5976-FD71-4A53-BD4F-D342E871FEB0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Bootloader contains a vulnerability in the NV3P server where any user with physical access through USB can trigger an incorrect bounds check, which may lead to buffer overflow, resulting in limited information disclosure, limited data integrity, and denial of service across all components."
},
{
"lang": "es",
"value": "El gestor de arranque contiene una vulnerabilidad en el servidor NV3P en la que cualquier usuario con acceso f\u00edsico a trav\u00e9s de USB puede desencadenar una comprobaci\u00f3n de l\u00edmites incorrecta, lo que puede provocar un desbordamiento del b\u00fafer, dando lugar a una divulgaci\u00f3n de informaci\u00f3n limitada, una integridad de datos limitada y una denegaci\u00f3n de servicio en todos los componentes"
}
],
"id": "CVE-2021-1111",
"lastModified": "2024-11-21T05:43:37.157",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.9,
"impactScore": 5.3,
"source": "psirt@nvidia.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.9,
"impactScore": 5.3,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-08-11T22:15:08.327",
"references": [
{
"source": "psirt@nvidia.com",
"tags": [
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5216"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5216"
}
],
"sourceIdentifier": "psirt@nvidia.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "psirt@nvidia.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-08-11 22:15
Modified
2024-11-21 05:43
Severity ?
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
NVIDIA Linux kernel distributions contain a vulnerability in nvmap, where a null pointer dereference may lead to complete denial of service.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| nvidia | jetson_linux | * | |
| nvidia | jetson_agx_xavier | - | |
| nvidia | jetson_nano | - | |
| nvidia | jetson_nano_2gb | - | |
| nvidia | jetson_tx1 | - | |
| nvidia | jetson_tx2 | - | |
| nvidia | jetson_tx2_nx | - | |
| nvidia | jetson_xavier_nx | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nvidia:jetson_linux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9E69A431-2B5A-4718-BCD2-CA2D1077641B",
"versionEndExcluding": "32.6.1",
"versionStartIncluding": "32.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nvidia:jetson_agx_xavier:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5DD3D2AA-2A9F-470D-BB0F-A7B7C2EC2490",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_nano:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B2B041F-21A8-4F0B-BBAF-7CDD8B911547",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_nano_2gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "52E153CA-BE89-4C66-8B72-8901BF592423",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "86D1FDAD-C594-43D9-9BF6-F7461177AB91",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE9D4A55-A232-4AF2-B7E9-CD58D7D17479",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2_nx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64C3FB58-08AA-4FE4-97BE-21B254BA229F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0AA5976-FD71-4A53-BD4F-D342E871FEB0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "NVIDIA Linux kernel distributions contain a vulnerability in nvmap, where a null pointer dereference may lead to complete denial of service."
},
{
"lang": "es",
"value": "Las distribuciones del kernel de Linux de NVIDIA contienen una vulnerabilidad en nvmap, donde una desreferencia del puntero null puede conllevar a una denegaci\u00f3n de servicio completa"
}
],
"id": "CVE-2021-1112",
"lastModified": "2024-11-21T05:43:37.277",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "psirt@nvidia.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-08-11T22:15:08.397",
"references": [
{
"source": "psirt@nvidia.com",
"tags": [
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5216"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5216"
}
],
"sourceIdentifier": "psirt@nvidia.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-11-20 15:15
Modified
2024-11-21 06:10
Severity ?
4.1 (Medium) - CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Summary
NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to gain access to information from unscrubbed registers, which may lead to information disclosure.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nvidia:dgx-1_p100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "47EAF1F2-41D7-4F6F-A6F4-CDC36F544204",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:dgx-1_v100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CBFD6294-13E6-4615-8BB0-7863CC5E62B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:dgx-2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2578180E-CD9E-4D45-B092-CEFDC3653878",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:dgx_station_a100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "96A05233-855C-4099-BF73-0D04F8F58A44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:drive_constellation:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36517415-0642-4DF2-9CAF-CC73DFD301D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gt_605:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6A6FE1DB-4930-46B5-868D-4445EF312A33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gt_610:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B600A94B-877D-42BA-B4F7-360198F3ECF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gt_620:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36438CBB-37FB-455B-AE50-D68726E092BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gt_625:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EC98A0F7-89B0-4BE0-A6EE-58EA39781E53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gt_630:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B8C2CAC-B37E-47AD-AF02-C6BF5952DF87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gt_635:-:*:*:*:*:*:*:*",
"matchCriteriaId": "635D27CF-65F3-4166-867E-7FD25EEE5303",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gt_640:-:*:*:*:*:*:*:*",
"matchCriteriaId": "95DB79D1-C580-4A62-B177-7E47737147F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gt_705:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0225FE8D-16A7-4400-94F2-CE857D2255C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gt_710:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B72BBAC-CEBD-4405-B1EC-7535794FF5EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gt_720:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BCC9048C-F848-48AD-BD5D-59D36E684949",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gt_730:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2C9365F-B4A5-4EA2-917B-2F07457017EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gt_740:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21FE9995-2F38-4257-9FE1-2495D05D1993",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_1050:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D835EE77-6031-40D6-8305-F962F42E7018",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_1050_ti:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49C8D547-A817-4A62-9045-789843998A18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_1060:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F0ED6F8E-1F82-4C50-9EEF-A5F58DB440AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_1070:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E884CEDD-CAA5-489D-A526-B628BB3DE460",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_1070_ti:-:*:*:*:*:*:*:*",
"matchCriteriaId": "73F427BC-F15D-443D-B7F8-B0BB0C52C427",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_1080:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9E3455DE-4408-4603-86B2-5ECE76ED459C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_1080_ti:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57CA2FAC-9170-4E68-B6A6-E2CD9CCF0600",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_1650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2E8B18CF-58CF-48C8-A4AE-F6922E215E5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_1650_super:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FD84C049-7F87-4C92-9FCB-7BD7382E25E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_1660:-:*:*:*:*:*:*:*",
"matchCriteriaId": "573887F7-E422-48AA-8205-56166D81536C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_1660_super:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA37A3BB-35DF-4863-9A95-29B631587DB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_1660_ti:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3913E75-6B38-498F-9C6A-A4A8B752D5BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_645:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C519FF2F-0AE9-4290-8115-F60EB9B830C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0D0E7C6F-C42F-40E1-9DF1-2ED17938DCC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_650_ti:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3A978D1E-BD96-4534-83FE-434F0157AB54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_650_ti_boost:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FCD9648-DA33-4F4F-9AC7-7FB826205729",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_660:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89B38FD5-B548-4BF7-8E35-37701320569C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_660_ti:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7AD0960F-EBEF-4876-8DC6-7B42B799105F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_670:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4A4F5E65-0E6F-47FD-8E5B-D00D5F82D467",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_680:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07F9F2F5-AE1B-4BE5-8D6B-D16967A208F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_690:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8416729C-0339-4B1C-99AC-C132D45744C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_745:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E733A3A-347E-4147-89AE-9EEC9B4DB787",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_750:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EDC42D37-5DDE-4545-A4B9-7701749C0982",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_750_ti:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7F2F1B32-CFEE-4417-843D-880302E4D6FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_760:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5176FD7-C3F6-4642-831C-1FE33D3E3B35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_760_ti:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F61534DC-EA6D-42E8-9AE5-AE6420906318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_770:-:*:*:*:*:*:*:*",
"matchCriteriaId": "530C2C04-A37D-442C-BB0E-BEA01864D73C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_780:-:*:*:*:*:*:*:*",
"matchCriteriaId": "22A5378C-2395-4D23-BD06-0995C5637857",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_780_ti:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D651C50E-63D1-4FC6-8EEA-095E17A1342A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_950:-:*:*:*:*:*:*:*",
"matchCriteriaId": "52379F40-A0B8-404F-8187-26D085F3568A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_960:-:*:*:*:*:*:*:*",
"matchCriteriaId": "29D0D308-1A59-4D8C-930C-2B480E718FB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_970:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B957ED4F-2A0E-4E6E-AF06-CC09722A4008",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_980:-:*:*:*:*:*:*:*",
"matchCriteriaId": "280BE7CC-3E8C-4630-BDA3-CFC409C2E5A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_gtx_titan_x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5A7ED258-77DC-45FA-B6AE-B9310049ECDE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_rtx_2060:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5743279-2E97-4D92-A43B-732B9AE0979C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_rtx_2060_super:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A54F1D17-30C3-4912-858B-B656AE636C58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_rtx_2070:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9472E1FC-B22D-437B-A62E-9476A903F2BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_rtx_2070_super:-:*:*:*:*:*:*:*",
"matchCriteriaId": "483E83C0-FD09-4473-8036-A2E1C362A2E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_rtx_2080:-:*:*:*:*:*:*:*",
"matchCriteriaId": "88DEB01F-0C63-4EA1-878A-2DC9701DAA41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_rtx_2080_super:-:*:*:*:*:*:*:*",
"matchCriteriaId": "633AB383-A5D6-4F0F-A973-FE777117A856",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:geforce_rtx_2080_ti:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0BF0DE98-5862-4738-A8D5-06C9599B5317",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:gtx_titan:-:*:*:*:*:*:*:*",
"matchCriteriaId": "114895F2-AE45-4A46-BCFF-FD7C2573D88B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:gtx_titan_black:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E4A83155-9EA1-4F67-803F-3F8F692C6729",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:gtx_titan_z:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FED1874A-9E4B-4725-A130-6CA872D491CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_agx_xavier_16gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0E081CB-B6EC-42DC-BA04-BCA13C17D190",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_agx_xavier_32gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F92D471-8E65-41FC-A5DE-255136F6F989",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_agx_xavier_8gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E29459F7-997A-4B87-9164-6E3B5158ADC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_nano:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B2B041F-21A8-4F0B-BBAF-7CDD8B911547",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_nano:-:*:-:*:*:*:*:*",
"matchCriteriaId": "9244F123-8518-4D81-AD26-5695F27F413B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_nano:-:*:developer_kit:*:*:*:*:*",
"matchCriteriaId": "80BF53A0-8FDF-4827-9C00-ED082C4A68C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "86D1FDAD-C594-43D9-9BF6-F7461177AB91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE9D4A55-A232-4AF2-B7E9-CD58D7D17479",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2_4gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "71994F94-5279-4107-99F5-48990AE0C686",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2_nx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64C3FB58-08AA-4FE4-97BE-21B254BA229F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5DF55ABB-1B4F-452E-9D84-C01A638F88A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0AA5976-FD71-4A53-BD4F-D342E871FEB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:developer_kit:*:*:*:*:*",
"matchCriteriaId": "3E54B955-F0E2-44BD-9B8C-3C788BBCF2A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:production:*:*:*:*:*",
