All the vulnerabilites related to nvidia - shield_tv_firmware
cve-2017-6283
Vulnerability from cvelistv5
Published
2018-03-06 16:00
Modified
2024-09-17 00:10
Severity ?
EPSS score ?
Summary
NVIDIA Security Engine contains a vulnerability in the RSA function where the keyslot read/write lock permissions are cleared on a chip reset which may lead to information disclosure. This issue is rated as high.
References
| ▼ | URL | Tags |
|---|---|---|
| http://nvidia.custhelp.com/app/answers/detail/a_id/4631 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Nvidia Corporation | SHIELD TV |
Version: NA |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T15:25:48.696Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4631"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SHIELD TV",
"vendor": "Nvidia Corporation",
"versions": [
{
"status": "affected",
"version": "NA"
}
]
}
],
"datePublic": "2018-02-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "NVIDIA Security Engine contains a vulnerability in the RSA function where the keyslot read/write lock permissions are cleared on a chip reset which may lead to information disclosure. This issue is rated as high."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-03-06T17:57:01",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4631"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@nvidia.com",
"DATE_PUBLIC": "2018-02-26T00:00:00",
"ID": "CVE-2017-6283",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SHIELD TV",
"version": {
"version_data": [
{
"version_value": "NA"
}
]
}
}
]
},
"vendor_name": "Nvidia Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NVIDIA Security Engine contains a vulnerability in the RSA function where the keyslot read/write lock permissions are cleared on a chip reset which may lead to information disclosure. This issue is rated as high."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://nvidia.custhelp.com/app/answers/detail/a_id/4631",
"refsource": "CONFIRM",
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4631"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2017-6283",
"datePublished": "2018-03-06T16:00:00Z",
"dateReserved": "2017-02-23T00:00:00",
"dateUpdated": "2024-09-17T00:10:51.538Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-6917
Vulnerability from cvelistv5
Published
2017-04-24 19:00
Modified
2024-08-06 01:43
Severity ?
EPSS score ?
Summary
Buffer overflow in nvhost_job.c in the NVIDIA video driver for Android, Shield TV before OTA 3.3, Shield Table before OTA 4.4, and Shield Table TK1 before OTA 1.5.
References
| ▼ | URL | Tags |
|---|---|---|
| https://nvidia.custhelp.com/app/answers/detail/a_id/4276/~/security-bulletin%3A-nvidia-shield-contains-multiple-vulnerabilities-in | x_refsource_CONFIRM | |
| https://source.android.com/security/bulletin/2016-12-01 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/94667 | vdb-entry, x_refsource_BID | |
| http://nvidia.custhelp.com/app/answers/detail/a_id/4561 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:43:38.618Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4276/~/security-bulletin%3A-nvidia-shield-contains-multiple-vulnerabilities-in"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://source.android.com/security/bulletin/2016-12-01"
},
{
"name": "94667",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/94667"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4561"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-12-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in nvhost_job.c in the NVIDIA video driver for Android, Shield TV before OTA 3.3, Shield Table before OTA 4.4, and Shield Table TK1 before OTA 1.5."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-18T17:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4276/~/security-bulletin%3A-nvidia-shield-contains-multiple-vulnerabilities-in"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://source.android.com/security/bulletin/2016-12-01"
},
{
"name": "94667",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/94667"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4561"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-6917",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in nvhost_job.c in the NVIDIA video driver for Android, Shield TV before OTA 3.3, Shield Table before OTA 4.4, and Shield Table TK1 before OTA 1.5."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://nvidia.custhelp.com/app/answers/detail/a_id/4276/~/security-bulletin%3A-nvidia-shield-contains-multiple-vulnerabilities-in",
"refsource": "CONFIRM",
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4276/~/security-bulletin%3A-nvidia-shield-contains-multiple-vulnerabilities-in"
},
{
"name": "https://source.android.com/security/bulletin/2016-12-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2016-12-01"
},
{
"name": "94667",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94667"
},
{
"name": "http://nvidia.custhelp.com/app/answers/detail/a_id/4561",
"refsource": "CONFIRM",
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4561"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-6917",
"datePublished": "2017-04-24T19:00:00",
"dateReserved": "2016-08-23T00:00:00",
"dateUpdated": "2024-08-06T01:43:38.618Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-6296
Vulnerability from cvelistv5
Published
2018-03-06 16:00
Modified
2024-09-16 18:49
Severity ?
