Vulnerabilites related to nvidia - jetson_tx2_nx
Vulnerability from fkie_nvd
Published
2021-08-11 22:15
Modified
2024-11-21 05:43
Severity ?
4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Summary
NVIDIA Linux kernel distributions contain a vulnerability in the kernel crypto node, where use after free may lead to complete denial of service.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| nvidia | jetson_linux | * | |
| nvidia | jetson_agx_xavier | - | |
| nvidia | jetson_tx2 | - | |
| nvidia | jetson_tx2_nx | - | |
| nvidia | jetson_xavier_nx | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:nvidia:jetson_linux:*:*:*:*:*:*:*:*", matchCriteriaId: "9E69A431-2B5A-4718-BCD2-CA2D1077641B", versionEndExcluding: "32.6.1", versionStartIncluding: "32.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:nvidia:jetson_agx_xavier:-:*:*:*:*:*:*:*", matchCriteriaId: "5DD3D2AA-2A9F-470D-BB0F-A7B7C2EC2490", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2:-:*:*:*:*:*:*:*", matchCriteriaId: "DE9D4A55-A232-4AF2-B7E9-CD58D7D17479", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2_nx:-:*:*:*:*:*:*:*", matchCriteriaId: "64C3FB58-08AA-4FE4-97BE-21B254BA229F", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:*:*:*:*:*:*", matchCriteriaId: "B0AA5976-FD71-4A53-BD4F-D342E871FEB0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "NVIDIA Linux kernel distributions contain a vulnerability in the kernel crypto node, where use after free may lead to complete denial of service.", }, { lang: "es", value: "Las distribuciones del kernel de Linux de NVIDIA contienen una vulnerabilidad en el nodo criptográfico del kernel, donde un uso de memoria previamente liberada puede conllevar a una denegación de servicio completa", }, ], id: "CVE-2021-1114", lastModified: "2024-11-21T05:43:37.500", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 4.9, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:N/I:N/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 3.6, source: "psirt@nvidia.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-08-11T22:15:08.537", references: [ { source: "psirt@nvidia.com", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5216", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5216", }, ], sourceIdentifier: "psirt@nvidia.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-416", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-06-22 22:15
Modified
2024-11-21 06:10
Severity ?
3.0 (Low) - CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:L
2.3 (Low) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L
2.3 (Low) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L
Summary
Bootloader contains a vulnerability in access permission settings where unauthorized software may be able to overwrite NVIDIA MB2 code, which would result in limited denial of service.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| nvidia | jetson_linux | * | |
| nvidia | jetson_tx2 | - | |
| nvidia | jetson_tx2_4gb | - | |
| nvidia | jetson_tx2_nx | - | |
| nvidia | jetson_tx2i | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:nvidia:jetson_linux:*:*:*:*:*:*:*:*", matchCriteriaId: "E8941F71-0292-414E-AEA5-DD55EA3C2009", versionEndExcluding: "32.5.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:nvidia:jetson_tx2:-:*:*:*:*:*:*:*", matchCriteriaId: "DE9D4A55-A232-4AF2-B7E9-CD58D7D17479", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2_4gb:-:*:*:*:*:*:*:*", matchCriteriaId: "71994F94-5279-4107-99F5-48990AE0C686", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2_nx:-:*:*:*:*:*:*:*", matchCriteriaId: "64C3FB58-08AA-4FE4-97BE-21B254BA229F", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2i:-:*:*:*:*:*:*:*", matchCriteriaId: "5DF55ABB-1B4F-452E-9D84-C01A638F88A0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Bootloader contains a vulnerability in access permission settings where unauthorized software may be able to overwrite NVIDIA MB2 code, which would result in limited denial of service.", }, { lang: "es", value: "El cargador de arranque contiene una vulnerabilidad en la configuración de los permisos de acceso donde el software no autorizado podría sobrescribir el código NVIDIA MB2, lo que podría resultar en una denegación de servicio limitada", }, ], id: "CVE-2021-34396", lastModified: "2024-11-21T06:10:18.710", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 2.1, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 3, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:L", version: "3.1", }, exploitabilityScore: 0.5, impactScore: 2.5, source: "psirt@nvidia.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 2.3, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-06-22T22:15:09.400", references: [ { source: "psirt@nvidia.com", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5205", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5205", }, ], sourceIdentifier: "psirt@nvidia.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-04-27 18:15
Modified
2024-11-21 06:56
Severity ?
4.6 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:L
4.6 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:L
4.6 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:L
Summary
NVIDIA Jetson Linux Driver Package contains a vulnerability in the Cboot blob_decompress function, where insufficient validation of untrusted data may allow a local attacker with elevated privileges to cause a memory buffer overflow, which may lead to code execution, limited loss of Integrity, and limited denial of service. The scope of impact can extend to other components.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| nvidia | jetson_linux | * | |
| nvidia | jetson_agx_xavier | - | |
| nvidia | jetson_tx2 | - | |
| nvidia | jetson_tx2_nx | - | |
| nvidia | jetson_xavier_nx | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:nvidia:jetson_linux:*:*:*:*:*:*:*:*", matchCriteriaId: "5C65BE02-61B8-4A4D-84A8-52BCA6895C34", versionEndExcluding: "32.7.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:nvidia:jetson_agx_xavier:-:*:*:*:*:*:*:*", matchCriteriaId: "5DD3D2AA-2A9F-470D-BB0F-A7B7C2EC2490", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2:-:*:*:*:*:*:*:*", matchCriteriaId: "DE9D4A55-A232-4AF2-B7E9-CD58D7D17479", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2_nx:-:*:*:*:*:*:*:*", matchCriteriaId: "64C3FB58-08AA-4FE4-97BE-21B254BA229F", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:*:*:*:*:*:*", matchCriteriaId: "B0AA5976-FD71-4A53-BD4F-D342E871FEB0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "NVIDIA Jetson Linux Driver Package contains a vulnerability in the Cboot blob_decompress function, where insufficient validation of untrusted data may allow a local attacker with elevated privileges to cause a memory buffer overflow, which may lead to code execution, limited loss of Integrity, and limited denial of service. The scope of impact can extend to other components.", }, { lang: "es", value: "El paquete de controladores de NVIDIA Jetson para Linux contiene una vulnerabilidad en la función Cboot blob_decompress, en la que una validación insuficiente de los datos que no son de confianza puede permitir a un atacante local con privilegios elevados provocar un desbordamiento del búfer de memoria, lo que puede conducir a la ejecución de código, una pérdida limitada de integridad y una denegación de servicio limitada. El alcance del impacto puede extenderse a otros componentes", }, ], id: "CVE-2022-28196", lastModified: "2024-11-21T06:56:55.917", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 3.6, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:N/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 4.6, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:L", version: "3.1", }, exploitabilityScore: 1.5, impactScore: 2.7, source: "psirt@nvidia.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 4.6, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:L", version: "3.1", }, exploitabilityScore: 1.5, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-04-27T18:15:08.097", references: [ { source: "psirt@nvidia.com", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5343", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5343", }, ], sourceIdentifier: "psirt@nvidia.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "psirt@nvidia.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-06-30 11:15
Modified
2024-11-21 06:10
Severity ?