"matchCriteriaId": "3E0C93C3-26F6-48E4-BADA-4DB05A7BA9D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:nvidia_hgx-2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D697CF9-CBAE-4E29-AA3C-50FEDEB4F20E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:nvidia_t1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "284CDDF2-12D5-4A35-9A1F-496E9112F798",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:nvidia_t2000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "98CD730F-BBB7-4EE0-93B5-88555B9494B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:nvidia_t4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1292795D-A6ED-40D6-BE2D-D396909C5D59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:nvidia_t400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80AA0372-BA25-4C5E-B464-13AB660D1D98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:nvidia_t600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6A7C069-DE2C-4390-8B2C-8A3175D692F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_gv100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A30CCD00-60D7-42B5-B88C-AF2BD81B796F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m1000m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3896B47E-8787-45D2-96B3-BF4892780F35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m1200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A1E9293F-C51A-40B0-9461-83A31366C8C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m2000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "316C9573-7C7D-4429-8563-B74FD752AC51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m2000m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6FEC13EF-BB2F-4ED2-BC8B-8234ABAEEE02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m2200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E607C924-1682-4348-B6BF-31912E3A3D13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m3000m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5E13B65-F61B-44D4-B1D7-1E96D9CB45BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m4000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76ABA317-6621-4D57-874F-307451EC9C2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m4000m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "477D72B5-A3EA-440A-B495-8A09E8564E8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F2B507EE-F005-4806-A8FC-8C8D9A31B0DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m5000m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DAD67DC6-AA36-4F93-B8DB-77EB8C153BCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m500m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E707A80B-6482-47DD-8BF3-6E58BC2C697A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m520:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F5E94B4-0DF1-4F79-87A0-C90A6131091B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m5500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0E8D2AC7-DC75-4BBA-BF4E-58BF88B49B11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m6000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ED233BC3-6982-41E1-9205-5159C17A4A56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m600m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7C186F38-89C7-4616-A424-201804F842C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_m620:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB2D3A4D-0C03-402F-BB8A-2DE5AE14FDA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_p1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DFB1F23E-99C5-4FBC-9E9C-8AD8A05AE8C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_p2000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "05069DB9-7DD0-4FF1-8D98-8DC3A0B2AF77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_p2200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "02BC9134-0188-4F79-BAB6-77409617D752",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_p3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BC64DC02-91A7-4E10-9023-6932A4A14D77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_p3200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C91BB45E-C2BF-4B48-892B-82EF5710AA7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_p400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5E7CC54F-15FE-4ED8-AA5D-900AAFFAEEC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_p4000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8FBB9DDD-963E-4B10-B0BC-99588C82969F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_p4200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CECB5A97-0088-4ACD-9A9C-964D4C3DE699",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_p500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E57FD81-AC93-49BE-B0E1-FB5699CE7A52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_p5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DCDC421C-3B8F-4EAA-A2D4-14C14CD7F3DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_p520:-:*:*:*:*:*:*:*",
"matchCriteriaId": "453E0F78-7B35-42B2-B5FA-43ACE9F7602A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_p5200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "004D6C59-E6C9-4E0E-BBA8-8E3AD0F0BC1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_p600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BC5FA1F3-5D7E-4085-B5D3-D86CF5A6E412",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_p6000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "60176B23-2751-4415-A0D3-DF1BE640F6C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_p620:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3F9219FD-849D-4A0A-97F0-85492B4B2189",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_rtx_3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7F4AB1BC-2B82-4C12-96B0-B269462032B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_rtx_4000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "323643CB-D03C-47D1-9FAF-0A5C0777DF61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_rtx_5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A5175F77-1E61-4296-AFDD-F00D1C0B5560",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_rtx_6000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F06F4994-5EDF-4652-B673-4F90907994DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_rtx_8000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66216B9A-F79D-4681-BBC4-6F5D80A3E5EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_t1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "33D439F5-86EC-47FC-826A-229C028EB149",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_t2000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD476101-4981-46F9-9898-717701C0CAE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_t400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "85351FD4-28CD-4392-B154-90E4DE270F7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:quadro_t600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "109B8099-C1AD-4695-877A-13B4301FEBB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:shield_tv:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49F85C44-6B7E-4B7C-AC8D-9D5727DFA0B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:shield_tv_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76300BC2-B496-4B4D-979B-6C56F590449A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:tesla_m10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "343850DA-E975-467A-99A2-852E24135DD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:tesla_m4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B8C459A6-EE1D-482F-BC23-866836870512",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:tesla_m40:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A6DDBF7C-C346-4515-AD0D-922E7E2F09E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:tesla_m6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2E92C2C2-1CF7-4531-B431-D67BF6049635",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:tesla_m60:-:*:*:*:*:*:*:*",
"matchCriteriaId": "44B63168-6671-4D31-A984-B0A0F71CB799",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:tesla_p100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6299665D-182A-4F2C-B451-1103B943CAE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:tesla_p4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EDCAD45A-986C-42AE-80F6-728E9427187C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:tesla_p40:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B4D9D634-1F0C-49A7-B680-24423CA6468E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:tesla_p6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "656DD5D8-A9DC-4A18-A444-C1D73580C6E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:tesla_v100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2CC382C-4F8D-471B-B525-DE28D60E14EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:tesla_v100s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E5E8719D-831E-4703-9989-A33782F4FFBE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:titan_rtx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C494A0AF-5DBF-47BE-8156-3CB876BAE779",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:titan_v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8751F9FE-920A-4438-B0E3-F6F493B1B72C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:titan_x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FABA79A-A70A-40A5-ADA7-893EAB42FE9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nvidia:titan_xp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0C9A97E1-2F0F-495D-97E8-0538AAC066EE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to gain access to information from unscrubbed registers, which may lead to information disclosure."
},
{
"lang": "es",
"value": "La GPU NVIDIA y el hardware Tegra contienen una vulnerabilidad en el microcontrolador interno que puede permitir a un usuario con altos privilegios acceder a informaci\u00f3n de registros no depurados, que puede conllevar a una divulgaci\u00f3n de informaci\u00f3n"
}
],
"id": "CVE-2021-34399",
"lastModified": "2024-11-21T06:10:19.100",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.5,
"impactScore": 3.6,
"source": "psirt@nvidia.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-11-20T15:15:07.983",
"references": [
{
"source": "psirt@nvidia.com",
"tags": [
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5263"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5263"
}
],
"sourceIdentifier": "psirt@nvidia.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-12-30 23:15
Modified
2024-11-21 07:24
Severity ?
7.9 (High) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N
7.9 (High) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N
7.9 (High) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N
Summary
NVIDIA Trusted OS contains a vulnerability in an SMC call handler, where failure to validate untrusted input may allow a highly privileged local attacker to cause information disclosure and compromise integrity. The scope of the impact can extend to other components.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nvidia:jetson_linux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5C65BE02-61B8-4A4D-84A8-52BCA6895C34",
"versionEndExcluding": "32.7.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nvidia:jetson_agx_xavier:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5DD3D2AA-2A9F-470D-BB0F-A7B7C2EC2490",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_agx_xavier_16gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0E081CB-B6EC-42DC-BA04-BCA13C17D190",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_agx_xavier_32gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F92D471-8E65-41FC-A5DE-255136F6F989",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_agx_xavier_64gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B51F666B-F3ED-4CF3-B48E-B39BDE1C2579",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_agx_xavier_8gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E29459F7-997A-4B87-9164-6E3B5158ADC3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_agx_xavier_industrial:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3C7C6B22-EBD3-4465-9852-4A4844AA714A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "86D1FDAD-C594-43D9-9BF6-F7461177AB91",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE9D4A55-A232-4AF2-B7E9-CD58D7D17479",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2_4gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "71994F94-5279-4107-99F5-48990AE0C686",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2_nx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64C3FB58-08AA-4FE4-97BE-21B254BA229F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5DF55ABB-1B4F-452E-9D84-C01A638F88A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0AA5976-FD71-4A53-BD4F-D342E871FEB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_xavier_nx_16gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A36028A3-EE83-4158-9039-5C6C795FA048",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "NVIDIA Trusted OS contains a vulnerability in an SMC call handler, where failure to validate untrusted input may allow a highly privileged local attacker to cause information disclosure and compromise integrity. The scope of the impact can extend to other components."
},
{
"lang": "es",
"value": "NVIDIA Trusted OS contiene una vulnerabilidad en un controlador de llamadas SMC, donde no validar entradas que no son de confianza puede permitir que un atacante local con privilegios elevados provoque la divulgaci\u00f3n de informaci\u00f3n y comprometa la integridad. El alcance del impacto puede extenderse a otros componentes."
}
],
"id": "CVE-2022-42269",
"lastModified": "2024-11-21T07:24:37.670",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.9,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.5,
"impactScore": 5.8,
"source": "psirt@nvidia.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.9,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.5,
"impactScore": 5.8,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-12-30T23:15:11.750",
"references": [
{
"source": "psirt@nvidia.com",
"tags": [
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5417"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5417"
}
],
"sourceIdentifier": "psirt@nvidia.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "psirt@nvidia.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-06-22 22:15
Modified
2024-11-21 06:10
Severity ?
1.9 (Low) - CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L
2.3 (Low) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L
2.3 (Low) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L
Summary
Bootloader contains a vulnerability in NVIDIA MB2, which may cause free-the-wrong-heap, which may lead to limited denial of service.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| nvidia | jetson_linux | * | |
| nvidia | jetson_agx_xavier_16gb | - | |
| nvidia | jetson_agx_xavier_32gb | - | |
| nvidia | jetson_agx_xavier_8gb | - | |
| nvidia | jetson_tx2 | - | |
| nvidia | jetson_tx2_4gb | - | |
| nvidia | jetson_tx2_nx | - | |
| nvidia | jetson_tx2i | - | |
| nvidia | jetson_xavier_nx | - | |
| nvidia | jetson_xavier_nx | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nvidia:jetson_linux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E8941F71-0292-414E-AEA5-DD55EA3C2009",
"versionEndExcluding": "32.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nvidia:jetson_agx_xavier_16gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0E081CB-B6EC-42DC-BA04-BCA13C17D190",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_agx_xavier_32gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F92D471-8E65-41FC-A5DE-255136F6F989",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_agx_xavier_8gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E29459F7-997A-4B87-9164-6E3B5158ADC3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE9D4A55-A232-4AF2-B7E9-CD58D7D17479",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2_4gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "71994F94-5279-4107-99F5-48990AE0C686",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2_nx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64C3FB58-08AA-4FE4-97BE-21B254BA229F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5DF55ABB-1B4F-452E-9D84-C01A638F88A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:developer_kit:*:*:*:*:*",
"matchCriteriaId": "3E54B955-F0E2-44BD-9B8C-3C788BBCF2A9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:production:*:*:*:*:*",
"matchCriteriaId": "3E0C93C3-26F6-48E4-BADA-4DB05A7BA9D1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Bootloader contains a vulnerability in NVIDIA MB2, which may cause free-the-wrong-heap, which may lead to limited denial of service."
},
{
"lang": "es",
"value": "El cargador de arranque contiene una vulnerabilidad en NVIDIA MB2, que puede causar un fallo de tipo free-the-wrong-heap, lo que podr\u00eda conllevar a una denegaci\u00f3n de servicio limitada"
}
],
"id": "CVE-2021-34397",
"lastModified": "2024-11-21T06:10:18.840",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 1.9,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 0.5,
"impactScore": 1.4,
"source": "psirt@nvidia.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 2.3,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-06-22T22:15:09.457",
"references": [
{
"source": "psirt@nvidia.com",
"tags": [
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5205"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5205"
}
],
"sourceIdentifier": "psirt@nvidia.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-08-11 22:15
Modified
2024-11-21 05:43
Severity ?