EPSS score ?
Summary
NVIDIA TrustZone Software contains a TOCTOU issue in the DRM application which may lead to the denial of service or possible escalation of privileges. This issue is rated as moderate.
References
| ▼ | URL | Tags |
|---|---|---|
| http://nvidia.custhelp.com/app/answers/detail/a_id/4631 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Nvidia Corporation | SHIELD TV |
Version: NA |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T15:25:48.497Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4631"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SHIELD TV",
"vendor": "Nvidia Corporation",
"versions": [
{
"status": "affected",
"version": "NA"
}
]
}
],
"datePublic": "2018-02-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "NVIDIA TrustZone Software contains a TOCTOU issue in the DRM application which may lead to the denial of service or possible escalation of privileges. This issue is rated as moderate."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-03-06T17:57:01",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4631"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@nvidia.com",
"DATE_PUBLIC": "2018-02-26T00:00:00",
"ID": "CVE-2017-6296",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SHIELD TV",
"version": {
"version_data": [
{
"version_value": "NA"
}
]
}
}
]
},
"vendor_name": "Nvidia Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NVIDIA TrustZone Software contains a TOCTOU issue in the DRM application which may lead to the denial of service or possible escalation of privileges. This issue is rated as moderate."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://nvidia.custhelp.com/app/answers/detail/a_id/4631",
"refsource": "CONFIRM",
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4631"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2017-6296",
"datePublished": "2018-03-06T16:00:00Z",
"dateReserved": "2017-02-23T00:00:00",
"dateUpdated": "2024-09-16T18:49:20.194Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-6915
Vulnerability from cvelistv5
Published
2017-04-24 20:00
Modified
2024-08-06 01:43
Severity ?
EPSS score ?
Summary
Stack-based buffer overflow in nvhost_job.c in the NVIDIA video driver for Android, Shield TV before OTA 3.3, Shield Table before OTA 4.4, and Shield Table TK1 before OTA 1.5.
References
| ▼ | URL | Tags |
|---|---|---|
| https://source.android.com/security/bulletin/2016-12-01 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/94667 | vdb-entry, x_refsource_BID | |
| http://nvidia.custhelp.com/app/answers/detail/a_id/4561 | x_refsource_CONFIRM | |
| http://nvidia.custhelp.com/app/answers/detail/a_id/4276/~/security-bulletin%3A-nvidia-shield-contains-multiple-vulnerabilities-in | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:43:38.621Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://source.android.com/security/bulletin/2016-12-01"
},
{
"name": "94667",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/94667"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4561"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4276/~/security-bulletin%3A-nvidia-shield-contains-multiple-vulnerabilities-in"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-12-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in nvhost_job.c in the NVIDIA video driver for Android, Shield TV before OTA 3.3, Shield Table before OTA 4.4, and Shield Table TK1 before OTA 1.5."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-18T17:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://source.android.com/security/bulletin/2016-12-01"
},
{
"name": "94667",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/94667"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4561"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4276/~/security-bulletin%3A-nvidia-shield-contains-multiple-vulnerabilities-in"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-6915",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in nvhost_job.c in the NVIDIA video driver for Android, Shield TV before OTA 3.3, Shield Table before OTA 4.4, and Shield Table TK1 before OTA 1.5."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://source.android.com/security/bulletin/2016-12-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2016-12-01"
},
{
"name": "94667",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94667"
},
{
"name": "http://nvidia.custhelp.com/app/answers/detail/a_id/4561",
"refsource": "CONFIRM",
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4561"
},
{
"name": "http://nvidia.custhelp.com/app/answers/detail/a_id/4276/~/security-bulletin%3A-nvidia-shield-contains-multiple-vulnerabilities-in",
"refsource": "CONFIRM",
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4276/~/security-bulletin%3A-nvidia-shield-contains-multiple-vulnerabilities-in"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-6915",
"datePublished": "2017-04-24T20:00:00",
"dateReserved": "2016-08-23T00:00:00",
"dateUpdated": "2024-08-06T01:43:38.621Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-6295
Vulnerability from cvelistv5
Published
2018-03-06 16:00
Modified
2024-09-17 02:46
Severity ?