7.7 (High) - CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Trusty contains a vulnerability in command handlers where the length of input buffers is not verified. This vulnerability can cause memory corruption, which may lead to information disclosure, escalation of privileges, and denial of service.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| nvidia | jetson_linux | * | |
| nvidia | jetson_agx_xavier_16gb | - | |
| nvidia | jetson_agx_xavier_32gb | - | |
| nvidia | jetson_agx_xavier_8gb | - | |
| nvidia | jetson_tx2 | - | |
| nvidia | jetson_tx2_4gb | - | |
| nvidia | jetson_tx2_nx | - | |
| nvidia | jetson_tx2i | - | |
| nvidia | jetson_xavier_nx | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:nvidia:jetson_linux:*:*:*:*:*:*:*:*", matchCriteriaId: "E8941F71-0292-414E-AEA5-DD55EA3C2009", versionEndExcluding: "32.5.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:nvidia:jetson_agx_xavier_16gb:-:*:*:*:*:*:*:*", matchCriteriaId: "E0E081CB-B6EC-42DC-BA04-BCA13C17D190", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_agx_xavier_32gb:-:*:*:*:*:*:*:*", matchCriteriaId: "4F92D471-8E65-41FC-A5DE-255136F6F989", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_agx_xavier_8gb:-:*:*:*:*:*:*:*", matchCriteriaId: "E29459F7-997A-4B87-9164-6E3B5158ADC3", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2:-:*:*:*:*:*:*:*", matchCriteriaId: "DE9D4A55-A232-4AF2-B7E9-CD58D7D17479", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2_4gb:-:*:*:*:*:*:*:*", matchCriteriaId: "71994F94-5279-4107-99F5-48990AE0C686", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2_nx:-:*:*:*:*:*:*:*", matchCriteriaId: "64C3FB58-08AA-4FE4-97BE-21B254BA229F", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2i:-:*:*:*:*:*:*:*", matchCriteriaId: "5DF55ABB-1B4F-452E-9D84-C01A638F88A0", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:*:*:*:*:*:*", matchCriteriaId: "B0AA5976-FD71-4A53-BD4F-D342E871FEB0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Trusty contains a vulnerability in command handlers where the length of input buffers is not verified. This vulnerability can cause memory corruption, which may lead to information disclosure, escalation of privileges, and denial of service.", }, { lang: "es", value: "Trusty contiene una vulnerabilidad en los manejadores de comandos donde la longitud de los búferes de entrada no es verificada. Esta vulnerabilidad puede causar una corrupción de la memoria, lo que puede conllevar a una divulgación de información, escalada de privilegios y una denegación de servicio", }, ], id: "CVE-2021-34374", lastModified: "2024-11-21T06:10:15.740", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.7, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.1, impactScore: 6, source: "psirt@nvidia.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-06-30T11:15:08.277", references: [ { source: "psirt@nvidia.com", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5205", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5205", }, ], sourceIdentifier: "psirt@nvidia.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-06-21 22:15
Modified
2024-11-21 06:10
Severity ?
6.3 (Medium) - CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Bootloader contains a vulnerability in NVIDIA TegraBoot where a potential heap overflow might allow an attacker to control all the RAM after the heap block, leading to denial of service or code execution.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| nvidia | jetson_linux | * | |
| nvidia | jetson_agx_xavier_16gb | - | |
| nvidia | jetson_agx_xavier_32gb | - | |
| nvidia | jetson_agx_xavier_8gb | - | |
| nvidia | jetson_nano | - | |
| nvidia | jetson_nano | - | |
| nvidia | jetson_nano_2gb | - | |
| nvidia | jetson_tx1 | - | |
| nvidia | jetson_tx2 | - | |
| nvidia | jetson_tx2_4gb | - | |
| nvidia | jetson_tx2_nx | - | |
| nvidia | jetson_tx2i | - | |
| nvidia | jetson_xavier_nx | - | |
| nvidia | jetson_xavier_nx | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:nvidia:jetson_linux:*:*:*:*:*:*:*:*", matchCriteriaId: "E8941F71-0292-414E-AEA5-DD55EA3C2009", versionEndExcluding: "32.5.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:nvidia:jetson_agx_xavier_16gb:-:*:*:*:*:*:*:*", matchCriteriaId: "E0E081CB-B6EC-42DC-BA04-BCA13C17D190", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_agx_xavier_32gb:-:*:*:*:*:*:*:*", matchCriteriaId: "4F92D471-8E65-41FC-A5DE-255136F6F989", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_agx_xavier_8gb:-:*:*:*:*:*:*:*", matchCriteriaId: "E29459F7-997A-4B87-9164-6E3B5158ADC3", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_nano:-:*:-:*:*:*:*:*", matchCriteriaId: "9244F123-8518-4D81-AD26-5695F27F413B", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_nano:-:*:developer_kit:*:*:*:*:*", matchCriteriaId: "80BF53A0-8FDF-4827-9C00-ED082C4A68C7", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_nano_2gb:-:*:*:*:*:*:*:*", matchCriteriaId: "52E153CA-BE89-4C66-8B72-8901BF592423", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx1:-:*:*:*:*:*:*:*", matchCriteriaId: "86D1FDAD-C594-43D9-9BF6-F7461177AB91", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2:-:*:*:*:*:*:*:*", matchCriteriaId: "DE9D4A55-A232-4AF2-B7E9-CD58D7D17479", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2_4gb:-:*:*:*:*:*:*:*", matchCriteriaId: "71994F94-5279-4107-99F5-48990AE0C686", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2_nx:-:*:*:*:*:*:*:*", matchCriteriaId: "64C3FB58-08AA-4FE4-97BE-21B254BA229F", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2i:-:*:*:*:*:*:*:*", matchCriteriaId: "5DF55ABB-1B4F-452E-9D84-C01A638F88A0", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:developer_kit:*:*:*:*:*", matchCriteriaId: "3E54B955-F0E2-44BD-9B8C-3C788BBCF2A9", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:production:*:*:*:*:*", matchCriteriaId: "3E0C93C3-26F6-48E4-BADA-4DB05A7BA9D1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Bootloader contains a vulnerability in NVIDIA TegraBoot where a potential heap overflow might allow an attacker to control all the RAM after the heap block, leading to denial of service or code execution.", }, { lang: "es", value: "El gestor de arranque contiene una vulnerabilidad en NVIDIA TegraBoot en la que un potencial desbordamiento de heap podría permitir a un atacante controlar toda la RAM después del bloque de heap, lo que llevaría a una denegación de servicio o a la ejecución de código", }, ], id: "CVE-2021-34388", lastModified: "2024-11-21T06:10:17.633", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H", version: "3.1", }, exploitabilityScore: 1, impactScore: 5.2, source: "psirt@nvidia.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-06-21T22:15:07.760", references: [ { source: "psirt@nvidia.com", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5205", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5205", }, ], sourceIdentifier: "psirt@nvidia.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-08-11 22:15
Modified
2024-11-21 05:43
Severity ?
7.2 (High) - CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:H/A:H
6.3 (Medium) - CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H
6.3 (Medium) - CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H
Summary
NVIDIA camera firmware contains a multistep, timing-related vulnerability where an unauthorized modification by camera resources may result in loss of data integrity or denial of service across several streams.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| nvidia | jetson_linux | * | |
| nvidia | jetson_agx_xavier | - | |
| nvidia | jetson_nano | - | |
| nvidia | jetson_nano_2gb | - | |
| nvidia | jetson_tx1 | - | |
| nvidia | jetson_tx2 | - | |
| nvidia | jetson_tx2_nx | - | |
| nvidia | jetson_xavier_nx | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:nvidia:jetson_linux:*:*:*:*:*:*:*:*", matchCriteriaId: "9E69A431-2B5A-4718-BCD2-CA2D1077641B", versionEndExcluding: "32.6.1", versionStartIncluding: "32.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:nvidia:jetson_agx_xavier:-:*:*:*:*:*:*:*", matchCriteriaId: "5DD3D2AA-2A9F-470D-BB0F-A7B7C2EC2490", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_nano:-:*:*:*:*:*:*:*", matchCriteriaId: "2B2B041F-21A8-4F0B-BBAF-7CDD8B911547", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_nano_2gb:-:*:*:*:*:*:*:*", matchCriteriaId: "52E153CA-BE89-4C66-8B72-8901BF592423", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx1:-:*:*:*:*:*:*:*", matchCriteriaId: "86D1FDAD-C594-43D9-9BF6-F7461177AB91", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2:-:*:*:*:*:*:*:*", matchCriteriaId: "DE9D4A55-A232-4AF2-B7E9-CD58D7D17479", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2_nx:-:*:*:*:*:*:*:*", matchCriteriaId: "64C3FB58-08AA-4FE4-97BE-21B254BA229F", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:*:*:*:*:*:*", matchCriteriaId: "B0AA5976-FD71-4A53-BD4F-D342E871FEB0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "NVIDIA camera firmware contains a multistep, timing-related vulnerability where an unauthorized modification by camera resources may result in loss of data integrity or denial of service across several streams.", }, { lang: "es", value: "El firmware de la cámara NVIDIA contiene una vulnerabilidad relacionada con la temporización en la que una modificación no autorizada de recursos de la cámara puede resultar en una pérdida de la integridad de datos o una denegación de servicio en varios flujos", }, ], id: "CVE-2021-1109", lastModified: "2024-11-21T05:43:36.923", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "MEDIUM", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 3.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:M/Au:N/C:N/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.4, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.8, source: "psirt@nvidia.com", type: "Secondary", }, { cvssData: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H", version: "3.1", }, exploitabilityScore: 1, impactScore: 5.2, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-08-11T22:15:08.193", references: [ { source: "psirt@nvidia.com", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5216", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5216", }, ], sourceIdentifier: "psirt@nvidia.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-06-21 22:15
Modified
2024-11-21 06:10
Severity ?