7.3 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H
7.3 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H
7.3 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H
Summary
NVIDIA Linux kernel distributions contain a vulnerability in FuSa Capture (VI/ISP), where integer underflow due to lack of input validation may lead to complete denial of service, partial integrity, and serious confidentiality loss for all processes in the system.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| nvidia | jetson_linux | * | |
| nvidia | jetson_agx_xavier | - | |
| nvidia | jetson_nano | - | |
| nvidia | jetson_nano_2gb | - | |
| nvidia | jetson_tx1 | - | |
| nvidia | jetson_tx2 | - | |
| nvidia | jetson_tx2_nx | - | |
| nvidia | jetson_xavier_nx | - | |
| nvidia | shield_experience | * | |
| nvidia | shield_tv | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nvidia:jetson_linux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9E69A431-2B5A-4718-BCD2-CA2D1077641B",
"versionEndExcluding": "32.6.1",
"versionStartIncluding": "32.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nvidia:jetson_agx_xavier:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5DD3D2AA-2A9F-470D-BB0F-A7B7C2EC2490",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_nano:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B2B041F-21A8-4F0B-BBAF-7CDD8B911547",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_nano_2gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "52E153CA-BE89-4C66-8B72-8901BF592423",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "86D1FDAD-C594-43D9-9BF6-F7461177AB91",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE9D4A55-A232-4AF2-B7E9-CD58D7D17479",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2_nx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64C3FB58-08AA-4FE4-97BE-21B254BA229F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0AA5976-FD71-4A53-BD4F-D342E871FEB0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nvidia:shield_experience:*:*:*:*:*:*:*:*",
"matchCriteriaId": "71B40848-51B9-47D6-83D9-B45EDBA785DA",
"versionEndExcluding": "9.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nvidia:shield_tv:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49F85C44-6B7E-4B7C-AC8D-9D5727DFA0B8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "NVIDIA Linux kernel distributions contain a vulnerability in FuSa Capture (VI/ISP), where integer underflow due to lack of input validation may lead to complete denial of service, partial integrity, and serious confidentiality loss for all processes in the system."
},
{
"lang": "es",
"value": "Las distribuciones del kernel de Linux de NVIDIA contienen una vulnerabilidad en FuSa Capture (VI/ISP), en la que un desbordamiento de enteros debido a la falta de comprobaci\u00f3n de entrada puede conllevar a una denegaci\u00f3n de servicio completa, una integridad parcial y una grave p\u00e9rdida de confidencialidad para todos los procesos del sistema"
}
],
"id": "CVE-2021-1108",
"lastModified": "2024-11-21T05:43:36.800",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.5,
"source": "psirt@nvidia.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.5,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-08-11T22:15:08.127",
"references": [
{
"source": "psirt@nvidia.com",
"tags": [
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5216"
},
{
"source": "psirt@nvidia.com",
"tags": [
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5259"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5216"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5259"
}
],
"sourceIdentifier": "psirt@nvidia.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-191"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-06-21 22:15
Modified
2024-11-21 06:10
Severity ?
5.0 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
5.0 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
5.0 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
Summary
Trusty contains a vulnerability in NVIDIA OTE protocol message parsing code, which is present in all the TAs. An incorrect bounds check can allow a local user through a malicious client to access memory from the heap in the TrustZone, which may lead to information disclosure.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| nvidia | jetson_linux | * | |
| nvidia | jetson_agx_xavier_16gb | - | |
| nvidia | jetson_agx_xavier_32gb | - | |
| nvidia | jetson_agx_xavier_8gb | - | |
| nvidia | jetson_tx2 | - | |
| nvidia | jetson_tx2_4gb | - | |
| nvidia | jetson_tx2_nx | - | |
| nvidia | jetson_tx2i | - | |
| nvidia | jetson_xavier_nx | - | |
| nvidia | jetson_xavier_nx | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nvidia:jetson_linux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E8941F71-0292-414E-AEA5-DD55EA3C2009",
"versionEndExcluding": "32.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nvidia:jetson_agx_xavier_16gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0E081CB-B6EC-42DC-BA04-BCA13C17D190",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_agx_xavier_32gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F92D471-8E65-41FC-A5DE-255136F6F989",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_agx_xavier_8gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E29459F7-997A-4B87-9164-6E3B5158ADC3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE9D4A55-A232-4AF2-B7E9-CD58D7D17479",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2_4gb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "71994F94-5279-4107-99F5-48990AE0C686",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2_nx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64C3FB58-08AA-4FE4-97BE-21B254BA229F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_tx2i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5DF55ABB-1B4F-452E-9D84-C01A638F88A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:developer_kit:*:*:*:*:*",
"matchCriteriaId": "3E54B955-F0E2-44BD-9B8C-3C788BBCF2A9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:production:*:*:*:*:*",
"matchCriteriaId": "3E0C93C3-26F6-48E4-BADA-4DB05A7BA9D1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Trusty contains a vulnerability in NVIDIA OTE protocol message parsing code, which is present in all the TAs. An incorrect bounds check can allow a local user through a malicious client to access memory from the heap in the TrustZone, which may lead to information disclosure."
},
{
"lang": "es",
"value": "Trusty contiene una vulnerabilidad en el c\u00f3digo de an\u00e1lisis de mensajes del protocolo NVIDIA OTE, que est\u00e1 presente en todas las TA. Una comprobaci\u00f3n de l\u00edmites incorrecta puede permitir a un usuario local, a trav\u00e9s de un cliente malicioso, acceder a la memoria de la pila de la TrustZone, lo que puede conducir a la divulgaci\u00f3n de informaci\u00f3n"
}
],
"id": "CVE-2021-34389",
"lastModified": "2024-11-21T06:10:17.770",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 1.9,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.3,
"impactScore": 3.6,
"source": "psirt@nvidia.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.3,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-06-21T22:15:07.833",
"references": [
{
"source": "psirt@nvidia.com",
"tags": [
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5205"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5205"
}
],
"sourceIdentifier": "psirt@nvidia.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-401"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cve-2021-34399
Vulnerability from cvelistv5
Published
2021-11-20 14:55
Modified
2024-08-04 00:12
Severity ?
EPSS score ?
Summary
NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to gain access to information from unscrubbed registers, which may lead to information disclosure.
References
| ▼ | URL | Tags |
|---|---|---|
| https://nvidia.custhelp.com/app/answers/detail/a_id/5263 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | NVIDIA | NVIDIA GPU and Tegra hardware |
Version: Turing, Volta, Pascal, Maxwell, Tegra X1, Tegra X1+, Tegra TX2, Xavier |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:12:49.877Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5263"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "NVIDIA GPU and Tegra hardware",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "Turing, Volta, Pascal, Maxwell, Tegra X1, Tegra X1+, Tegra TX2, Xavier"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to gain access to information from unscrubbed registers, which may lead to information disclosure."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE 226: Sensitive Information in Resource Not Removed Before Reuse",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-20T14:55:25",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5263"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@nvidia.com",
"ID": "CVE-2021-34399",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "NVIDIA GPU and Tegra hardware",
"version": {
"version_data": [
{
"version_value": "Turing, Volta, Pascal, Maxwell, Tegra X1, Tegra X1+, Tegra TX2, Xavier"
}
]
}
}
]
},
"vendor_name": "NVIDIA"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to gain access to information from unscrubbed registers, which may lead to information disclosure."
}
]
},
"impact": {
"cvss": {
"baseScore": 4.1,
"baseSeverity": "Medium",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE 226: Sensitive Information in Resource Not Removed Before Reuse"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://nvidia.custhelp.com/app/answers/detail/a_id/5263",
"refsource": "CONFIRM",
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5263"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2021-34399",
"datePublished": "2021-11-20T14:55:25",
"dateReserved": "2021-06-09T00:00:00",
"dateUpdated": "2024-08-04T00:12:49.877Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-34384
Vulnerability from cvelistv5
Published
2021-06-30 10:24
Modified
2024-08-04 00:12
Severity ?
EPSS score ?
Summary
Bootloader contains a vulnerability in NVIDIA MB2 where a potential heap overflow could cause memory corruption, which might lead to denial of service or code execution.
References
| ▼ | URL | Tags |
|---|---|---|
| https://nvidia.custhelp.com/app/answers/detail/a_id/5205 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | NVIDIA | NVIDIA Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX |
Version: All Jetson Linux versions prior to r32.5.1 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:12:49.913Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5205"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "NVIDIA Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All Jetson Linux versions prior to r32.5.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Bootloader contains a vulnerability in NVIDIA MB2 where a potential heap overflow could cause memory corruption, which might lead to denial of service or code execution."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "information disclosure, escalation of privileges, denial of service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-30T10:24:37",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5205"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@nvidia.com",
"ID": "CVE-2021-34384",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "NVIDIA Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX",
"version": {
"version_data": [
{
"version_value": "All Jetson Linux versions prior to r32.5.1"
}
]
}
}
]
},
"vendor_name": "NVIDIA"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Bootloader contains a vulnerability in NVIDIA MB2 where a potential heap overflow could cause memory corruption, which might lead to denial of service or code execution."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "information disclosure, escalation of privileges, denial of service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://nvidia.custhelp.com/app/answers/detail/a_id/5205",
"refsource": "CONFIRM",
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5205"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2021-34384",
"datePublished": "2021-06-30T10:24:37",
"dateReserved": "2021-06-09T00:00:00",
"dateUpdated": "2024-08-04T00:12:49.913Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-1088
Vulnerability from cvelistv5
Published
2021-11-20 14:55
Modified
2024-08-03 15:55
Severity ?
EPSS score ?
Summary
NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to utilize debug mechanisms with insufficient access control, which may lead to information disclosure.
References
| ▼ | URL | Tags |
|---|---|---|
| https://nvidia.custhelp.com/app/answers/detail/a_id/5263 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | NVIDIA | NVIDIA GPU and Tegra hardware |
Version: Turing, Volta, Pascal, Maxwell, Tegra X1, Tegra X1+, Tegra TX2, Xavier |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:55:18.682Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5263"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "NVIDIA GPU and Tegra hardware",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "Turing, Volta, Pascal, Maxwell, Tegra X1, Tegra X1+, Tegra TX2, Xavier"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to utilize debug mechanisms with insufficient access control, which may lead to information disclosure."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE 200: Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-20T14:55:17",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5263"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@nvidia.com",
"ID": "CVE-2021-1088",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "NVIDIA GPU and Tegra hardware",
"version": {
"version_data": [
{
"version_value": "Turing, Volta, Pascal, Maxwell, Tegra X1, Tegra X1+, Tegra TX2, Xavier"
}
]
}
}
]
},
"vendor_name": "NVIDIA"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to utilize debug mechanisms with insufficient access control, which may lead to information disclosure."
}
]
},
"impact": {
"cvss": {
"baseScore": 4.1,
"baseSeverity": "Medium",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE 200: Exposure of Sensitive Information to an Unauthorized Actor"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://nvidia.custhelp.com/app/answers/detail/a_id/5263",
"refsource": "CONFIRM",
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5263"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2021-1088",
"datePublished": "2021-11-20T14:55:17",
"dateReserved": "2020-11-12T00:00:00",
"dateUpdated": "2024-08-03T15:55:18.682Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-34374
Vulnerability from cvelistv5
Published
2021-06-30 10:24
Modified
2024-08-04 00:12
Severity ?
EPSS score ?
Summary
Trusty contains a vulnerability in command handlers where the length of input buffers is not verified. This vulnerability can cause memory corruption, which may lead to information disclosure, escalation of privileges, and denial of service.