EPSS score ?
Summary
NVIDIA TrustZone Software contains a vulnerability in the Keymaster implementation where the software reads data past the end, or before the beginning, of the intended buffer; and may lead to denial of service or information disclosure. This issue is rated as high.
References
| ▼ | URL | Tags |
|---|---|---|
| http://nvidia.custhelp.com/app/answers/detail/a_id/4631 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Nvidia Corporation | SHIELD TV |
Version: NA |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T15:25:48.823Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4631"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SHIELD TV",
"vendor": "Nvidia Corporation",
"versions": [
{
"status": "affected",
"version": "NA"
}
]
}
],
"datePublic": "2018-02-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "NVIDIA TrustZone Software contains a vulnerability in the Keymaster implementation where the software reads data past the end, or before the beginning, of the intended buffer; and may lead to denial of service or information disclosure. This issue is rated as high."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-03-06T17:57:01",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4631"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@nvidia.com",
"DATE_PUBLIC": "2018-02-26T00:00:00",
"ID": "CVE-2017-6295",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SHIELD TV",
"version": {
"version_data": [
{
"version_value": "NA"
}
]
}
}
]
},
"vendor_name": "Nvidia Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NVIDIA TrustZone Software contains a vulnerability in the Keymaster implementation where the software reads data past the end, or before the beginning, of the intended buffer; and may lead to denial of service or information disclosure. This issue is rated as high."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://nvidia.custhelp.com/app/answers/detail/a_id/4631",
"refsource": "CONFIRM",
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4631"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2017-6295",
"datePublished": "2018-03-06T16:00:00Z",
"dateReserved": "2017-02-23T00:00:00",
"dateUpdated": "2024-09-17T02:46:45.070Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-6916
Vulnerability from cvelistv5
Published
2017-04-24 19:00
Modified
2024-08-06 01:43
Severity ?
EPSS score ?
Summary
Integer overflow in nvhost_job.c in the NVIDIA video driver for Android, Shield TV before OTA 3.3, Shield Table before OTA 4.4, and Shield Table TK1 before OTA 1.5 allows local users to cause a denial of service (system crash) via unspecified vectors, which triggers a buffer overflow.
References
| ▼ | URL | Tags |
|---|---|---|
| https://nvidia.custhelp.com/app/answers/detail/a_id/4276/~/security-bulletin%3A-nvidia-shield-contains-multiple-vulnerabilities-in | x_refsource_CONFIRM | |
| https://source.android.com/security/bulletin/2016-12-01 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/94667 | vdb-entry, x_refsource_BID | |
| http://nvidia.custhelp.com/app/answers/detail/a_id/4561 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:43:38.435Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4276/~/security-bulletin%3A-nvidia-shield-contains-multiple-vulnerabilities-in"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://source.android.com/security/bulletin/2016-12-01"
},
{
"name": "94667",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/94667"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4561"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-12-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in nvhost_job.c in the NVIDIA video driver for Android, Shield TV before OTA 3.3, Shield Table before OTA 4.4, and Shield Table TK1 before OTA 1.5 allows local users to cause a denial of service (system crash) via unspecified vectors, which triggers a buffer overflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-18T17:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4276/~/security-bulletin%3A-nvidia-shield-contains-multiple-vulnerabilities-in"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://source.android.com/security/bulletin/2016-12-01"
},
{
"name": "94667",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/94667"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4561"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-6916",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in nvhost_job.c in the NVIDIA video driver for Android, Shield TV before OTA 3.3, Shield Table before OTA 4.4, and Shield Table TK1 before OTA 1.5 allows local users to cause a denial of service (system crash) via unspecified vectors, which triggers a buffer overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://nvidia.custhelp.com/app/answers/detail/a_id/4276/~/security-bulletin%3A-nvidia-shield-contains-multiple-vulnerabilities-in",
"refsource": "CONFIRM",
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4276/~/security-bulletin%3A-nvidia-shield-contains-multiple-vulnerabilities-in"
},
{
"name": "https://source.android.com/security/bulletin/2016-12-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2016-12-01"
},
{
"name": "94667",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94667"
},
{
"name": "http://nvidia.custhelp.com/app/answers/detail/a_id/4561",
"refsource": "CONFIRM",
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4561"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-6916",
"datePublished": "2017-04-24T19:00:00",
"dateReserved": "2016-08-23T00:00:00",
"dateUpdated": "2024-08-06T01:43:38.435Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-6284
Vulnerability from cvelistv5
Published
2018-03-06 16:00
Modified
2024-09-16 22:40
Severity ?