5.0 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
5.0 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
5.0 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
Summary
Trusty contains a vulnerability in NVIDIA OTE protocol message parsing code, which is present in all the TAs. An incorrect bounds check can allow a local user through a malicious client to access memory from the heap in the TrustZone, which may lead to information disclosure.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| nvidia | jetson_linux | * | |
| nvidia | jetson_agx_xavier_16gb | - | |
| nvidia | jetson_agx_xavier_32gb | - | |
| nvidia | jetson_agx_xavier_8gb | - | |
| nvidia | jetson_tx2 | - | |
| nvidia | jetson_tx2_4gb | - | |
| nvidia | jetson_tx2_nx | - | |
| nvidia | jetson_tx2i | - | |
| nvidia | jetson_xavier_nx | - | |
| nvidia | jetson_xavier_nx | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:nvidia:jetson_linux:*:*:*:*:*:*:*:*", matchCriteriaId: "E8941F71-0292-414E-AEA5-DD55EA3C2009", versionEndExcluding: "32.5.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:nvidia:jetson_agx_xavier_16gb:-:*:*:*:*:*:*:*", matchCriteriaId: "E0E081CB-B6EC-42DC-BA04-BCA13C17D190", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_agx_xavier_32gb:-:*:*:*:*:*:*:*", matchCriteriaId: "4F92D471-8E65-41FC-A5DE-255136F6F989", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_agx_xavier_8gb:-:*:*:*:*:*:*:*", matchCriteriaId: "E29459F7-997A-4B87-9164-6E3B5158ADC3", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2:-:*:*:*:*:*:*:*", matchCriteriaId: "DE9D4A55-A232-4AF2-B7E9-CD58D7D17479", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2_4gb:-:*:*:*:*:*:*:*", matchCriteriaId: "71994F94-5279-4107-99F5-48990AE0C686", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2_nx:-:*:*:*:*:*:*:*", matchCriteriaId: "64C3FB58-08AA-4FE4-97BE-21B254BA229F", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2i:-:*:*:*:*:*:*:*", matchCriteriaId: "5DF55ABB-1B4F-452E-9D84-C01A638F88A0", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:developer_kit:*:*:*:*:*", matchCriteriaId: "3E54B955-F0E2-44BD-9B8C-3C788BBCF2A9", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:production:*:*:*:*:*", matchCriteriaId: "3E0C93C3-26F6-48E4-BADA-4DB05A7BA9D1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Trusty contains a vulnerability in NVIDIA OTE protocol message parsing code, which is present in all the TAs. An incorrect bounds check can allow a local user through a malicious client to access memory from the heap in the TrustZone, which may lead to information disclosure.", }, { lang: "es", value: "Trusty contiene una vulnerabilidad en el código de análisis de mensajes del protocolo NVIDIA OTE, que está presente en todas las TA. Una comprobación de límites incorrecta puede permitir a un usuario local, a través de un cliente malicioso, acceder a la memoria de la pila de la TrustZone, lo que puede conducir a la divulgación de información", }, ], id: "CVE-2021-34389", lastModified: "2024-11-21T06:10:17.770", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "MEDIUM", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 1.9, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:L/AC:M/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 3.4, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 1.3, impactScore: 3.6, source: "psirt@nvidia.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 1.3, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-06-21T22:15:07.833", references: [ { source: "psirt@nvidia.com", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5205", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5205", }, ], sourceIdentifier: "psirt@nvidia.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-401", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-06-30 11:15
Modified
2024-11-21 06:10
Severity ?
7.0 (High) - CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Bootloader contains a vulnerability in NVIDIA MB2 where potential heap overflow might cause corruption of the heap metadata, which might lead to arbitrary code execution, denial of service, and information disclosure during secure boot.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| nvidia | jetson_linux | * | |
| nvidia | jetson_agx_xavier_16gb | - | |
| nvidia | jetson_agx_xavier_32gb | - | |
| nvidia | jetson_agx_xavier_8gb | - | |
| nvidia | jetson_tx2 | - | |
| nvidia | jetson_tx2_4gb | - | |
| nvidia | jetson_tx2_nx | - | |
| nvidia | jetson_tx2i | - | |
| nvidia | jetson_xavier_nx | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:nvidia:jetson_linux:*:*:*:*:*:*:*:*", matchCriteriaId: "E8941F71-0292-414E-AEA5-DD55EA3C2009", versionEndExcluding: "32.5.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:nvidia:jetson_agx_xavier_16gb:-:*:*:*:*:*:*:*", matchCriteriaId: "E0E081CB-B6EC-42DC-BA04-BCA13C17D190", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_agx_xavier_32gb:-:*:*:*:*:*:*:*", matchCriteriaId: "4F92D471-8E65-41FC-A5DE-255136F6F989", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_agx_xavier_8gb:-:*:*:*:*:*:*:*", matchCriteriaId: "E29459F7-997A-4B87-9164-6E3B5158ADC3", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2:-:*:*:*:*:*:*:*", matchCriteriaId: "DE9D4A55-A232-4AF2-B7E9-CD58D7D17479", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2_4gb:-:*:*:*:*:*:*:*", matchCriteriaId: "71994F94-5279-4107-99F5-48990AE0C686", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2_nx:-:*:*:*:*:*:*:*", matchCriteriaId: "64C3FB58-08AA-4FE4-97BE-21B254BA229F", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2i:-:*:*:*:*:*:*:*", matchCriteriaId: "5DF55ABB-1B4F-452E-9D84-C01A638F88A0", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:*:*:*:*:*:*", matchCriteriaId: "B0AA5976-FD71-4A53-BD4F-D342E871FEB0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Bootloader contains a vulnerability in NVIDIA MB2 where potential heap overflow might cause corruption of the heap metadata, which might lead to arbitrary code execution, denial of service, and information disclosure during secure boot.", }, { lang: "es", value: "El cargador de arranque contiene una vulnerabilidad en NVIDIA MB2 en la que un posible desbordamiento de la pila podría causar una corrupción de los metadatos de la pila, lo que podría conllevar a una ejecución de código arbitraria, denegación de servicio y una divulgación de información durante el arranque seguro", }, ], id: "CVE-2021-34380", lastModified: "2024-11-21T06:10:16.567", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1, impactScore: 5.9, source: "psirt@nvidia.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-06-30T11:15:08.617", references: [ { source: "psirt@nvidia.com", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5205", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5205", }, ], sourceIdentifier: "psirt@nvidia.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-08-11 22:15
Modified
2024-11-21 05:43
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
NVIDIA Linux kernel distributions contain a vulnerability in nvmap NVMAP_IOC_WRITE* paths, where improper access controls may lead to code execution, complete denial of service, and seriously compromised integrity of all system components.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| nvidia | jetson_linux | * | |
| nvidia | jetson_agx_xavier | - | |
| nvidia | jetson_nano | - | |
| nvidia | jetson_nano_2gb | - | |
| nvidia | jetson_tx1 | - | |
| nvidia | jetson_tx2 | - | |
| nvidia | jetson_tx2_nx | - | |
| nvidia | jetson_xavier_nx | - | |
| nvidia | shield_experience | * | |