References
| ▼ | URL | Tags |
|---|---|---|
| https://nvidia.custhelp.com/app/answers/detail/a_id/5205 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | NVIDIA | NVIDIA Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX |
Version: All Jetson Linux versions prior to r32.5.1 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:12:48.697Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5205"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "NVIDIA Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All Jetson Linux versions prior to r32.5.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Trusty contains a vulnerability in command handlers where the length of input buffers is not verified. This vulnerability can cause memory corruption, which may lead to information disclosure, escalation of privileges, and denial of service."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "information disclosure, escalation of privileges, denial of service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-30T10:24:28",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5205"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@nvidia.com",
"ID": "CVE-2021-34374",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "NVIDIA Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX",
"version": {
"version_data": [
{
"version_value": "All Jetson Linux versions prior to r32.5.1"
}
]
}
}
]
},
"vendor_name": "NVIDIA"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Trusty contains a vulnerability in command handlers where the length of input buffers is not verified. This vulnerability can cause memory corruption, which may lead to information disclosure, escalation of privileges, and denial of service."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "information disclosure, escalation of privileges, denial of service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://nvidia.custhelp.com/app/answers/detail/a_id/5205",
"refsource": "CONFIRM",
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5205"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2021-34374",
"datePublished": "2021-06-30T10:24:28",
"dateReserved": "2021-06-09T00:00:00",
"dateUpdated": "2024-08-04T00:12:48.697Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-42269
Vulnerability from cvelistv5
Published
2022-12-30 00:00
Modified
2024-08-03 13:03
Severity ?
EPSS score ?
Summary
NVIDIA Trusted OS contains a vulnerability in an SMC call handler, where failure to validate untrusted input may allow a highly privileged local attacker to cause information disclosure and compromise integrity. The scope of the impact can extend to other components.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | NVIDIA | Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX1, Jetson TX2 series, Jetson TX2 NX |
Version: All versions prior to 32.7.2 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T13:03:45.939Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5417"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX1, Jetson TX2 series, Jetson TX2 NX",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All versions prior to 32.7.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "NVIDIA Trusted OS contains a vulnerability in an SMC call handler, where failure to validate untrusted input may allow a highly privileged local attacker to cause information disclosure and compromise integrity. The scope of the impact can extend to other components."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.9,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-12-30T00:00:00",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5417"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2022-42269",
"datePublished": "2022-12-30T00:00:00",
"dateReserved": "2022-10-03T00:00:00",
"dateUpdated": "2024-08-03T13:03:45.939Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-1109
Vulnerability from cvelistv5
Published
2021-08-11 21:33
Modified
2024-08-03 15:55
Severity ?
EPSS score ?
Summary
NVIDIA camera firmware contains a multistep, timing-related vulnerability where an unauthorized modification by camera resources may result in loss of data integrity or denial of service across several streams.
References
| ▼ | URL | Tags |
|---|---|---|
| https://nvidia.custhelp.com/app/answers/detail/a_id/5216 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | NVIDIA | Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX, Jetson Nano, Jetson Nano 2GB, Jetson TX1. |
Version: All Jetson Linux versions prior to r32.6.1 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:55:18.681Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5216"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX, Jetson Nano, Jetson Nano 2GB, Jetson TX1.",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All Jetson Linux versions prior to r32.6.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "NVIDIA camera firmware contains a multistep, timing-related vulnerability where an unauthorized modification by camera resources may result in loss of data integrity or denial of service across several streams."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "data integrity, denial of service.",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-11T21:33:02",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5216"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@nvidia.com",
"ID": "CVE-2021-1109",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX, Jetson Nano, Jetson Nano 2GB, Jetson TX1.",
"version": {
"version_data": [
{
"version_value": "All Jetson Linux versions prior to r32.6.1"
}
]
}
}
]
},
"vendor_name": "NVIDIA"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NVIDIA camera firmware contains a multistep, timing-related vulnerability where an unauthorized modification by camera resources may result in loss of data integrity or denial of service across several streams."
}
]
},
"impact": {
"cvss": {
"baseScore": 7.2,
"baseSeverity": "High",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "data integrity, denial of service."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://nvidia.custhelp.com/app/answers/detail/a_id/5216",
"refsource": "MISC",
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5216"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2021-1109",
"datePublished": "2021-08-11T21:33:02",
"dateReserved": "2020-11-12T00:00:00",
"dateUpdated": "2024-08-03T15:55:18.681Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-25520
Vulnerability from cvelistv5
Published
2023-06-23 17:23
Modified
2024-11-07 19:07
Severity ?
EPSS score ?
Summary
NVIDIA Jetson Linux Driver Package contains a vulnerability in nvbootctrl, where a privileged local attacker can configure invalid settings, resulting in denial of service.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | NVIDIA | Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX |
Version: All versions prior to 32.7.4 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:25:18.628Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5466"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-25520",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-07T19:06:32.753683Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-07T19:07:37.748Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All versions prior to 32.7.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eNVIDIA Jetson Linux Driver Package contains a vulnerability in \u003c/span\u003e\u003ccode\u003envbootctrl\u003c/code\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e, where a privileged local attacker can configure invalid settings, resulting in denial of service.\u003c/span\u003e\n\n"
}
],
"value": "\nNVIDIA Jetson Linux Driver Package contains a vulnerability in nvbootctrl, where a privileged local attacker can configure invalid settings, resulting in denial of service.\n\n"
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Denial of service"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-23T17:23:21.837Z",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5466"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2023-25520",
"datePublished": "2023-06-23T17:23:21.837Z",
"dateReserved": "2023-02-07T02:57:17.086Z",
"dateUpdated": "2024-11-07T19:07:37.748Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-34397
Vulnerability from cvelistv5
Published
2021-06-22 21:25
Modified
2024-08-04 00:12
Severity ?
EPSS score ?
Summary
Bootloader contains a vulnerability in NVIDIA MB2, which may cause free-the-wrong-heap, which may lead to limited denial of service.
References
| ▼ | URL | Tags |
|---|---|---|
| https://nvidia.custhelp.com/app/answers/detail/a_id/5205 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | NVIDIA | NVIDIA Jetson TX2 series, TX2 NX, AGX Xavier series, Xavier NX |
Version: All Jetson Linux versions prior to r32.5.1 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:12:49.915Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5205"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "NVIDIA Jetson TX2 series, TX2 NX, AGX Xavier series, Xavier NX",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All Jetson Linux versions prior to r32.5.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Bootloader contains a vulnerability in NVIDIA MB2, which may cause free-the-wrong-heap, which may lead to limited denial of service."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 1.9,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "denial of service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-22T21:25:33",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5205"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@nvidia.com",
"ID": "CVE-2021-34397",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "NVIDIA Jetson TX2 series, TX2 NX, AGX Xavier series, Xavier NX",
"version": {
"version_data": [
{
"version_value": "All Jetson Linux versions prior to r32.5.1"
}
]
}
}
]
},
"vendor_name": "NVIDIA"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Bootloader contains a vulnerability in NVIDIA MB2, which may cause free-the-wrong-heap, which may lead to limited denial of service."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 1.9,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "denial of service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://nvidia.custhelp.com/app/answers/detail/a_id/5205",
"refsource": "CONFIRM",
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5205"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2021-34397",
"datePublished": "2021-06-22T21:25:33",
"dateReserved": "2021-06-09T00:00:00",
"dateUpdated": "2024-08-04T00:12:49.915Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-34378
Vulnerability from cvelistv5
Published
2021-06-30 10:24
Modified
2024-08-04 00:12
Severity ?
EPSS score ?
Summary
Trusty contains a vulnerability in the HDCP service TA where bounds checking in command 11 is missing. Improper restriction of operations within the bounds of a memory buffer might lead to information disclosure, denial of service, or escalation of privileges.
References
| ▼ | URL | Tags |
|---|---|---|
| https://nvidia.custhelp.com/app/answers/detail/a_id/5205 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | NVIDIA | NVIDIA Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX |
Version: All Jetson Linux versions prior to r32.5.1 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:12:50.370Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5205"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "NVIDIA Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All Jetson Linux versions prior to r32.5.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Trusty contains a vulnerability in the HDCP service TA where bounds checking in command 11 is missing. Improper restriction of operations within the bounds of a memory buffer might lead to information disclosure, denial of service, or escalation of privileges."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "information disclosure, escalation of privileges, denial of service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-30T10:24:32",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5205"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@nvidia.com",
"ID": "CVE-2021-34378",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "NVIDIA Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX",
"version": {
"version_data": [
{
"version_value": "All Jetson Linux versions prior to r32.5.1"
}
]
}
}
]
},
"vendor_name": "NVIDIA"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Trusty contains a vulnerability in the HDCP service TA where bounds checking in command 11 is missing. Improper restriction of operations within the bounds of a memory buffer might lead to information disclosure, denial of service, or escalation of privileges."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "information disclosure, escalation of privileges, denial of service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://nvidia.custhelp.com/app/answers/detail/a_id/5205",
"refsource": "CONFIRM",
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5205"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2021-34378",
"datePublished": "2021-06-30T10:24:32",
"dateReserved": "2021-06-09T00:00:00",
"dateUpdated": "2024-08-04T00:12:50.370Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-34389
Vulnerability from cvelistv5
Published
2021-06-21 21:35
Modified
2024-08-04 00:12
Severity ?
EPSS score ?
Summary
Trusty contains a vulnerability in NVIDIA OTE protocol message parsing code, which is present in all the TAs. An incorrect bounds check can allow a local user through a malicious client to access memory from the heap in the TrustZone, which may lead to information disclosure.
References
| ▼ | URL | Tags |
|---|---|---|
| https://nvidia.custhelp.com/app/answers/detail/a_id/5205 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | NVIDIA | NVIDIA Jetson, TX2 series, TX2 NX, AGX Xavier series, Xavier NX |
Version: All Jetson Linux versions prior to r32.5.1 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:12:50.025Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5205"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "NVIDIA Jetson, TX2 series, TX2 NX, AGX Xavier series, Xavier NX",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All Jetson Linux versions prior to r32.5.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Trusty contains a vulnerability in NVIDIA OTE protocol message parsing code, which is present in all the TAs. An incorrect bounds check can allow a local user through a malicious client to access memory from the heap in the TrustZone, which may lead to information disclosure."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "information disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-07-16T22:50:44",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5205"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@nvidia.com",
"ID": "CVE-2021-34389",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "NVIDIA Jetson, TX2 series, TX2 NX, AGX Xavier series, Xavier NX",
"version": {
"version_data": [
{
"version_value": "All Jetson Linux versions prior to r32.5.1"
}
]
}
}
]
},
"vendor_name": "NVIDIA"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Trusty contains a vulnerability in NVIDIA OTE protocol message parsing code, which is present in all the TAs. An incorrect bounds check can allow a local user through a malicious client to access memory from the heap in the TrustZone, which may lead to information disclosure."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "information disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://nvidia.custhelp.com/app/answers/detail/a_id/5205",
"refsource": "CONFIRM",
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5205"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2021-34389",
"datePublished": "2021-06-21T21:35:19",
"dateReserved": "2021-06-09T00:00:00",
"dateUpdated": "2024-08-04T00:12:50.025Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-34376
Vulnerability from cvelistv5
Published
2021-06-30 10:24
Modified
2024-08-04 00:12
Severity ?
EPSS score ?
Summary
Trusty contains a vulnerability in the HDCP service TA where bounds checking in command 5 is missing. Improper restriction of operations within the bounds of a memory buffer might lead to denial of service, escalation of privileges, and information disclosure.
References
| ▼ | URL | Tags |
|---|---|---|
| https://nvidia.custhelp.com/app/answers/detail/a_id/5205 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | NVIDIA | NVIDIA Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX |
Version: All Jetson Linux versions prior to r32.5.1 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:12:49.998Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5205"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "NVIDIA Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All Jetson Linux versions prior to r32.5.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Trusty contains a vulnerability in the HDCP service TA where bounds checking in command 5 is missing. Improper restriction of operations within the bounds of a memory buffer might lead to denial of service, escalation of privileges, and information disclosure."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "information disclosure, escalation of privileges, denial of service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-30T10:24:30",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5205"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@nvidia.com",
"ID": "CVE-2021-34376",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "NVIDIA Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX",
"version": {
"version_data": [
{
"version_value": "All Jetson Linux versions prior to r32.5.1"
}
]
}
}
]
},
"vendor_name": "NVIDIA"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Trusty contains a vulnerability in the HDCP service TA where bounds checking in command 5 is missing. Improper restriction of operations within the bounds of a memory buffer might lead to denial of service, escalation of privileges, and information disclosure."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "information disclosure, escalation of privileges, denial of service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://nvidia.custhelp.com/app/answers/detail/a_id/5205",
"refsource": "CONFIRM",
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5205"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2021-34376",
"datePublished": "2021-06-30T10:24:30",
"dateReserved": "2021-06-09T00:00:00",
"dateUpdated": "2024-08-04T00:12:49.998Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-34380
Vulnerability from cvelistv5
Published
2021-06-30 10:24
Modified
2024-08-04 00:12
Severity ?