EPSS score ?
Summary
NVIDIA Security Engine contains a vulnerability in the Deterministic Random Bit Generator (DRBG) where the DRBG does not properly initialize and store or transmits sensitive data using a weakened encryption scheme that is unable to protect sensitive data which may lead to information disclosure.This issue is rated as moderate.
References
| ▼ | URL | Tags |
|---|---|---|
| http://nvidia.custhelp.com/app/answers/detail/a_id/4631 | x_refsource_CONFIRM | |
| https://nvidia.custhelp.com/app/answers/detail/a_id/4787 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Nvidia Corporation | SHIELD TV |
Version: NA |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T15:25:48.998Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4631"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SHIELD TV",
"vendor": "Nvidia Corporation",
"versions": [
{
"status": "affected",
"version": "NA"
}
]
}
],
"datePublic": "2018-02-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "NVIDIA Security Engine contains a vulnerability in the Deterministic Random Bit Generator (DRBG) where the DRBG does not properly initialize and store or transmits sensitive data using a weakened encryption scheme that is unable to protect sensitive data which may lead to information disclosure.This issue is rated as moderate."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-04-02T17:06:08",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4631"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@nvidia.com",
"DATE_PUBLIC": "2018-02-26T00:00:00",
"ID": "CVE-2017-6284",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SHIELD TV",
"version": {
"version_data": [
{
"version_value": "NA"
}
]
}
}
]
},
"vendor_name": "Nvidia Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NVIDIA Security Engine contains a vulnerability in the Deterministic Random Bit Generator (DRBG) where the DRBG does not properly initialize and store or transmits sensitive data using a weakened encryption scheme that is unable to protect sensitive data which may lead to information disclosure.This issue is rated as moderate."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://nvidia.custhelp.com/app/answers/detail/a_id/4631",
"refsource": "CONFIRM",
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4631"
},
{
"name": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787",
"refsource": "CONFIRM",
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2017-6284",
"datePublished": "2018-03-06T16:00:00Z",
"dateReserved": "2017-02-23T00:00:00",
"dateUpdated": "2024-09-16T22:40:51.732Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-6282
Vulnerability from cvelistv5
Published
2018-03-06 16:00
Modified
2024-09-16 23:36
Severity ?
EPSS score ?
Summary
NVIDIA Tegra kernel driver contains a vulnerability in NVMAP where an attacker has the ability to write an arbitrary value to an arbitrary location which may lead to an escalation of privileges. This issue is rated as high.
References
| ▼ | URL | Tags |
|---|---|---|
| http://nvidia.custhelp.com/app/answers/detail/a_id/4631 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Nvidia Corporation | SHIELD TV |
Version: NA |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T15:25:48.545Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4631"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SHIELD TV",
"vendor": "Nvidia Corporation",
"versions": [
{
"status": "affected",
"version": "NA"
}
]
}
],
"datePublic": "2018-02-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "NVIDIA Tegra kernel driver contains a vulnerability in NVMAP where an attacker has the ability to write an arbitrary value to an arbitrary location which may lead to an escalation of privileges. This issue is rated as high."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Escalation of Pivileges",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-03-06T17:57:01",
"orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"shortName": "nvidia"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4631"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@nvidia.com",
"DATE_PUBLIC": "2018-02-26T00:00:00",
"ID": "CVE-2017-6282",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SHIELD TV",
"version": {
"version_data": [
{
"version_value": "NA"
}
]
}
}
]
},
"vendor_name": "Nvidia Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NVIDIA Tegra kernel driver contains a vulnerability in NVMAP where an attacker has the ability to write an arbitrary value to an arbitrary location which may lead to an escalation of privileges. This issue is rated as high."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Escalation of Pivileges"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://nvidia.custhelp.com/app/answers/detail/a_id/4631",
"refsource": "CONFIRM",
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4631"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
"assignerShortName": "nvidia",
"cveId": "CVE-2017-6282",
"datePublished": "2018-03-06T16:00:00Z",
"dateReserved": "2017-02-23T00:00:00",
"dateUpdated": "2024-09-16T23:36:44.901Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2018-03-06 16:29
Modified
2024-11-21 03:29
Severity ?