| nvidia | shield_tv | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:nvidia:jetson_linux:*:*:*:*:*:*:*:*", matchCriteriaId: "9E69A431-2B5A-4718-BCD2-CA2D1077641B", versionEndExcluding: "32.6.1", versionStartIncluding: "32.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:nvidia:jetson_agx_xavier:-:*:*:*:*:*:*:*", matchCriteriaId: "5DD3D2AA-2A9F-470D-BB0F-A7B7C2EC2490", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_nano:-:*:*:*:*:*:*:*", matchCriteriaId: "2B2B041F-21A8-4F0B-BBAF-7CDD8B911547", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_nano_2gb:-:*:*:*:*:*:*:*", matchCriteriaId: "52E153CA-BE89-4C66-8B72-8901BF592423", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx1:-:*:*:*:*:*:*:*", matchCriteriaId: "86D1FDAD-C594-43D9-9BF6-F7461177AB91", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2:-:*:*:*:*:*:*:*", matchCriteriaId: "DE9D4A55-A232-4AF2-B7E9-CD58D7D17479", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2_nx:-:*:*:*:*:*:*:*", matchCriteriaId: "64C3FB58-08AA-4FE4-97BE-21B254BA229F", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:*:*:*:*:*:*", matchCriteriaId: "B0AA5976-FD71-4A53-BD4F-D342E871FEB0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:shield_experience:*:*:*:*:*:*:*:*", matchCriteriaId: "71B40848-51B9-47D6-83D9-B45EDBA785DA", versionEndExcluding: "9.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:nvidia:shield_tv:-:*:*:*:*:*:*:*", matchCriteriaId: "49F85C44-6B7E-4B7C-AC8D-9D5727DFA0B8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "NVIDIA Linux kernel distributions contain a vulnerability in nvmap NVMAP_IOC_WRITE* paths, where improper access controls may lead to code execution, complete denial of service, and seriously compromised integrity of all system components.", }, { lang: "es", value: "Las distribuciones del kernel de Linux de NVIDIA contienen una vulnerabilidad en las rutas nvmap NVMAP_IOC_WRITE*, donde unos controles de acceso inapropiados pueden conllevar a una ejecución de código, una denegación de servicio completa y un grave compromiso de integridad de todos los componentes del sistema", }, ], id: "CVE-2021-1107", lastModified: "2024-11-21T05:43:36.680", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "psirt@nvidia.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-08-11T22:15:08.063", references: [ { source: "psirt@nvidia.com", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5216", }, { source: "psirt@nvidia.com", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5259", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5216", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5259", }, ], sourceIdentifier: "psirt@nvidia.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-06-22 22:15
Modified
2024-11-21 06:10
Severity ?
1.9 (Low) - CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L
2.3 (Low) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L
2.3 (Low) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L
Summary
Bootloader contains a vulnerability in NVIDIA MB2, which may cause free-the-wrong-heap, which may lead to limited denial of service.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| nvidia | jetson_linux | * | |
| nvidia | jetson_agx_xavier_16gb | - | |
| nvidia | jetson_agx_xavier_32gb | - | |
| nvidia | jetson_agx_xavier_8gb | - | |
| nvidia | jetson_tx2 | - | |
| nvidia | jetson_tx2_4gb | - | |
| nvidia | jetson_tx2_nx | - | |
| nvidia | jetson_tx2i | - | |
| nvidia | jetson_xavier_nx | - | |
| nvidia | jetson_xavier_nx | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:nvidia:jetson_linux:*:*:*:*:*:*:*:*", matchCriteriaId: "E8941F71-0292-414E-AEA5-DD55EA3C2009", versionEndExcluding: "32.5.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:nvidia:jetson_agx_xavier_16gb:-:*:*:*:*:*:*:*", matchCriteriaId: "E0E081CB-B6EC-42DC-BA04-BCA13C17D190", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_agx_xavier_32gb:-:*:*:*:*:*:*:*", matchCriteriaId: "4F92D471-8E65-41FC-A5DE-255136F6F989", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_agx_xavier_8gb:-:*:*:*:*:*:*:*", matchCriteriaId: "E29459F7-997A-4B87-9164-6E3B5158ADC3", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2:-:*:*:*:*:*:*:*", matchCriteriaId: "DE9D4A55-A232-4AF2-B7E9-CD58D7D17479", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2_4gb:-:*:*:*:*:*:*:*", matchCriteriaId: "71994F94-5279-4107-99F5-48990AE0C686", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2_nx:-:*:*:*:*:*:*:*", matchCriteriaId: "64C3FB58-08AA-4FE4-97BE-21B254BA229F", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2i:-:*:*:*:*:*:*:*", matchCriteriaId: "5DF55ABB-1B4F-452E-9D84-C01A638F88A0", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:developer_kit:*:*:*:*:*", matchCriteriaId: "3E54B955-F0E2-44BD-9B8C-3C788BBCF2A9", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:production:*:*:*:*:*", matchCriteriaId: "3E0C93C3-26F6-48E4-BADA-4DB05A7BA9D1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Bootloader contains a vulnerability in NVIDIA MB2, which may cause free-the-wrong-heap, which may lead to limited denial of service.", }, { lang: "es", value: "El cargador de arranque contiene una vulnerabilidad en NVIDIA MB2, que puede causar un fallo de tipo free-the-wrong-heap, lo que podría conllevar a una denegación de servicio limitada", }, ], id: "CVE-2021-34397", lastModified: "2024-11-21T06:10:18.840", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 2.1, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 1.9, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, exploitabilityScore: 0.5, impactScore: 1.4, source: "psirt@nvidia.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 2.3, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-06-22T22:15:09.457", references: [ { source: "psirt@nvidia.com", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5205", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5205", }, ], sourceIdentifier: "psirt@nvidia.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-08-11 22:15
Modified
2024-11-21 05:43
Severity ?
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
NVIDIA Linux kernel distributions contain a vulnerability in nvmap, where a null pointer dereference may lead to complete denial of service.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| nvidia | jetson_linux | * | |
| nvidia | jetson_agx_xavier | - | |
| nvidia | jetson_nano | - | |
| nvidia | jetson_nano_2gb | - | |
| nvidia | jetson_tx1 | - | |
| nvidia | jetson_tx2 | - | |
| nvidia | jetson_tx2_nx | - | |
| nvidia | jetson_xavier_nx | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:nvidia:jetson_linux:*:*:*:*:*:*:*:*", matchCriteriaId: "9E69A431-2B5A-4718-BCD2-CA2D1077641B", versionEndExcluding: "32.6.1", versionStartIncluding: "32.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:nvidia:jetson_agx_xavier:-:*:*:*:*:*:*:*", matchCriteriaId: "5DD3D2AA-2A9F-470D-BB0F-A7B7C2EC2490", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_nano:-:*:*:*:*:*:*:*", matchCriteriaId: "2B2B041F-21A8-4F0B-BBAF-7CDD8B911547", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_nano_2gb:-:*:*:*:*:*:*:*", matchCriteriaId: "52E153CA-BE89-4C66-8B72-8901BF592423", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx1:-:*:*:*:*:*:*:*", matchCriteriaId: "86D1FDAD-C594-43D9-9BF6-F7461177AB91", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2:-:*:*:*:*:*:*:*", matchCriteriaId: "DE9D4A55-A232-4AF2-B7E9-CD58D7D17479", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2_nx:-:*:*:*:*:*:*:*", matchCriteriaId: "64C3FB58-08AA-4FE4-97BE-21B254BA229F", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:*:*:*:*:*:*", matchCriteriaId: "B0AA5976-FD71-4A53-BD4F-D342E871FEB0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "NVIDIA Linux kernel distributions contain a vulnerability in nvmap, where a null pointer dereference may lead to complete denial of service.", }, { lang: "es", value: "Las distribuciones del kernel de Linux de NVIDIA contienen una vulnerabilidad en nvmap, donde una desreferencia del puntero null puede conllevar a una denegación de servicio completa", }, ], id: "CVE-2021-1112", lastModified: "2024-11-21T05:43:37.277", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 4.9, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:N/I:N/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "psirt@nvidia.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-08-11T22:15:08.397", references: [ { source: "psirt@nvidia.com", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5216", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5216", }, ], sourceIdentifier: "psirt@nvidia.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-476", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-11-20 15:15
Modified
2024-11-21 05:43
Severity ?