EPSS score ?
Summary
Bootloader contains a vulnerability in NVIDIA MB2 where potential heap overflow might cause corruption of the heap metadata, which might lead to arbitrary code execution, denial of service, and information disclosure during secure boot.
References
| ▼ | URL | Tags |
|---|---|---|
| https://nvidia.custhelp.com/app/answers/detail/a_id/5205 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | NVIDIA | NVIDIA Jetson TX1, TX2 series, TX2 NX, AGX Xavier series, Xavier NX, Nano and Nano 2GB |
Version: All Jetson Linux versions prior to r32.5.1 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:12:50.375Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5205"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "NVIDIA Jetson TX1, TX2 series, TX2 NX, AGX Xavier series, Xavier NX, Nano and Nano 2GB",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All Jetson Linux versions prior to r32.5.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Bootloader contains a vulnerability in NVIDIA MB2 where potential heap overflow might cause corruption of the heap metadata, which might lead to arbitrary code execution, denial of service, and information disclosure during secure boot."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "information disclosure, escalation of privileges, denial of service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-30T10:24:34",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5205"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@nvidia.com",
"ID": "CVE-2021-34380",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "NVIDIA Jetson TX1, TX2 series, TX2 NX, AGX Xavier series, Xavier NX, Nano and Nano 2GB",
"version": {
"version_data": [
{
"version_value": "All Jetson Linux versions prior to r32.5.1"
}
]
}
}
]
},
"vendor_name": "NVIDIA"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Bootloader contains a vulnerability in NVIDIA MB2 where potential heap overflow might cause corruption of the heap metadata, which might lead to arbitrary code execution, denial of service, and information disclosure during secure boot."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "information disclosure, escalation of privileges, denial of service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://nvidia.custhelp.com/app/answers/detail/a_id/5205",
"refsource": "CONFIRM",
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5205"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2021-34380",
"datePublished": "2021-06-30T10:24:34",
"dateReserved": "2021-06-09T00:00:00",
"dateUpdated": "2024-08-04T00:12:50.375Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-1106
Vulnerability from cvelistv5
Published
2021-08-11 21:32
Modified
2024-08-03 15:55
Severity ?
EPSS score ?
Summary
NVIDIA Linux kernel distributions contain a vulnerability in nvmap, where writes may be allowed to read-only buffers, which may result in escalation of privileges, complete denial of service, unconstrained information disclosure, and serious data tampering of all processes on the system.
References
| ▼ | URL | Tags |
|---|---|---|
| https://nvidia.custhelp.com/app/answers/detail/a_id/5216 | x_refsource_MISC | |
| https://nvidia.custhelp.com/app/answers/detail/a_id/5259 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||
|---|---|---|---|---|---|---|---|
| ▼ | NVIDIA | Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX, Jetson Nano, Jetson Nano 2GB, Jetson TX1 |
Version: All Jetson Linux versions prior to r32.6.1 |
||||
|
|||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:55:18.558Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5216"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5259"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX, Jetson Nano, Jetson Nano 2GB, Jetson TX1",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All Jetson Linux versions prior to r32.6.1"
}
]
},
{
"product": "Shield TV",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All versions prior to SE 9.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "NVIDIA Linux kernel distributions contain a vulnerability in nvmap, where writes may be allowed to read-only buffers, which may result in escalation of privileges, complete denial of service, unconstrained information disclosure, and serious data tampering of all processes on the system."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privileges, denial of service, information disclosure, and data tampering",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-19T16:56:07",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5216"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5259"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@nvidia.com",
"ID": "CVE-2021-1106",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX, Jetson Nano, Jetson Nano 2GB, Jetson TX1",
"version": {
"version_data": [
{
"version_value": "All Jetson Linux versions prior to r32.6.1"
}
]
}
},
{
"product_name": "Shield TV",
"version": {
"version_data": [
{
"version_value": "All versions prior to SE 9.0"
}
]
}
}
]
},
"vendor_name": "NVIDIA"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NVIDIA Linux kernel distributions contain a vulnerability in nvmap, where writes may be allowed to read-only buffers, which may result in escalation of privileges, complete denial of service, unconstrained information disclosure, and serious data tampering of all processes on the system."
}
]
},
"impact": {
"cvss": {
"baseScore": 7.8,
"baseSeverity": "High",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "escalation of privileges, denial of service, information disclosure, and data tampering"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://nvidia.custhelp.com/app/answers/detail/a_id/5216",
"refsource": "MISC",
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5216"
},
{
"name": "https://nvidia.custhelp.com/app/answers/detail/a_id/5259",
"refsource": "MISC",
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5259"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2021-1106",
"datePublished": "2021-08-11T21:32:58",
"dateReserved": "2020-11-12T00:00:00",
"dateUpdated": "2024-08-03T15:55:18.558Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-23219
Vulnerability from cvelistv5
Published
2021-11-20 14:55
Modified
2024-08-03 19:05
Severity ?
EPSS score ?
Summary
NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller, which may allow a user with elevated privileges to access protected information by identifying, exploiting, and loading vulnerable microcode. Such an attack may lead to information disclosure.
References
| ▼ | URL | Tags |
|---|---|---|
| https://nvidia.custhelp.com/app/answers/detail/a_id/5263 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | NVIDIA | NVIDIA GPU and Tegra hardware |
Version: Maxwell (except GM206), Tegra X1, Tegra X1+ |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T19:05:55.355Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5263"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "NVIDIA GPU and Tegra hardware",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "Maxwell (except GM206), Tegra X1, Tegra X1+"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller, which may allow a user with elevated privileges to access protected information by identifying, exploiting, and loading vulnerable microcode. Such an attack may lead to information disclosure."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE 1190: DMA Device Enabled Too Early in Boot Phase",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-08T18:36:13",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5263"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@nvidia.com",
"ID": "CVE-2021-23219",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "NVIDIA GPU and Tegra hardware",
"version": {
"version_data": [
{
"version_value": "Maxwell (except GM206), Tegra X1, Tegra X1+"
}
]
}
}
]
},
"vendor_name": "NVIDIA"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller, which may allow a user with elevated privileges to access protected information by identifying, exploiting, and loading vulnerable microcode. Such an attack may lead to information disclosure."
}
]
},
"impact": {
"cvss": {
"baseScore": 4.1,
"baseSeverity": "Medium",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE 1190: DMA Device Enabled Too Early in Boot Phase"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://nvidia.custhelp.com/app/answers/detail/a_id/5263",
"refsource": "CONFIRM",
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5263"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2021-23219",
"datePublished": "2021-11-20T14:55:24",
"dateReserved": "2021-02-09T00:00:00",
"dateUpdated": "2024-08-03T19:05:55.355Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-34388
Vulnerability from cvelistv5
Published
2021-06-21 21:35
Modified
2024-08-04 00:12
Severity ?
EPSS score ?
Summary
Bootloader contains a vulnerability in NVIDIA TegraBoot where a potential heap overflow might allow an attacker to control all the RAM after the heap block, leading to denial of service or code execution.
References
| ▼ | URL | Tags |
|---|---|---|
| https://nvidia.custhelp.com/app/answers/detail/a_id/5205 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | NVIDIA | NVIDIA Jetson TX1, TX2 series, TX2 NX, AGX Xavier series, Xavier NX, Nano and Nano 2GB |
Version: All Jetson Linux versions prior to r32.5.1 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:12:49.987Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5205"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "NVIDIA Jetson TX1, TX2 series, TX2 NX, AGX Xavier series, Xavier NX, Nano and Nano 2GB",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All Jetson Linux versions prior to r32.5.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Bootloader contains a vulnerability in NVIDIA TegraBoot where a potential heap overflow might allow an attacker to control all the RAM after the heap block, leading to denial of service or code execution."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "code execution, denial of service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-30T10:14:55",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5205"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@nvidia.com",
"ID": "CVE-2021-34388",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "NVIDIA Jetson TX1, TX2 series, TX2 NX, AGX Xavier series, Xavier NX, Nano and Nano 2GB",
"version": {
"version_data": [
{
"version_value": "All Jetson Linux versions prior to r32.5.1"
}
]
}
}
]
},
"vendor_name": "NVIDIA"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Bootloader contains a vulnerability in NVIDIA TegraBoot where a potential heap overflow might allow an attacker to control all the RAM after the heap block, leading to denial of service or code execution."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "code execution, denial of service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://nvidia.custhelp.com/app/answers/detail/a_id/5205",
"refsource": "CONFIRM",
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5205"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2021-34388",
"datePublished": "2021-06-21T21:35:17",
"dateReserved": "2021-06-09T00:00:00",
"dateUpdated": "2024-08-04T00:12:49.987Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-1105
Vulnerability from cvelistv5
Published
2021-11-20 14:55
Modified
2024-08-03 15:55
Severity ?
EPSS score ?
Summary
NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to access debug registers during runtime, which may lead to information disclosure.
References
| ▼ | URL | Tags |
|---|---|---|
| https://nvidia.custhelp.com/app/answers/detail/a_id/5263 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | NVIDIA | NVIDIA GPU and Tegra hardware |
Version: Turing, Volta, Pascal, Maxwell, Tegra X1, Tegra X1+, Tegra TX2, Xavier |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:55:18.491Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5263"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "NVIDIA GPU and Tegra hardware",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "Turing, Volta, Pascal, Maxwell, Tegra X1, Tegra X1+, Tegra TX2, Xavier"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to access debug registers during runtime, which may lead to information disclosure."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE 1313: Hardware Allows Activation of Test or Debug Logic at Runtime",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-20T14:55:18",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5263"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@nvidia.com",
"ID": "CVE-2021-1105",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "NVIDIA GPU and Tegra hardware",
"version": {
"version_data": [
{
"version_value": "Turing, Volta, Pascal, Maxwell, Tegra X1, Tegra X1+, Tegra TX2, Xavier"
}
]
}
}
]
},
"vendor_name": "NVIDIA"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to access debug registers during runtime, which may lead to information disclosure."
}
]
},
"impact": {
"cvss": {
"baseScore": 4.1,
"baseSeverity": "Medium",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE 1313: Hardware Allows Activation of Test or Debug Logic at Runtime"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://nvidia.custhelp.com/app/answers/detail/a_id/5263",
"refsource": "CONFIRM",
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5263"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2021-1105",
"datePublished": "2021-11-20T14:55:19",
"dateReserved": "2020-11-12T00:00:00",
"dateUpdated": "2024-08-03T15:55:18.491Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-1114
Vulnerability from cvelistv5
Published
2021-08-11 21:33
Modified
2024-08-03 15:55
Severity ?
EPSS score ?
Summary
NVIDIA Linux kernel distributions contain a vulnerability in the kernel crypto node, where use after free may lead to complete denial of service.