Summary
NVIDIA Tegra kernel driver contains a vulnerability in NVMAP where an attacker has the ability to write an arbitrary value to an arbitrary location which may lead to an escalation of privileges. This issue is rated as high.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nvidia:shield_tv_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "78C328C9-DEF4-47AE-91F2-8C8AA43B4E20",
"versionEndIncluding": "6.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nvidia:shield_tv:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49F85C44-6B7E-4B7C-AC8D-9D5727DFA0B8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "NVIDIA Tegra kernel driver contains a vulnerability in NVMAP where an attacker has the ability to write an arbitrary value to an arbitrary location which may lead to an escalation of privileges. This issue is rated as high."
},
{
"lang": "es",
"value": "El controlador del kernel NVIDIA Tegra contiene una vulnerabilidad en NVMAP por la cual un atacante podr\u00eda escribir un valor arbitrario en una ubicaci\u00f3n arbitraria, que podr\u00eda conducir a un escalado de privilegios. Este problema se ha clasificado como grave."
}
],
"id": "CVE-2017-6282",
"lastModified": "2024-11-21T03:29:27.113",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-03-06T16:29:00.277",
"references": [
{
"source": "psirt@nvidia.com",
"tags": [
"Vendor Advisory"
],
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4631"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4631"
}
],
"sourceIdentifier": "psirt@nvidia.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-123"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-03-06 16:29
Modified
2024-11-21 03:29
Severity ?
Summary
NVIDIA TrustZone Software contains a vulnerability in the Keymaster implementation where the software reads data past the end, or before the beginning, of the intended buffer; and may lead to denial of service or information disclosure. This issue is rated as high.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nvidia:shield_tv_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "78C328C9-DEF4-47AE-91F2-8C8AA43B4E20",
"versionEndIncluding": "6.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nvidia:shield_tv:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49F85C44-6B7E-4B7C-AC8D-9D5727DFA0B8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "NVIDIA TrustZone Software contains a vulnerability in the Keymaster implementation where the software reads data past the end, or before the beginning, of the intended buffer; and may lead to denial of service or information disclosure. This issue is rated as high."
},
{
"lang": "es",
"value": "NVIDIA TrustZone Software contiene una vulnerabilidad en la implementaci\u00f3n Keymaster donde el software lee datos m\u00e1s all\u00e1 del final o antes del comienzo del b\u00fafer. Y podr\u00eda conducir a una denegaci\u00f3n de servicio (DoS) o a una divulgaci\u00f3n de informaci\u00f3n. Este problema se ha clasificado como grave."
}
],
"id": "CVE-2017-6295",
"lastModified": "2024-11-21T03:29:29.487",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 3.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.0,
"impactScore": 5.8,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-03-06T16:29:00.433",
"references": [
{
"source": "psirt@nvidia.com",
"tags": [
"Vendor Advisory"
],
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4631"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4631"
}
],
"sourceIdentifier": "psirt@nvidia.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-04-24 19:59
Modified
2024-11-21 02:57
Severity ?