4.1 (Medium) - CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Summary
NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to access debug registers during runtime, which may lead to information disclosure.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:h:nvidia:dgx-1_p100:-:*:*:*:*:*:*:*", matchCriteriaId: "47EAF1F2-41D7-4F6F-A6F4-CDC36F544204", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:dgx-1_v100:-:*:*:*:*:*:*:*", matchCriteriaId: "CBFD6294-13E6-4615-8BB0-7863CC5E62B4", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:dgx-2:-:*:*:*:*:*:*:*", matchCriteriaId: "2578180E-CD9E-4D45-B092-CEFDC3653878", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:dgx_station_a100:-:*:*:*:*:*:*:*", matchCriteriaId: "96A05233-855C-4099-BF73-0D04F8F58A44", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:drive_constellation:-:*:*:*:*:*:*:*", matchCriteriaId: "36517415-0642-4DF2-9CAF-CC73DFD301D3", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_605:-:*:*:*:*:*:*:*", matchCriteriaId: "6A6FE1DB-4930-46B5-868D-4445EF312A33", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_610:-:*:*:*:*:*:*:*", matchCriteriaId: "B600A94B-877D-42BA-B4F7-360198F3ECF6", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_620:-:*:*:*:*:*:*:*", matchCriteriaId: "36438CBB-37FB-455B-AE50-D68726E092BD", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_625:-:*:*:*:*:*:*:*", matchCriteriaId: "EC98A0F7-89B0-4BE0-A6EE-58EA39781E53", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_630:-:*:*:*:*:*:*:*", matchCriteriaId: "0B8C2CAC-B37E-47AD-AF02-C6BF5952DF87", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_635:-:*:*:*:*:*:*:*", matchCriteriaId: "635D27CF-65F3-4166-867E-7FD25EEE5303", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_640:-:*:*:*:*:*:*:*", matchCriteriaId: "95DB79D1-C580-4A62-B177-7E47737147F9", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_705:-:*:*:*:*:*:*:*", matchCriteriaId: "0225FE8D-16A7-4400-94F2-CE857D2255C7", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_710:-:*:*:*:*:*:*:*", matchCriteriaId: "1B72BBAC-CEBD-4405-B1EC-7535794FF5EB", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_720:-:*:*:*:*:*:*:*", matchCriteriaId: "BCC9048C-F848-48AD-BD5D-59D36E684949", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_730:-:*:*:*:*:*:*:*", matchCriteriaId: "A2C9365F-B4A5-4EA2-917B-2F07457017EB", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_740:-:*:*:*:*:*:*:*", matchCriteriaId: "21FE9995-2F38-4257-9FE1-2495D05D1993", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1050:-:*:*:*:*:*:*:*", matchCriteriaId: "D835EE77-6031-40D6-8305-F962F42E7018", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1050_ti:-:*:*:*:*:*:*:*", matchCriteriaId: "49C8D547-A817-4A62-9045-789843998A18", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1060:-:*:*:*:*:*:*:*", matchCriteriaId: "F0ED6F8E-1F82-4C50-9EEF-A5F58DB440AD", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1070:-:*:*:*:*:*:*:*", matchCriteriaId: "E884CEDD-CAA5-489D-A526-B628BB3DE460", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1070_ti:-:*:*:*:*:*:*:*", matchCriteriaId: "73F427BC-F15D-443D-B7F8-B0BB0C52C427", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1080:-:*:*:*:*:*:*:*", matchCriteriaId: "9E3455DE-4408-4603-86B2-5ECE76ED459C", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1080_ti:-:*:*:*:*:*:*:*", matchCriteriaId: "57CA2FAC-9170-4E68-B6A6-E2CD9CCF0600", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1650:-:*:*:*:*:*:*:*", matchCriteriaId: "2E8B18CF-58CF-48C8-A4AE-F6922E215E5C", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1650_super:-:*:*:*:*:*:*:*", matchCriteriaId: "FD84C049-7F87-4C92-9FCB-7BD7382E25E9", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1660:-:*:*:*:*:*:*:*", matchCriteriaId: "573887F7-E422-48AA-8205-56166D81536C", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1660_super:-:*:*:*:*:*:*:*", matchCriteriaId: "DA37A3BB-35DF-4863-9A95-29B631587DB0", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1660_ti:-:*:*:*:*:*:*:*", matchCriteriaId: "D3913E75-6B38-498F-9C6A-A4A8B752D5BC", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_645:-:*:*:*:*:*:*:*", matchCriteriaId: "C519FF2F-0AE9-4290-8115-F60EB9B830C3", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_650:-:*:*:*:*:*:*:*", matchCriteriaId: "0D0E7C6F-C42F-40E1-9DF1-2ED17938DCC1", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_650_ti:-:*:*:*:*:*:*:*", matchCriteriaId: "3A978D1E-BD96-4534-83FE-434F0157AB54", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_650_ti_boost:-:*:*:*:*:*:*:*", matchCriteriaId: "0FCD9648-DA33-4F4F-9AC7-7FB826205729", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_660:-:*:*:*:*:*:*:*", matchCriteriaId: "89B38FD5-B548-4BF7-8E35-37701320569C", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_660_ti:-:*:*:*:*:*:*:*", matchCriteriaId: "7AD0960F-EBEF-4876-8DC6-7B42B799105F", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_670:-:*:*:*:*:*:*:*", matchCriteriaId: "4A4F5E65-0E6F-47FD-8E5B-D00D5F82D467", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_680:-:*:*:*:*:*:*:*", matchCriteriaId: "07F9F2F5-AE1B-4BE5-8D6B-D16967A208F2", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_690:-:*:*:*:*:*:*:*", matchCriteriaId: "8416729C-0339-4B1C-99AC-C132D45744C7", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_745:-:*:*:*:*:*:*:*", matchCriteriaId: "8E733A3A-347E-4147-89AE-9EEC9B4DB787", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_750:-:*:*:*:*:*:*:*", matchCriteriaId: "EDC42D37-5DDE-4545-A4B9-7701749C0982", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_750_ti:-:*:*:*:*:*:*:*", matchCriteriaId: "7F2F1B32-CFEE-4417-843D-880302E4D6FF", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_760:-:*:*:*:*:*:*:*", matchCriteriaId: "B5176FD7-C3F6-4642-831C-1FE33D3E3B35", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_760_ti:-:*:*:*:*:*:*:*", matchCriteriaId: "F61534DC-EA6D-42E8-9AE5-AE6420906318", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_770:-:*:*:*:*:*:*:*", matchCriteriaId: "530C2C04-A37D-442C-BB0E-BEA01864D73C", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_780:-:*:*:*:*:*:*:*", matchCriteriaId: "22A5378C-2395-4D23-BD06-0995C5637857", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_780_ti:-:*:*:*:*:*:*:*", matchCriteriaId: "D651C50E-63D1-4FC6-8EEA-095E17A1342A", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_950:-:*:*:*:*:*:*:*", matchCriteriaId: "52379F40-A0B8-404F-8187-26D085F3568A", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_960:-:*:*:*:*:*:*:*", matchCriteriaId: "29D0D308-1A59-4D8C-930C-2B480E718FB2", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_970:-:*:*:*:*:*:*:*", matchCriteriaId: "B957ED4F-2A0E-4E6E-AF06-CC09722A4008", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_980:-:*:*:*:*:*:*:*", matchCriteriaId: "280BE7CC-3E8C-4630-BDA3-CFC409C2E5A2", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_titan_x:-:*:*:*:*:*:*:*", matchCriteriaId: "5A7ED258-77DC-45FA-B6AE-B9310049ECDE", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_rtx_2060:-:*:*:*:*:*:*:*", matchCriteriaId: "B5743279-2E97-4D92-A43B-732B9AE0979C", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_rtx_2060_super:-:*:*:*:*:*:*:*", matchCriteriaId: "A54F1D17-30C3-4912-858B-B656AE636C58", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_rtx_2070:-:*:*:*:*:*:*:*", matchCriteriaId: "9472E1FC-B22D-437B-A62E-9476A903F2BC", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_rtx_2070_super:-:*:*:*:*:*:*:*", matchCriteriaId: "483E83C0-FD09-4473-8036-A2E1C362A2E0", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_rtx_2080:-:*:*:*:*:*:*:*", matchCriteriaId: "88DEB01F-0C63-4EA1-878A-2DC9701DAA41", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_rtx_2080_super:-:*:*:*:*:*:*:*", matchCriteriaId: "633AB383-A5D6-4F0F-A973-FE777117A856", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_rtx_2080_ti:-:*:*:*:*:*:*:*", matchCriteriaId: "0BF0DE98-5862-4738-A8D5-06C9599B5317", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:gtx_titan:-:*:*:*:*:*:*:*", matchCriteriaId: "114895F2-AE45-4A46-BCFF-FD7C2573D88B", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:gtx_titan_black:-:*:*:*:*:*:*:*", matchCriteriaId: "E4A83155-9EA1-4F67-803F-3F8F692C6729", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:gtx_titan_z:-:*:*:*:*:*:*:*", matchCriteriaId: "FED1874A-9E4B-4725-A130-6CA872D491CA", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:jetson_agx_xavier_16gb:-:*:*:*:*:*:*:*", matchCriteriaId: "E0E081CB-B6EC-42DC-BA04-BCA13C17D190", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:jetson_agx_xavier_32gb:-:*:*:*:*:*:*:*", matchCriteriaId: "4F92D471-8E65-41FC-A5DE-255136F6F989", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:jetson_agx_xavier_8gb:-:*:*:*:*:*:*:*", matchCriteriaId: "E29459F7-997A-4B87-9164-6E3B5158ADC3", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:jetson_nano:-:*:*:*:*:*:*:*", matchCriteriaId: "2B2B041F-21A8-4F0B-BBAF-7CDD8B911547", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:jetson_nano:-:*:-:*:*:*:*:*", matchCriteriaId: "9244F123-8518-4D81-AD26-5695F27F413B", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:jetson_nano:-:*:developer_kit:*:*:*:*:*", matchCriteriaId: "80BF53A0-8FDF-4827-9C00-ED082C4A68C7", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx1:-:*:*:*:*:*:*:*", matchCriteriaId: "86D1FDAD-C594-43D9-9BF6-F7461177AB91", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2:-:*:*:*:*:*:*:*", matchCriteriaId: "DE9D4A55-A232-4AF2-B7E9-CD58D7D17479", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2_4gb:-:*:*:*:*:*:*:*", matchCriteriaId: "71994F94-5279-4107-99F5-48990AE0C686", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2_nx:-:*:*:*:*:*:*:*", matchCriteriaId: "64C3FB58-08AA-4FE4-97BE-21B254BA229F", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2i:-:*:*:*:*:*:*:*", matchCriteriaId: "5DF55ABB-1B4F-452E-9D84-C01A638F88A0", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:*:*:*:*:*:*", matchCriteriaId: "B0AA5976-FD71-4A53-BD4F-D342E871FEB0", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:developer_kit:*:*:*:*:*", matchCriteriaId: "3E54B955-F0E2-44BD-9B8C-3C788BBCF2A9", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:production:*:*:*:*:*", matchCriteriaId: "3E0C93C3-26F6-48E4-BADA-4DB05A7BA9D1", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:nvidia_hgx-2:-:*:*:*:*:*:*:*", matchCriteriaId: "9D697CF9-CBAE-4E29-AA3C-50FEDEB4F20E", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:nvidia_t1000:-:*:*:*:*:*:*:*", matchCriteriaId: "284CDDF2-12D5-4A35-9A1F-496E9112F798", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:nvidia_t2000:-:*:*:*:*:*:*:*", matchCriteriaId: "98CD730F-BBB7-4EE0-93B5-88555B9494B7", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:nvidia_t4:-:*:*:*:*:*:*:*", matchCriteriaId: "1292795D-A6ED-40D6-BE2D-D396909C5D59", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:nvidia_t400:-:*:*:*:*:*:*:*", matchCriteriaId: "80AA0372-BA25-4C5E-B464-13AB660D1D98", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:nvidia_t600:-:*:*:*:*:*:*:*", matchCriteriaId: "F6A7C069-DE2C-4390-8B2C-8A3175D692F7", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_gv100:-:*:*:*:*:*:*:*", matchCriteriaId: "A30CCD00-60D7-42B5-B88C-AF2BD81B796F", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m1000m:-:*:*:*:*:*:*:*", matchCriteriaId: "3896B47E-8787-45D2-96B3-BF4892780F35", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m1200:-:*:*:*:*:*:*:*", matchCriteriaId: "A1E9293F-C51A-40B0-9461-83A31366C8C5", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m2000:-:*:*:*:*:*:*:*", matchCriteriaId: "316C9573-7C7D-4429-8563-B74FD752AC51", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m2000m:-:*:*:*:*:*:*:*", matchCriteriaId: "6FEC13EF-BB2F-4ED2-BC8B-8234ABAEEE02", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m2200:-:*:*:*:*:*:*:*", matchCriteriaId: "E607C924-1682-4348-B6BF-31912E3A3D13", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m3000m:-:*:*:*:*:*:*:*", matchCriteriaId: "B5E13B65-F61B-44D4-B1D7-1E96D9CB45BD", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m4000:-:*:*:*:*:*:*:*", matchCriteriaId: "76ABA317-6621-4D57-874F-307451EC9C2E", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m4000m:-:*:*:*:*:*:*:*", matchCriteriaId: "477D72B5-A3EA-440A-B495-8A09E8564E8D", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m5000:-:*:*:*:*:*:*:*", matchCriteriaId: "F2B507EE-F005-4806-A8FC-8C8D9A31B0DB", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m5000m:-:*:*:*:*:*:*:*", matchCriteriaId: "DAD67DC6-AA36-4F93-B8DB-77EB8C153BCA", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m500m:-:*:*:*:*:*:*:*", matchCriteriaId: "E707A80B-6482-47DD-8BF3-6E58BC2C697A", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m520:-:*:*:*:*:*:*:*", matchCriteriaId: "2F5E94B4-0DF1-4F79-87A0-C90A6131091B", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m5500:-:*:*:*:*:*:*:*", matchCriteriaId: "0E8D2AC7-DC75-4BBA-BF4E-58BF88B49B11", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m6000:-:*:*:*:*:*:*:*", matchCriteriaId: "ED233BC3-6982-41E1-9205-5159C17A4A56", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m600m:-:*:*:*:*:*:*:*", matchCriteriaId: "7C186F38-89C7-4616-A424-201804F842C9", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m620:-:*:*:*:*:*:*:*", matchCriteriaId: "DB2D3A4D-0C03-402F-BB8A-2DE5AE14FDA5", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_p1000:-:*:*:*:*:*:*:*", matchCriteriaId: "DFB1F23E-99C5-4FBC-9E9C-8AD8A05AE8C8", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_p2000:-:*:*:*:*:*:*:*", matchCriteriaId: "05069DB9-7DD0-4FF1-8D98-8DC3A0B2AF77", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_p2200:-:*:*:*:*:*:*:*", matchCriteriaId: "02BC9134-0188-4F79-BAB6-77409617D752", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_p3000:-:*:*:*:*:*:*:*", matchCriteriaId: "BC64DC02-91A7-4E10-9023-6932A4A14D77", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_p3200:-:*:*:*:*:*:*:*", matchCriteriaId: "C91BB45E-C2BF-4B48-892B-82EF5710AA7E", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_p400:-:*:*:*:*:*:*:*", matchCriteriaId: "5E7CC54F-15FE-4ED8-AA5D-900AAFFAEEC6", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_p4000:-:*:*:*:*:*:*:*", matchCriteriaId: "8FBB9DDD-963E-4B10-B0BC-99588C82969F", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_p4200:-:*:*:*:*:*:*:*", matchCriteriaId: "CECB5A97-0088-4ACD-9A9C-964D4C3DE699", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_p500:-:*:*:*:*:*:*:*", matchCriteriaId: "4E57FD81-AC93-49BE-B0E1-FB5699CE7A52", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_p5000:-:*:*:*:*:*:*:*", matchCriteriaId: "DCDC421C-3B8F-4EAA-A2D4-14C14CD7F3DB", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_p520:-:*:*:*:*:*:*:*", matchCriteriaId: "453E0F78-7B35-42B2-B5FA-43ACE9F7602A", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_p5200:-:*:*:*:*:*:*:*", matchCriteriaId: "004D6C59-E6C9-4E0E-BBA8-8E3AD0F0BC1F", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_p600:-:*:*:*:*:*:*:*", matchCriteriaId: "BC5FA1F3-5D7E-4085-B5D3-D86CF5A6E412", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_p6000:-:*:*:*:*:*:*:*", matchCriteriaId: "60176B23-2751-4415-A0D3-DF1BE640F6C3", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_p620:-:*:*:*:*:*:*:*", matchCriteriaId: "3F9219FD-849D-4A0A-97F0-85492B4B2189", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_rtx_3000:-:*:*:*:*:*:*:*", matchCriteriaId: "7F4AB1BC-2B82-4C12-96B0-B269462032B3", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_rtx_4000:-:*:*:*:*:*:*:*", matchCriteriaId: "323643CB-D03C-47D1-9FAF-0A5C0777DF61", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_rtx_5000:-:*:*:*:*:*:*:*", matchCriteriaId: "A5175F77-1E61-4296-AFDD-F00D1C0B5560", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_rtx_6000:-:*:*:*:*:*:*:*", matchCriteriaId: "F06F4994-5EDF-4652-B673-4F90907994DE", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_rtx_8000:-:*:*:*:*:*:*:*", matchCriteriaId: "66216B9A-F79D-4681-BBC4-6F5D80A3E5EE", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_t1000:-:*:*:*:*:*:*:*", matchCriteriaId: "33D439F5-86EC-47FC-826A-229C028EB149", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_t2000:-:*:*:*:*:*:*:*", matchCriteriaId: "CD476101-4981-46F9-9898-717701C0CAE0", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_t400:-:*:*:*:*:*:*:*", matchCriteriaId: "85351FD4-28CD-4392-B154-90E4DE270F7F", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_t600:-:*:*:*:*:*:*:*", matchCriteriaId: "109B8099-C1AD-4695-877A-13B4301FEBB7", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:shield_tv:-:*:*:*:*:*:*:*", matchCriteriaId: "49F85C44-6B7E-4B7C-AC8D-9D5727DFA0B8", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:shield_tv_pro:-:*:*:*:*:*:*:*", matchCriteriaId: "76300BC2-B496-4B4D-979B-6C56F590449A", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:tesla_m10:-:*:*:*:*:*:*:*", matchCriteriaId: "343850DA-E975-467A-99A2-852E24135DD2", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:tesla_m4:-:*:*:*:*:*:*:*", matchCriteriaId: "B8C459A6-EE1D-482F-BC23-866836870512", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:tesla_m40:-:*:*:*:*:*:*:*", matchCriteriaId: "A6DDBF7C-C346-4515-AD0D-922E7E2F09E8", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:tesla_m6:-:*:*:*:*:*:*:*", matchCriteriaId: "2E92C2C2-1CF7-4531-B431-D67BF6049635", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:tesla_m60:-:*:*:*:*:*:*:*", matchCriteriaId: "44B63168-6671-4D31-A984-B0A0F71CB799", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:tesla_p100:-:*:*:*:*:*:*:*", matchCriteriaId: "6299665D-182A-4F2C-B451-1103B943CAE2", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:tesla_p4:-:*:*:*:*:*:*:*", matchCriteriaId: "EDCAD45A-986C-42AE-80F6-728E9427187C", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:tesla_p40:-:*:*:*:*:*:*:*", matchCriteriaId: "B4D9D634-1F0C-49A7-B680-24423CA6468E", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:tesla_p6:-:*:*:*:*:*:*:*", matchCriteriaId: "656DD5D8-A9DC-4A18-A444-C1D73580C6E9", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:tesla_v100:-:*:*:*:*:*:*:*", matchCriteriaId: "B2CC382C-4F8D-471B-B525-DE28D60E14EF", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:tesla_v100s:-:*:*:*:*:*:*:*", matchCriteriaId: "E5E8719D-831E-4703-9989-A33782F4FFBE", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:titan_rtx:-:*:*:*:*:*:*:*", matchCriteriaId: "C494A0AF-5DBF-47BE-8156-3CB876BAE779", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:titan_v:-:*:*:*:*:*:*:*", matchCriteriaId: "8751F9FE-920A-4438-B0E3-F6F493B1B72C", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:titan_x:-:*:*:*:*:*:*:*", matchCriteriaId: "2FABA79A-A70A-40A5-ADA7-893EAB42FE9E", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:titan_xp:-:*:*:*:*:*:*:*", matchCriteriaId: "0C9A97E1-2F0F-495D-97E8-0538AAC066EE", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", matchCriteriaId: "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", vulnerable: false, }, { criteria: "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", matchCriteriaId: "A2572D17-1DE6-457B-99CC-64AFD54487EA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to access debug registers during runtime, which may lead to information disclosure.", }, { lang: "es", value: "La GPU NVIDIA y el hardware Tegra contienen una vulnerabilidad en el microcontrolador interno que puede permitir a un usuario con altos privilegios acceder a los registros de depuración durante el tiempo de ejecución, que puede conllevar a una divulgación de información", }, ], id: "CVE-2021-1105", lastModified: "2024-11-21T05:43:36.420", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.1, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 4.1, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 0.5, impactScore: 3.6, source: "psirt@nvidia.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-11-20T15:15:07.743", references: [ { source: "psirt@nvidia.com", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5263", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5263", }, ], sourceIdentifier: "psirt@nvidia.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-06-30 11:15
Modified
2024-11-21 06:10
Severity ?