References
| ▼ | URL | Tags |
|---|---|---|
| https://nvidia.custhelp.com/app/answers/detail/a_id/5216 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | NVIDIA | NVIDIA Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX |
Version: All Jetson Linux versions prior to r32.6.1 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:55:18.530Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5216"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "NVIDIA Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All Jetson Linux versions prior to r32.6.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "NVIDIA Linux kernel distributions contain a vulnerability in the kernel crypto node, where use after free may lead to complete denial of service."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Use After Free",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-24T15:57:12",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5216"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@nvidia.com",
"ID": "CVE-2021-1114",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "NVIDIA Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX",
"version": {
"version_data": [
{
"version_value": "All Jetson Linux versions prior to r32.6.1"
}
]
}
}
]
},
"vendor_name": "NVIDIA"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NVIDIA Linux kernel distributions contain a vulnerability in the kernel crypto node, where use after free may lead to complete denial of service."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://nvidia.custhelp.com/app/answers/detail/a_id/5216",
"refsource": "CONFIRM",
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5216"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2021-1114",
"datePublished": "2021-08-11T21:33:07",
"dateReserved": "2020-11-12T00:00:00",
"dateUpdated": "2024-08-03T15:55:18.530Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-1125
Vulnerability from cvelistv5
Published
2021-11-20 14:55
Modified
2024-08-03 15:55
Severity ?
EPSS score ?
Summary
NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to corrupt program data.
References
| ▼ | URL | Tags |
|---|---|---|
| https://nvidia.custhelp.com/app/answers/detail/a_id/5263 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | NVIDIA | NVIDIA GPU and Tegra hardware |
Version: Maxwell, Pascal, Volta, Tegra X1, Tegra X1+, Tegra TX2, Xavier |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:55:18.660Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5263"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "NVIDIA GPU and Tegra hardware",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "Maxwell, Pascal, Volta, Tegra X1, Tegra X1+, Tegra TX2, Xavier"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to corrupt program data."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE 325: Missing Cryptographic Step",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-20T14:55:20",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5263"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@nvidia.com",
"ID": "CVE-2021-1125",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "NVIDIA GPU and Tegra hardware",
"version": {
"version_data": [
{
"version_value": "Maxwell, Pascal, Volta, Tegra X1, Tegra X1+, Tegra TX2, Xavier"
}
]
}
}
]
},
"vendor_name": "NVIDIA"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to corrupt program data."
}
]
},
"impact": {
"cvss": {
"baseScore": 4.1,
"baseSeverity": "Medium",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE 325: Missing Cryptographic Step"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://nvidia.custhelp.com/app/answers/detail/a_id/5263",
"refsource": "CONFIRM",
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5263"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2021-1125",
"datePublished": "2021-11-20T14:55:20",
"dateReserved": "2020-11-12T00:00:00",
"dateUpdated": "2024-08-03T15:55:18.660Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-34394
Vulnerability from cvelistv5
Published
2021-06-22 21:25
Modified
2024-08-04 00:12
Severity ?
EPSS score ?
Summary
Trusty contains a vulnerability in the NVIDIA OTE protocol that is present in all TAs. An incorrect message stream deserialization allows an attacker to use the malicious CA that is run by the user to cause the buffer overflow, which may lead to information disclosure and data modification.
References
| ▼ | URL | Tags |
|---|---|---|
| https://nvidia.custhelp.com/app/answers/detail/a_id/5205 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | NVIDIA | NVIDIA Jetson TX2 series, TX2 NX, AGX Xavier series, Xavier NX |
Version: All Jetson Linux versions prior to r32.5.1 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:12:50.176Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5205"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "NVIDIA Jetson TX2 series, TX2 NX, AGX Xavier series, Xavier NX",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All Jetson Linux versions prior to r32.5.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Trusty contains a vulnerability in the NVIDIA OTE protocol that is present in all TAs. An incorrect message stream deserialization allows an attacker to use the malicious CA that is run by the user to cause the buffer overflow, which may lead to information disclosure and data modification."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "denial of service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-07-16T22:50:48",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5205"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@nvidia.com",
"ID": "CVE-2021-34394",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "NVIDIA Jetson TX2 series, TX2 NX, AGX Xavier series, Xavier NX",
"version": {
"version_data": [
{
"version_value": "All Jetson Linux versions prior to r32.5.1"
}
]
}
}
]
},
"vendor_name": "NVIDIA"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Trusty contains a vulnerability in the NVIDIA OTE protocol that is present in all TAs. An incorrect message stream deserialization allows an attacker to use the malicious CA that is run by the user to cause the buffer overflow, which may lead to information disclosure and data modification."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "denial of service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://nvidia.custhelp.com/app/answers/detail/a_id/5205",
"refsource": "CONFIRM",
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5205"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2021-34394",
"datePublished": "2021-06-22T21:25:29",
"dateReserved": "2021-06-09T00:00:00",
"dateUpdated": "2024-08-04T00:12:50.176Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-28196
Vulnerability from cvelistv5
Published
2022-04-27 17:57
Modified
2024-08-03 05:48
Severity ?
EPSS score ?
Summary
NVIDIA Jetson Linux Driver Package contains a vulnerability in the Cboot blob_decompress function, where insufficient validation of untrusted data may allow a local attacker with elevated privileges to cause a memory buffer overflow, which may lead to code execution, limited loss of Integrity, and limited denial of service. The scope of impact can extend to other components.
References
| ▼ | URL | Tags |
|---|---|---|
| https://nvidia.custhelp.com/app/answers/detail/a_id/5343 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | NVIDIA | Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 NX, Jetson TX2 series |
Version: All 32.x versions prior to 32.7.2 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:48:37.325Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5343"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 NX, Jetson TX2 series",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All 32.x versions prior to 32.7.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "NVIDIA Jetson Linux Driver Package contains a vulnerability in the Cboot blob_decompress function, where insufficient validation of untrusted data may allow a local attacker with elevated privileges to cause a memory buffer overflow, which may lead to code execution, limited loss of Integrity, and limited denial of service. The scope of impact can extend to other components."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-30T18:00:18",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5343"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@nvidia.com",
"ID": "CVE-2022-28196",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 NX, Jetson TX2 series",
"version": {
"version_data": [
{
"version_value": "All 32.x versions prior to 32.7.2"
}
]
}
}
]
},
"vendor_name": "NVIDIA"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NVIDIA Jetson Linux Driver Package contains a vulnerability in the Cboot blob_decompress function, where insufficient validation of untrusted data may allow a local attacker with elevated privileges to cause a memory buffer overflow, which may lead to code execution, limited loss of Integrity, and limited denial of service. The scope of impact can extend to other components."
}
]
},
"impact": {
"cvss": {
"baseScore": 4.6,
"baseSeverity": "Medium",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20 Improper Input Validation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://nvidia.custhelp.com/app/answers/detail/a_id/5343",
"refsource": "MISC",
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5343"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2022-28196",
"datePublished": "2022-04-27T17:57:44",
"dateReserved": "2022-03-30T00:00:00",
"dateUpdated": "2024-08-03T05:48:37.325Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-34400
Vulnerability from cvelistv5
Published
2021-11-20 14:55
Modified
2024-08-04 00:12
Severity ?
EPSS score ?
Summary
NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to gain access to information from unscrubbed memory, which may lead to information disclosure.
References
| ▼ | URL | Tags |
|---|---|---|
| https://nvidia.custhelp.com/app/answers/detail/a_id/5263 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | NVIDIA | NVIDIA GPU and Tegra hardware |
Version: Turing, Volta, Pascal, Maxwell, Tegra X1, Tegra X1+, Tegra TX2, Xavier |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:12:49.808Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5263"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "NVIDIA GPU and Tegra hardware",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "Turing, Volta, Pascal, Maxwell, Tegra X1, Tegra X1+, Tegra TX2, Xavier"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to gain access to information from unscrubbed memory, which may lead to information disclosure."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE 226: Sensitive Information in Resource Not Removed Before Reuse",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-20T14:55:27",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5263"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@nvidia.com",
"ID": "CVE-2021-34400",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "NVIDIA GPU and Tegra hardware",
"version": {
"version_data": [
{
"version_value": "Turing, Volta, Pascal, Maxwell, Tegra X1, Tegra X1+, Tegra TX2, Xavier"
}
]
}
}
]
},
"vendor_name": "NVIDIA"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to gain access to information from unscrubbed memory, which may lead to information disclosure."
}
]
},
"impact": {
"cvss": {
"baseScore": 4.1,
"baseSeverity": "Medium",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE 226: Sensitive Information in Resource Not Removed Before Reuse"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://nvidia.custhelp.com/app/answers/detail/a_id/5263",
"refsource": "CONFIRM",
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5263"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2021-34400",
"datePublished": "2021-11-20T14:55:27",
"dateReserved": "2021-06-09T00:00:00",
"dateUpdated": "2024-08-04T00:12:49.808Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-1112
Vulnerability from cvelistv5
Published
2021-08-11 21:33
Modified
2024-08-03 15:55
Severity ?
EPSS score ?
Summary
NVIDIA Linux kernel distributions contain a vulnerability in nvmap, where a null pointer dereference may lead to complete denial of service.
References
| ▼ | URL | Tags |
|---|---|---|
| https://nvidia.custhelp.com/app/answers/detail/a_id/5216 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | NVIDIA | Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX, Jetson Nano, Jetson Nano 2GB, Jetson TX1 |
Version: All Jetson Linux versions prior to r32.6.1 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:55:18.681Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5216"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX, Jetson Nano, Jetson Nano 2GB, Jetson TX1",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All Jetson Linux versions prior to r32.6.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "NVIDIA Linux kernel distributions contain a vulnerability in nvmap, where a null pointer dereference may lead to complete denial of service."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Null Pointer Dereference",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-24T15:57:08",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5216"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@nvidia.com",
"ID": "CVE-2021-1112",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX, Jetson Nano, Jetson Nano 2GB, Jetson TX1",
"version": {
"version_data": [
{
"version_value": "All Jetson Linux versions prior to r32.6.1"
}
]
}
}
]
},
"vendor_name": "NVIDIA"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NVIDIA Linux kernel distributions contain a vulnerability in nvmap, where a null pointer dereference may lead to complete denial of service."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Null Pointer Dereference"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://nvidia.custhelp.com/app/answers/detail/a_id/5216",
"refsource": "CONFIRM",
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5216"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2021-1112",
"datePublished": "2021-08-11T21:33:05",
"dateReserved": "2020-11-12T00:00:00",
"dateUpdated": "2024-08-03T15:55:18.681Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-34372
Vulnerability from cvelistv5
Published
2021-06-22 21:25
Modified
2024-08-04 00:12
Severity ?
EPSS score ?
Summary
Trusty (the trusted OS produced by NVIDIA for Jetson devices) driver contains a vulnerability in the NVIDIA OTE protocol message parsing code where an integer overflow in a malloc() size calculation leads to a buffer overflow on the heap, which might result in information disclosure, escalation of privileges, and denial of service.