Summary
Integer overflow in nvhost_job.c in the NVIDIA video driver for Android, Shield TV before OTA 3.3, Shield Table before OTA 4.4, and Shield Table TK1 before OTA 1.5 allows local users to cause a denial of service (system crash) via unspecified vectors, which triggers a buffer overflow.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| nvidia | shield_tablet_firmware | * | |
| nvidia | shield_tablet | - | |
| nvidia | shield_tablet_tk1_firmware | * | |
| nvidia | shield_tablet_tk1 | - | |
| nvidia | shield_tv_firmware | * | |
| nvidia | shield_tv | - | |
| nvidia | video_driver | - | |
| nexus_9 | - | ||
| pixel_c | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nvidia:shield_tablet_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0750A91D-C568-49C4-86E0-D9DA075BA33D",
"versionEndIncluding": "4.3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nvidia:shield_tablet:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A28C0ED3-654C-4783-B8A0-67D7C3D1FE9A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nvidia:shield_tablet_tk1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D103EA4F-A03D-487F-8686-838078B78199",
"versionEndIncluding": "1.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nvidia:shield_tablet_tk1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "845E4A71-7181-4AB6-9ADF-43ABC6C9A785",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nvidia:shield_tv_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8D495631-CFF4-46B5-AAAE-3E51717C1337",
"versionEndIncluding": "3.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nvidia:shield_tv:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49F85C44-6B7E-4B7C-AC8D-9D5727DFA0B8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nvidia:video_driver:-:*:*:*:*:android:*:*",
"matchCriteriaId": "C162AD10-3322-4317-B808-B6B517576F66",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:google:nexus_9:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1018566D-5DBE-44BD-BA05-1F6A6375C32F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:google:pixel_c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9526852E-8BF4-42AA-A9BC-84FEC564B871",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in nvhost_job.c in the NVIDIA video driver for Android, Shield TV before OTA 3.3, Shield Table before OTA 4.4, and Shield Table TK1 before OTA 1.5 allows local users to cause a denial of service (system crash) via unspecified vectors, which triggers a buffer overflow."
},
{
"lang": "es",
"value": "Desbordamiento de entero en nvhost_job.c en el video driver NVIDIA para Android, Shield TV en versiones anteriores a OTA 3.3, Shield Table en versiones anteriores a OTA 4.4, y Shield Table TK1 en versiones anteriores a OTA 1.5 permite usuarios locales provocar una denegaci\u00f3n de servicio (ca\u00edda del sistema) a trav\u00e9s de vectores no especificados, lo que desencadena desbordamiento de b\u00fafer."
}
],
"id": "CVE-2016-6916",
"lastModified": "2024-11-21T02:57:05.740",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-04-24T19:59:00.427",
"references": [
{
"source": "cve@mitre.org",
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4561"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/94667"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4276/~/security-bulletin%3A-nvidia-shield-contains-multiple-vulnerabilities-in"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://source.android.com/security/bulletin/2016-12-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4561"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/94667"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4276/~/security-bulletin%3A-nvidia-shield-contains-multiple-vulnerabilities-in"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://source.android.com/security/bulletin/2016-12-01"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-190"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-04-24 20:59
Modified
2024-11-21 02:57
Severity ?
Summary
Stack-based buffer overflow in nvhost_job.c in the NVIDIA video driver for Android, Shield TV before OTA 3.3, Shield Table before OTA 4.4, and Shield Table TK1 before OTA 1.5.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| nvidia | shield_tablet_firmware | * | |
| nvidia | shield_tablet | - | |
| nvidia | shield_tablet_tk1_firmware | * | |
| nvidia | shield_tablet_tk1 | - | |
| nvidia | shield_tv_firmware | * | |
| nvidia | shield_tv | - | |
| nvidia | video_driver | - | |
| nexus_9 | - | ||
| pixel_c | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nvidia:shield_tablet_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0750A91D-C568-49C4-86E0-D9DA075BA33D",
"versionEndIncluding": "4.3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nvidia:shield_tablet:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A28C0ED3-654C-4783-B8A0-67D7C3D1FE9A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nvidia:shield_tablet_tk1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D103EA4F-A03D-487F-8686-838078B78199",
"versionEndIncluding": "1.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nvidia:shield_tablet_tk1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "845E4A71-7181-4AB6-9ADF-43ABC6C9A785",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nvidia:shield_tv_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8D495631-CFF4-46B5-AAAE-3E51717C1337",
"versionEndIncluding": "3.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nvidia:shield_tv:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49F85C44-6B7E-4B7C-AC8D-9D5727DFA0B8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nvidia:video_driver:-:*:*:*:*:android:*:*",
"matchCriteriaId": "C162AD10-3322-4317-B808-B6B517576F66",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:google:nexus_9:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1018566D-5DBE-44BD-BA05-1F6A6375C32F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:google:pixel_c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9526852E-8BF4-42AA-A9BC-84FEC564B871",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in nvhost_job.c in the NVIDIA video driver for Android, Shield TV before OTA 3.3, Shield Table before OTA 4.4, and Shield Table TK1 before OTA 1.5."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer basado en la pila en nvhost_job.c en el controlador de v\u00eddeo NVIDIA para Android, Shield TV versiones anteriores de OTA 3.3, Shield Table versiones anteriores de OTA 4.4 y Shield Table TK1 versiones anteriores de OTA 1.5."
}
],
"id": "CVE-2016-6915",
"lastModified": "2024-11-21T02:57:05.563",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-04-24T20:59:00.147",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4276/~/security-bulletin%3A-nvidia-shield-contains-multiple-vulnerabilities-in"
},
{
"source": "cve@mitre.org",
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4561"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/94667"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://source.android.com/security/bulletin/2016-12-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4276/~/security-bulletin%3A-nvidia-shield-contains-multiple-vulnerabilities-in"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4561"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/94667"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://source.android.com/security/bulletin/2016-12-01"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-03-06 16:29
Modified
2024-11-21 03:29
Severity ?
Summary
NVIDIA Security Engine contains a vulnerability in the RSA function where the keyslot read/write lock permissions are cleared on a chip reset which may lead to information disclosure. This issue is rated as high.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nvidia:shield_tv_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "78C328C9-DEF4-47AE-91F2-8C8AA43B4E20",
"versionEndIncluding": "6.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nvidia:shield_tv:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49F85C44-6B7E-4B7C-AC8D-9D5727DFA0B8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "NVIDIA Security Engine contains a vulnerability in the RSA function where the keyslot read/write lock permissions are cleared on a chip reset which may lead to information disclosure. This issue is rated as high."
},
{
"lang": "es",
"value": "NVIDIA Security Engine contiene una vulnerabilidad en la funci\u00f3n RSA, donde los permisos de bloqueo de lectura/escritura del keyslot se limpian en un restablecimiento del chip. Esto podr\u00eda conducir a la divulgaci\u00f3n de informaci\u00f3n. Este problema se ha clasificado como grave."
}
],
"id": "CVE-2017-6283",
"lastModified": "2024-11-21T03:29:27.310",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-03-06T16:29:00.327",
"references": [
{
"source": "psirt@nvidia.com",
"tags": [
"Vendor Advisory"
],
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4631"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4631"
}
],
"sourceIdentifier": "psirt@nvidia.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-03-06 16:29
Modified
2024-11-21 03:29
Severity ?
Summary
NVIDIA Security Engine contains a vulnerability in the Deterministic Random Bit Generator (DRBG) where the DRBG does not properly initialize and store or transmits sensitive data using a weakened encryption scheme that is unable to protect sensitive data which may lead to information disclosure.This issue is rated as moderate.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nvidia:shield_tv_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "78C328C9-DEF4-47AE-91F2-8C8AA43B4E20",
"versionEndIncluding": "6.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nvidia:shield_tv:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49F85C44-6B7E-4B7C-AC8D-9D5727DFA0B8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "NVIDIA Security Engine contains a vulnerability in the Deterministic Random Bit Generator (DRBG) where the DRBG does not properly initialize and store or transmits sensitive data using a weakened encryption scheme that is unable to protect sensitive data which may lead to information disclosure.This issue is rated as moderate."
},
{
"lang": "es",
"value": "NVIDIA Security Engine contiene una vulnerabilidad en el DRBG (Deterministic Random Bit Generator) donde este no inicializa o almacena y transmite datos sensibles mediante un esquema de cifrado d\u00e9bil que no puede proteger correctamente datos sensibles y que puede desembocar en una divulgaci\u00f3n de informaci\u00f3n. Este problema se ha clasificado como moderado."
}
],
"id": "CVE-2017-6284",
"lastModified": "2024-11-21T03:29:27.493",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-03-06T16:29:00.387",
"references": [
{
"source": "psirt@nvidia.com",
"tags": [
"Vendor Advisory"
],
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4631"
},
{
"source": "psirt@nvidia.com",
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4631"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787"
}
],
"sourceIdentifier": "psirt@nvidia.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
},
{
"lang": "en",
"value": "CWE-326"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-03-06 16:29
Modified
2024-11-21 03:29
Severity ?