References
| ▼ | URL | Tags |
|---|---|---|
| https://nvidia.custhelp.com/app/answers/detail/a_id/5205 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | NVIDIA | NVIDIA Jetson TX2 series, TX2 NX, AGX Xavier series, Xavier NX |
Version: All Jetson Linux versions prior to r32.5.1 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:12:49.639Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5205"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "NVIDIA Jetson TX2 series, TX2 NX, AGX Xavier series, Xavier NX",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All Jetson Linux versions prior to r32.5.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Trusty (the trusted OS produced by NVIDIA for Jetson devices) driver contains a vulnerability in the NVIDIA OTE protocol message parsing code where an integer overflow in a malloc() size calculation leads to a buffer overflow on the heap, which might result in information disclosure, escalation of privileges, and denial of service."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "information disclosure, escalation of privileges, denial of service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-22T21:25:21",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5205"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@nvidia.com",
"ID": "CVE-2021-34372",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "NVIDIA Jetson TX2 series, TX2 NX, AGX Xavier series, Xavier NX",
"version": {
"version_data": [
{
"version_value": "All Jetson Linux versions prior to r32.5.1"
}
]
}
}
]
},
"vendor_name": "NVIDIA"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Trusty (the trusted OS produced by NVIDIA for Jetson devices) driver contains a vulnerability in the NVIDIA OTE protocol message parsing code where an integer overflow in a malloc() size calculation leads to a buffer overflow on the heap, which might result in information disclosure, escalation of privileges, and denial of service."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "information disclosure, escalation of privileges, denial of service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://nvidia.custhelp.com/app/answers/detail/a_id/5205",
"refsource": "CONFIRM",
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5205"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2021-34372",
"datePublished": "2021-06-22T21:25:21",
"dateReserved": "2021-06-09T00:00:00",
"dateUpdated": "2024-08-04T00:12:49.639Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-34377
Vulnerability from cvelistv5
Published
2021-06-30 10:24
Modified
2024-08-04 00:12
Severity ?
EPSS score ?
Summary
Trusty contains a vulnerability in the HDCP service TA where bounds checking in command 9 is missing. Improper restriction of operations within the bounds of a memory buffer might lead to escalation of privileges, information disclosure, and denial of service.
References
| ▼ | URL | Tags |
|---|---|---|
| https://nvidia.custhelp.com/app/answers/detail/a_id/5205 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | NVIDIA | NVIDIA Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX |
Version: All Jetson Linux versions prior to r32.5.1 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:12:49.966Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5205"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "NVIDIA Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All Jetson Linux versions prior to r32.5.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Trusty contains a vulnerability in the HDCP service TA where bounds checking in command 9 is missing. Improper restriction of operations within the bounds of a memory buffer might lead to escalation of privileges, information disclosure, and denial of service."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "information disclosure, escalation of privileges, denial of service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-30T10:24:31",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5205"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@nvidia.com",
"ID": "CVE-2021-34377",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "NVIDIA Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX",
"version": {
"version_data": [
{
"version_value": "All Jetson Linux versions prior to r32.5.1"
}
]
}
}
]
},
"vendor_name": "NVIDIA"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Trusty contains a vulnerability in the HDCP service TA where bounds checking in command 9 is missing. Improper restriction of operations within the bounds of a memory buffer might lead to escalation of privileges, information disclosure, and denial of service."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "information disclosure, escalation of privileges, denial of service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://nvidia.custhelp.com/app/answers/detail/a_id/5205",
"refsource": "CONFIRM",
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5205"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2021-34377",
"datePublished": "2021-06-30T10:24:31",
"dateReserved": "2021-06-09T00:00:00",
"dateUpdated": "2024-08-04T00:12:49.966Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-1108
Vulnerability from cvelistv5
Published
2021-08-11 21:33
Modified
2024-08-03 15:55
Severity ?
EPSS score ?
Summary
NVIDIA Linux kernel distributions contain a vulnerability in FuSa Capture (VI/ISP), where integer underflow due to lack of input validation may lead to complete denial of service, partial integrity, and serious confidentiality loss for all processes in the system.
References
| ▼ | URL | Tags |
|---|---|---|
| https://nvidia.custhelp.com/app/answers/detail/a_id/5216 | x_refsource_MISC | |
| https://nvidia.custhelp.com/app/answers/detail/a_id/5259 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||
|---|---|---|---|---|---|---|---|
| ▼ | NVIDIA | Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX, Jetson Nano, Jetson Nano 2GB, Jetson TX1 |
Version: All Jetson Linux versions prior to r32.6.1 |
||||
|
|||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:55:18.642Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5216"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5259"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX, Jetson Nano, Jetson Nano 2GB, Jetson TX1",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All Jetson Linux versions prior to r32.6.1"
}
]
},
{
"product": "Shield TV",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All Shield TV versions prior to SE 9.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "NVIDIA Linux kernel distributions contain a vulnerability in FuSa Capture (VI/ISP), where integer underflow due to lack of input validation may lead to complete denial of service, partial integrity, and serious confidentiality loss for all processes in the system."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "denial of service, partial integrity, and confidentiality loss",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-19T16:56:12",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5216"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5259"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@nvidia.com",
"ID": "CVE-2021-1108",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX, Jetson Nano, Jetson Nano 2GB, Jetson TX1",
"version": {
"version_data": [
{
"version_value": "All Jetson Linux versions prior to r32.6.1"
}
]
}
},
{
"product_name": "Shield TV",
"version": {
"version_data": [
{
"version_value": "All Shield TV versions prior to SE 9.0"
}
]
}
}
]
},
"vendor_name": "NVIDIA"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NVIDIA Linux kernel distributions contain a vulnerability in FuSa Capture (VI/ISP), where integer underflow due to lack of input validation may lead to complete denial of service, partial integrity, and serious confidentiality loss for all processes in the system."
}
]
},
"impact": {
"cvss": {
"baseScore": 7.3,
"baseSeverity": "High",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "denial of service, partial integrity, and confidentiality loss"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://nvidia.custhelp.com/app/answers/detail/a_id/5216",
"refsource": "MISC",
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5216"
},
{
"name": "https://nvidia.custhelp.com/app/answers/detail/a_id/5259",
"refsource": "MISC",
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5259"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2021-1108",
"datePublished": "2021-08-11T21:33:01",
"dateReserved": "2020-11-12T00:00:00",
"dateUpdated": "2024-08-03T15:55:18.642Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-34393
Vulnerability from cvelistv5
Published
2021-06-22 21:25
Modified
2024-08-04 00:12
Severity ?
EPSS score ?
Summary
Trusty contains a vulnerability in TSEC TA which deserializes the incoming messages even though the TSEC TA does not expose any command. This vulnerability might allow an attacker to exploit the deserializer to impact code execution, causing information disclosure.
References
| ▼ | URL | Tags |
|---|---|---|
| https://nvidia.custhelp.com/app/answers/detail/a_id/5205 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | NVIDIA | NVIDIA Jetson TX2 series, TX2 NX, AGX Xavier series, Xavier NX |
Version: All Jetson Linux versions prior to r32.5.1 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:12:50.021Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5205"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "NVIDIA Jetson TX2 series, TX2 NX, AGX Xavier series, Xavier NX",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All Jetson Linux versions prior to r32.5.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Trusty contains a vulnerability in TSEC TA which deserializes the incoming messages even though the TSEC TA does not expose any command. This vulnerability might allow an attacker to exploit the deserializer to impact code execution, causing information disclosure."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "information disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-22T21:25:27",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5205"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@nvidia.com",
"ID": "CVE-2021-34393",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "NVIDIA Jetson TX2 series, TX2 NX, AGX Xavier series, Xavier NX",
"version": {
"version_data": [
{
"version_value": "All Jetson Linux versions prior to r32.5.1"
}
]
}
}
]
},
"vendor_name": "NVIDIA"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Trusty contains a vulnerability in TSEC TA which deserializes the incoming messages even though the TSEC TA does not expose any command. This vulnerability might allow an attacker to exploit the deserializer to impact code execution, causing information disclosure."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "information disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://nvidia.custhelp.com/app/answers/detail/a_id/5205",
"refsource": "CONFIRM",
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5205"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2021-34393",
"datePublished": "2021-06-22T21:25:27",
"dateReserved": "2021-06-09T00:00:00",
"dateUpdated": "2024-08-04T00:12:50.021Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-34396
Vulnerability from cvelistv5
Published
2021-06-22 21:25
Modified
2024-08-04 00:12
Severity ?
EPSS score ?
Summary
Bootloader contains a vulnerability in access permission settings where unauthorized software may be able to overwrite NVIDIA MB2 code, which would result in limited denial of service.
References
| ▼ | URL | Tags |
|---|---|---|
| https://nvidia.custhelp.com/app/answers/detail/a_id/5205 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | NVIDIA | NVIDIA Jetson TX2 series, TX2 NX |
Version: All Jetson Linux versions prior to r32.5.1 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:12:50.016Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5205"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "NVIDIA Jetson TX2 series, TX2 NX",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All Jetson Linux versions prior to r32.5.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Bootloader contains a vulnerability in access permission settings where unauthorized software may be able to overwrite NVIDIA MB2 code, which would result in limited denial of service."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 3,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "denial of service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-22T21:25:31",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5205"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@nvidia.com",
"ID": "CVE-2021-34396",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "NVIDIA Jetson TX2 series, TX2 NX",
"version": {
"version_data": [
{
"version_value": "All Jetson Linux versions prior to r32.5.1"
}
]
}
}
]
},
"vendor_name": "NVIDIA"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Bootloader contains a vulnerability in access permission settings where unauthorized software may be able to overwrite NVIDIA MB2 code, which would result in limited denial of service."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 3,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "denial of service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://nvidia.custhelp.com/app/answers/detail/a_id/5205",
"refsource": "CONFIRM",
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5205"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2021-34396",
"datePublished": "2021-06-22T21:25:32",
"dateReserved": "2021-06-09T00:00:00",
"dateUpdated": "2024-08-04T00:12:50.016Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-34379
Vulnerability from cvelistv5
Published
2021-06-30 10:24
Modified
2024-08-04 00:12
Severity ?
EPSS score ?
Summary
Trusty contains a vulnerability in the HDCP service TA where bounds checking in command 10 is missing. The length of an I/O buffer parameter is not checked, which might lead to memory corruption.
References
| ▼ | URL | Tags |
|---|---|---|
| https://nvidia.custhelp.com/app/answers/detail/a_id/5205 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | NVIDIA | NVIDIA Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX |
Version: All Jetson Linux versions prior to r32.5.1 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:12:50.243Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5205"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "NVIDIA Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All Jetson Linux versions prior to r32.5.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Trusty contains a vulnerability in the HDCP service TA where bounds checking in command 10 is missing. The length of an I/O buffer parameter is not checked, which might lead to memory corruption."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "information disclosure, escalation of privileges, denial of service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-30T10:24:33",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5205"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@nvidia.com",
"ID": "CVE-2021-34379",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "NVIDIA Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX",
"version": {
"version_data": [
{
"version_value": "All Jetson Linux versions prior to r32.5.1"
}
]
}
}
]
},
"vendor_name": "NVIDIA"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Trusty contains a vulnerability in the HDCP service TA where bounds checking in command 10 is missing. The length of an I/O buffer parameter is not checked, which might lead to memory corruption."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "information disclosure, escalation of privileges, denial of service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://nvidia.custhelp.com/app/answers/detail/a_id/5205",
"refsource": "CONFIRM",
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5205"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2021-34379",
"datePublished": "2021-06-30T10:24:33",
"dateReserved": "2021-06-09T00:00:00",
"dateUpdated": "2024-08-04T00:12:50.243Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-1107
Vulnerability from cvelistv5
Published
2021-08-11 21:33
Modified
2024-08-03 15:55
Severity ?
EPSS score ?
Summary
NVIDIA Linux kernel distributions contain a vulnerability in nvmap NVMAP_IOC_WRITE* paths, where improper access controls may lead to code execution, complete denial of service, and seriously compromised integrity of all system components.