Summary
NVIDIA TrustZone Software contains a TOCTOU issue in the DRM application which may lead to the denial of service or possible escalation of privileges. This issue is rated as moderate.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nvidia:shield_tv_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "78C328C9-DEF4-47AE-91F2-8C8AA43B4E20",
"versionEndIncluding": "6.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nvidia:shield_tv:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49F85C44-6B7E-4B7C-AC8D-9D5727DFA0B8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "NVIDIA TrustZone Software contains a TOCTOU issue in the DRM application which may lead to the denial of service or possible escalation of privileges. This issue is rated as moderate."
},
{
"lang": "es",
"value": "NVIDIA TrustZone Software contiene un problema de TOCTOU en la aplicaci\u00f3n DRM, lo que podr\u00eda conducir a una denegaci\u00f3n de servicio (DoS) o a una escalada de privilegios. Este problema se ha clasificado como moderado,"
}
],
"id": "CVE-2017-6296",
"lastModified": "2024-11-21T03:29:29.720",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.0,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-03-06T16:29:00.480",
"references": [
{
"source": "psirt@nvidia.com",
"tags": [
"Vendor Advisory"
],
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4631"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4631"
}
],
"sourceIdentifier": "psirt@nvidia.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-362"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-04-24 19:59
Modified
2024-11-21 02:57
Severity ?
Summary
Buffer overflow in nvhost_job.c in the NVIDIA video driver for Android, Shield TV before OTA 3.3, Shield Table before OTA 4.4, and Shield Table TK1 before OTA 1.5.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| nvidia | shield_tablet_firmware | * | |
| nvidia | shield_tablet | - | |
| nvidia | shield_tablet_tk1_firmware | * | |
| nvidia | shield_tablet_tk1 | - | |
| nvidia | shield_tv_firmware | * | |
| nvidia | shield_tv | - | |
| nvidia | video_driver | - | |
| nexus_9 | - | ||
| pixel_c | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nvidia:shield_tablet_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0750A91D-C568-49C4-86E0-D9DA075BA33D",
"versionEndIncluding": "4.3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nvidia:shield_tablet:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A28C0ED3-654C-4783-B8A0-67D7C3D1FE9A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nvidia:shield_tablet_tk1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D103EA4F-A03D-487F-8686-838078B78199",
"versionEndIncluding": "1.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nvidia:shield_tablet_tk1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "845E4A71-7181-4AB6-9ADF-43ABC6C9A785",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nvidia:shield_tv_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8D495631-CFF4-46B5-AAAE-3E51717C1337",
"versionEndIncluding": "3.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nvidia:shield_tv:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49F85C44-6B7E-4B7C-AC8D-9D5727DFA0B8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nvidia:video_driver:-:*:*:*:*:android:*:*",
"matchCriteriaId": "C162AD10-3322-4317-B808-B6B517576F66",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:google:nexus_9:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1018566D-5DBE-44BD-BA05-1F6A6375C32F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:google:pixel_c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9526852E-8BF4-42AA-A9BC-84FEC564B871",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in nvhost_job.c in the NVIDIA video driver for Android, Shield TV before OTA 3.3, Shield Table before OTA 4.4, and Shield Table TK1 before OTA 1.5."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer en nvhost_job.c en el video driver NVIDIA video para Android, Shield TV en versiones anteriores a OTA 3.3, Shield Table en versiones anteriores a OTA 4.4, y Shield Table TK1 en versiones anteriores a OTA 1.5."
}
],
"id": "CVE-2016-6917",
"lastModified": "2024-11-21T02:57:05.900",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-04-24T19:59:00.457",
"references": [
{
"source": "cve@mitre.org",
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4561"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/94667"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4276/~/security-bulletin%3A-nvidia-shield-contains-multiple-vulnerabilities-in"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://source.android.com/security/bulletin/2016-12-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4561"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/94667"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4276/~/security-bulletin%3A-nvidia-shield-contains-multiple-vulnerabilities-in"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://source.android.com/security/bulletin/2016-12-01"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}