References
| ▼ | URL | Tags |
|---|---|---|
| https://nvidia.custhelp.com/app/answers/detail/a_id/5216 | x_refsource_MISC | |
| https://nvidia.custhelp.com/app/answers/detail/a_id/5259 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||
|---|---|---|---|---|---|---|---|
| ▼ | NVIDIA | Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX, Jetson Nano, Jetson Nano 2GB, Jetson TX1 |
Version: All Jetson Linux versions prior to r32.6.1 |
||||
|
|||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:55:18.683Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5216"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5259"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX, Jetson Nano, Jetson Nano 2GB, Jetson TX1",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All Jetson Linux versions prior to r32.6.1"
}
]
},
{
"product": "Shield TV",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All Shield TV versions prior to SE 9.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "NVIDIA Linux kernel distributions contain a vulnerability in nvmap NVMAP_IOC_WRITE* paths, where improper access controls may lead to code execution, complete denial of service, and seriously compromised integrity of all system components."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "code execution, denial of service, loss of integrity",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-19T16:56:10",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5216"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5259"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@nvidia.com",
"ID": "CVE-2021-1107",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX, Jetson Nano, Jetson Nano 2GB, Jetson TX1",
"version": {
"version_data": [
{
"version_value": "All Jetson Linux versions prior to r32.6.1"
}
]
}
},
{
"product_name": "Shield TV",
"version": {
"version_data": [
{
"version_value": "All Shield TV versions prior to SE 9.0"
}
]
}
}
]
},
"vendor_name": "NVIDIA"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NVIDIA Linux kernel distributions contain a vulnerability in nvmap NVMAP_IOC_WRITE* paths, where improper access controls may lead to code execution, complete denial of service, and seriously compromised integrity of all system components."
}
]
},
"impact": {
"cvss": {
"baseScore": 7.8,
"baseSeverity": "High",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "code execution, denial of service, loss of integrity"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://nvidia.custhelp.com/app/answers/detail/a_id/5216",
"refsource": "MISC",
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5216"
},
{
"name": "https://nvidia.custhelp.com/app/answers/detail/a_id/5259",
"refsource": "MISC",
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5259"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2021-1107",
"datePublished": "2021-08-11T21:33:00",
"dateReserved": "2020-11-12T00:00:00",
"dateUpdated": "2024-08-03T15:55:18.683Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-1111
Vulnerability from cvelistv5
Published
2021-08-11 21:33
Modified
2024-08-03 15:55
Severity ?
EPSS score ?
Summary
Bootloader contains a vulnerability in the NV3P server where any user with physical access through USB can trigger an incorrect bounds check, which may lead to buffer overflow, resulting in limited information disclosure, limited data integrity, and denial of service across all components.
References
| ▼ | URL | Tags |
|---|---|---|
| https://nvidia.custhelp.com/app/answers/detail/a_id/5216 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | NVIDIA | NVIDIA Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX |
Version: All Jetson Linux versions prior to r32.6.1 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:55:18.644Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5216"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "NVIDIA Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All Jetson Linux versions prior to r32.6.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Bootloader contains a vulnerability in the NV3P server where any user with physical access through USB can trigger an incorrect bounds check, which may lead to buffer overflow, resulting in limited information disclosure, limited data integrity, and denial of service across all components."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-25T10:37:41",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5216"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@nvidia.com",
"ID": "CVE-2021-1111",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "NVIDIA Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX",
"version": {
"version_data": [
{
"version_value": "All Jetson Linux versions prior to r32.6.1"
}
]
}
}
]
},
"vendor_name": "NVIDIA"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Bootloader contains a vulnerability in the NV3P server where any user with physical access through USB can trigger an incorrect bounds check, which may lead to buffer overflow, resulting in limited information disclosure, limited data integrity, and denial of service across all components."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://nvidia.custhelp.com/app/answers/detail/a_id/5216",
"refsource": "CONFIRM",
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5216"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2021-1111",
"datePublished": "2021-08-11T21:33:04",
"dateReserved": "2020-11-12T00:00:00",
"dateUpdated": "2024-08-03T15:55:18.644Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-1113
Vulnerability from cvelistv5
Published
2021-08-11 21:33
Modified
2024-08-03 15:55
Severity ?
EPSS score ?
Summary
NVIDIA camera firmware contains a difficult to exploit vulnerability where a highly privileged attacker can cause unauthorized modification to camera resources, which may result in complete denial of service and partial loss of data integrity for all clients.
References
| ▼ | URL | Tags |
|---|---|---|
| https://nvidia.custhelp.com/app/answers/detail/a_id/5216 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | NVIDIA | Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX, Jetson Nano, Jetson Nano 2GB, Jetson TX1 |
Version: All Jetson Linux versions prior to r32.6.1 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:55:18.645Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5216"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX, Jetson Nano, Jetson Nano 2GB, Jetson TX1",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All Jetson Linux versions prior to r32.6.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "NVIDIA camera firmware contains a difficult to exploit vulnerability where a highly privileged attacker can cause unauthorized modification to camera resources, which may result in complete denial of service and partial loss of data integrity for all clients."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284 Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-22T17:30:26",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5216"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@nvidia.com",
"ID": "CVE-2021-1113",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX, Jetson Nano, Jetson Nano 2GB, Jetson TX1",
"version": {
"version_data": [
{
"version_value": "All Jetson Linux versions prior to r32.6.1"
}
]
}
}
]
},
"vendor_name": "NVIDIA"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NVIDIA camera firmware contains a difficult to exploit vulnerability where a highly privileged attacker can cause unauthorized modification to camera resources, which may result in complete denial of service and partial loss of data integrity for all clients."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-284 Improper Access Control"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://nvidia.custhelp.com/app/answers/detail/a_id/5216",
"refsource": "CONFIRM",
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5216"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2021-1113",
"datePublished": "2021-08-11T21:33:06",
"dateReserved": "2020-11-12T00:00:00",
"dateUpdated": "2024-08-03T15:55:18.645Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-0108
Vulnerability from cvelistv5
Published
2024-08-08 16:18
Modified
2024-08-09 15:48
Severity ?
EPSS score ?
Summary
NVIDIA Jetson Linux contains a vulnerability in NvGPU where error handling paths in GPU MMU mapping code fail to clean up a failed mapping attempt. A successful exploit of this vulnerability may lead to denial of service, code execution, and escalation of privileges.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | NVIDIA | NVIDIA Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX, Jetson TX1, Jetson Nano series |
Version: All versions prior to and including 32.7.4 |
|
|
|||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:nvidia:jetson_agx_xavier:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "jetson_agx_xavier",
"vendor": "nvidia",
"versions": [
{
"lessThanOrEqual": "32.7.4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "jetson_xavier_nx",
"vendor": "nvidia",
"versions": [
{
"lessThanOrEqual": "32.7.4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:nvidia:jetson_tx2:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "jetson_tx2",
"vendor": "nvidia",
"versions": [
{
"lessThanOrEqual": "32.7.4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:nvidia:jetson_tx2_nx:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "jetson_tx2_nx",
"vendor": "nvidia",
"versions": [
{
"lessThanOrEqual": "32.7.4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:nvidia:jetson_tx1:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "jetson_tx1",
"vendor": "nvidia",
"versions": [
{
"lessThanOrEqual": "32.7.4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:nvidia:jetson_nano:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "jetson_nano",
"vendor": "nvidia",
"versions": [
{
"lessThanOrEqual": "32.7.4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-0108",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-09T15:37:53.668854Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-09T15:48:50.071Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Jetson Linux"
],
"product": "NVIDIA Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX, Jetson TX1, Jetson Nano series",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All versions prior to and including 32.7.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eNVIDIA Jetson Linux contains a vulnerability in NvGPU where error handling paths in GPU MMU mapping code fail to clean up a failed mapping attempt. A successful exploit of this vulnerability may lead to denial of service, code execution, and escalation of privileges.\u003c/span\u003e"
}
],
"value": "NVIDIA Jetson Linux contains a vulnerability in NvGPU where error handling paths in GPU MMU mapping code fail to clean up a failed mapping attempt. A successful exploit of this vulnerability may lead to denial of service, code execution, and escalation of privileges."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Denial of service, code execution, escalation of privileges"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-755",
"description": "CWE-755 Improper Handling of Exceptional Conditions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-08T16:18:27.914Z",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5555"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2024-0108",
"datePublished": "2024-08-08T16:18:27.914Z",
"dateReserved": "2023-12-02T00:42:18.437Z",
"dateUpdated": "2024-08-09T15:48:50.071Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-34383
Vulnerability from cvelistv5
Published
2021-06-30 10:24
Modified
2024-08-04 00:12
Severity ?
EPSS score ?
Summary
Bootloader contains a vulnerability in NVIDIA MB2 where a potential heap overflow might lead to denial of service or escalation of privileges.
References
| ▼ | URL | Tags |
|---|---|---|
| https://nvidia.custhelp.com/app/answers/detail/a_id/5205 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | NVIDIA | NVIDIA Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX |
Version: All Jetson Linux versions prior to r32.5.1 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:12:49.628Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5205"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "NVIDIA Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All Jetson Linux versions prior to r32.5.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Bootloader contains a vulnerability in NVIDIA MB2 where a potential heap overflow might lead to denial of service or escalation of privileges."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "information disclosure, escalation of privileges, denial of service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-30T10:24:36",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5205"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@nvidia.com",
"ID": "CVE-2021-34383",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "NVIDIA Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX",
"version": {
"version_data": [
{
"version_value": "All Jetson Linux versions prior to r32.5.1"
}
]
}
}
]
},
"vendor_name": "NVIDIA"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Bootloader contains a vulnerability in NVIDIA MB2 where a potential heap overflow might lead to denial of service or escalation of privileges."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "information disclosure, escalation of privileges, denial of service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://nvidia.custhelp.com/app/answers/detail/a_id/5205",
"refsource": "CONFIRM",
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5205"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2021-34383",
"datePublished": "2021-06-30T10:24:36",
"dateReserved": "2021-06-09T00:00:00",
"dateUpdated": "2024-08-04T00:12:49.628Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-34375
Vulnerability from cvelistv5
Published
2021-06-30 10:24
Modified
2024-08-04 00:12
Severity ?
EPSS score ?
Summary
Trusty contains a vulnerability in all trusted applications (TAs) where the stack cookie was not randomized, which might result in stack-based buffer overflow, leading to denial of service, escalation of privileges, and information disclosure.
References
| ▼ | URL | Tags |
|---|---|---|
| https://nvidia.custhelp.com/app/answers/detail/a_id/5205 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | NVIDIA | NVIDIA Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX |
Version: All Jetson Linux versions prior to r32.5.1 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:12:49.957Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5205"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "NVIDIA Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX",
"vendor": "NVIDIA",
"versions": [
{
"status": "affected",
"version": "All Jetson Linux versions prior to r32.5.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Trusty contains a vulnerability in all trusted applications (TAs) where the stack cookie was not randomized, which might result in stack-based buffer overflow, leading to denial of service, escalation of privileges, and information disclosure."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "information disclosure, escalation of privileges, denial of service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-30T10:24:29",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5205"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@nvidia.com",
"ID": "CVE-2021-34375",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "NVIDIA Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX",
"version": {
"version_data": [
{
"version_value": "All Jetson Linux versions prior to r32.5.1"
}
]
}
}
]
},
"vendor_name": "NVIDIA"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Trusty contains a vulnerability in all trusted applications (TAs) where the stack cookie was not randomized, which might result in stack-based buffer overflow, leading to denial of service, escalation of privileges, and information disclosure."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "information disclosure, escalation of privileges, denial of service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://nvidia.custhelp.com/app/answers/detail/a_id/5205",
"refsource": "CONFIRM",
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5205"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2021-34375",
"datePublished": "2021-06-30T10:24:29",
"dateReserved": "2021-06-09T00:00:00",
"dateUpdated": "2024-08-04T00:12:49.957Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}