6.3 (Medium) - CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Bootloader contains a vulnerability in NVIDIA MB2 where a potential heap overflow could cause memory corruption, which might lead to denial of service or code execution.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| nvidia | jetson_linux | * | |
| nvidia | jetson_agx_xavier_16gb | - | |
| nvidia | jetson_agx_xavier_32gb | - | |
| nvidia | jetson_agx_xavier_8gb | - | |
| nvidia | jetson_tx2 | - | |
| nvidia | jetson_tx2_4gb | - | |
| nvidia | jetson_tx2_nx | - | |
| nvidia | jetson_tx2i | - | |
| nvidia | jetson_xavier_nx | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:nvidia:jetson_linux:*:*:*:*:*:*:*:*", matchCriteriaId: "E8941F71-0292-414E-AEA5-DD55EA3C2009", versionEndExcluding: "32.5.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:nvidia:jetson_agx_xavier_16gb:-:*:*:*:*:*:*:*", matchCriteriaId: "E0E081CB-B6EC-42DC-BA04-BCA13C17D190", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_agx_xavier_32gb:-:*:*:*:*:*:*:*", matchCriteriaId: "4F92D471-8E65-41FC-A5DE-255136F6F989", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_agx_xavier_8gb:-:*:*:*:*:*:*:*", matchCriteriaId: "E29459F7-997A-4B87-9164-6E3B5158ADC3", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2:-:*:*:*:*:*:*:*", matchCriteriaId: "DE9D4A55-A232-4AF2-B7E9-CD58D7D17479", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2_4gb:-:*:*:*:*:*:*:*", matchCriteriaId: "71994F94-5279-4107-99F5-48990AE0C686", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2_nx:-:*:*:*:*:*:*:*", matchCriteriaId: "64C3FB58-08AA-4FE4-97BE-21B254BA229F", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2i:-:*:*:*:*:*:*:*", matchCriteriaId: "5DF55ABB-1B4F-452E-9D84-C01A638F88A0", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:*:*:*:*:*:*", matchCriteriaId: "B0AA5976-FD71-4A53-BD4F-D342E871FEB0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Bootloader contains a vulnerability in NVIDIA MB2 where a potential heap overflow could cause memory corruption, which might lead to denial of service or code execution.", }, { lang: "es", value: "El cargador de arranque contiene una vulnerabilidad en NVIDIA MB2 donde un potencial desbordamiento de pila podría causar una corrupción de memoria, lo que podría conllevar a una denegación de servicio o una ejecución de código", }, ], id: "CVE-2021-34384", lastModified: "2024-11-21T06:10:17.090", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H", version: "3.1", }, exploitabilityScore: 1, impactScore: 5.2, source: "psirt@nvidia.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-06-30T11:15:08.857", references: [ { source: "psirt@nvidia.com", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5205", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5205", }, ], sourceIdentifier: "psirt@nvidia.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-06-30 11:15
Modified
2024-11-21 06:10
Severity ?
7.7 (High) - CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Trusty contains a vulnerability in the HDCP service TA where bounds checking in command 11 is missing. Improper restriction of operations within the bounds of a memory buffer might lead to information disclosure, denial of service, or escalation of privileges.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| nvidia | jetson_linux | * | |
| nvidia | jetson_agx_xavier_16gb | - | |
| nvidia | jetson_agx_xavier_32gb | - | |
| nvidia | jetson_agx_xavier_8gb | - | |
| nvidia | jetson_tx2 | - | |
| nvidia | jetson_tx2_4gb | - | |
| nvidia | jetson_tx2_nx | - | |
| nvidia | jetson_tx2i | - | |
| nvidia | jetson_xavier_nx | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:nvidia:jetson_linux:*:*:*:*:*:*:*:*", matchCriteriaId: "E8941F71-0292-414E-AEA5-DD55EA3C2009", versionEndExcluding: "32.5.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:nvidia:jetson_agx_xavier_16gb:-:*:*:*:*:*:*:*", matchCriteriaId: "E0E081CB-B6EC-42DC-BA04-BCA13C17D190", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_agx_xavier_32gb:-:*:*:*:*:*:*:*", matchCriteriaId: "4F92D471-8E65-41FC-A5DE-255136F6F989", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_agx_xavier_8gb:-:*:*:*:*:*:*:*", matchCriteriaId: "E29459F7-997A-4B87-9164-6E3B5158ADC3", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2:-:*:*:*:*:*:*:*", matchCriteriaId: "DE9D4A55-A232-4AF2-B7E9-CD58D7D17479", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2_4gb:-:*:*:*:*:*:*:*", matchCriteriaId: "71994F94-5279-4107-99F5-48990AE0C686", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2_nx:-:*:*:*:*:*:*:*", matchCriteriaId: "64C3FB58-08AA-4FE4-97BE-21B254BA229F", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2i:-:*:*:*:*:*:*:*", matchCriteriaId: "5DF55ABB-1B4F-452E-9D84-C01A638F88A0", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:*:*:*:*:*:*", matchCriteriaId: "B0AA5976-FD71-4A53-BD4F-D342E871FEB0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Trusty contains a vulnerability in the HDCP service TA where bounds checking in command 11 is missing. Improper restriction of operations within the bounds of a memory buffer might lead to information disclosure, denial of service, or escalation of privileges.", }, { lang: "es", value: "Trusty contiene una vulnerabilidad en el servicio HDCP TA donde falta la comprobación de límites en el comando 11. La restricción inapropiada de las operaciones dentro de los límites de un búfer de memoria podría conllevar a una divulgación de información, la denegación de servicio o la escalada de privilegios", }, ], id: "CVE-2021-34378", lastModified: "2024-11-21T06:10:16.290", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.7, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.1, impactScore: 6, source: "psirt@nvidia.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-06-30T11:15:08.503", references: [ { source: "psirt@nvidia.com", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5205", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5205", }, ], sourceIdentifier: "psirt@nvidia.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-08-11 22:15
Modified
2024-11-21 05:43
Severity ?
6.7 (Medium) - CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:H
6.7 (Medium) - CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:H
6.7 (Medium) - CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:H
Summary
Bootloader contains a vulnerability in the NV3P server where any user with physical access through USB can trigger an incorrect bounds check, which may lead to buffer overflow, resulting in limited information disclosure, limited data integrity, and denial of service across all components.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| nvidia | jetson_linux | * | |
| nvidia | jetson_agx_xavier | - | |
| nvidia | jetson_tx2 | - | |
| nvidia | jetson_tx2_nx | - | |
| nvidia | jetson_xavier_nx | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:nvidia:jetson_linux:*:*:*:*:*:*:*:*", matchCriteriaId: "9E69A431-2B5A-4718-BCD2-CA2D1077641B", versionEndExcluding: "32.6.1", versionStartIncluding: "32.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:nvidia:jetson_agx_xavier:-:*:*:*:*:*:*:*", matchCriteriaId: "5DD3D2AA-2A9F-470D-BB0F-A7B7C2EC2490", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2:-:*:*:*:*:*:*:*", matchCriteriaId: "DE9D4A55-A232-4AF2-B7E9-CD58D7D17479", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2_nx:-:*:*:*:*:*:*:*", matchCriteriaId: "64C3FB58-08AA-4FE4-97BE-21B254BA229F", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:*:*:*:*:*:*", matchCriteriaId: "B0AA5976-FD71-4A53-BD4F-D342E871FEB0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Bootloader contains a vulnerability in the NV3P server where any user with physical access through USB can trigger an incorrect bounds check, which may lead to buffer overflow, resulting in limited information disclosure, limited data integrity, and denial of service across all components.", }, { lang: "es", value: "El gestor de arranque contiene una vulnerabilidad en el servidor NV3P en la que cualquier usuario con acceso físico a través de USB puede desencadenar una comprobación de límites incorrecta, lo que puede provocar un desbordamiento del búfer, dando lugar a una divulgación de información limitada, una integridad de datos limitada y una denegación de servicio en todos los componentes", }, ], id: "CVE-2021-1111", lastModified: "2024-11-21T05:43:37.157", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "PHYSICAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:H", version: "3.1", }, exploitabilityScore: 0.9, impactScore: 5.3, source: "psirt@nvidia.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "PHYSICAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:H", version: "3.1", }, exploitabilityScore: 0.9, impactScore: 5.3, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-08-11T22:15:08.327", references: [ { source: "psirt@nvidia.com", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5216", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5216", }, ], sourceIdentifier: "psirt@nvidia.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "psirt@nvidia.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-125", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-06-30 11:15
Modified
2024-11-21 06:10
Severity ?
7.7 (High) - CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Trusty contains a vulnerability in all trusted applications (TAs) where the stack cookie was not randomized, which might result in stack-based buffer overflow, leading to denial of service, escalation of privileges, and information disclosure.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| nvidia | jetson_linux | * | |
| nvidia | jetson_agx_xavier_16gb | - | |
| nvidia | jetson_agx_xavier_32gb | - | |
| nvidia | jetson_agx_xavier_8gb | - | |
| nvidia | jetson_tx2 | - | |
| nvidia | jetson_tx2_4gb | - | |
| nvidia | jetson_tx2_nx | - | |
| nvidia | jetson_tx2i | - | |
| nvidia | jetson_xavier_nx | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:nvidia:jetson_linux:*:*:*:*:*:*:*:*", matchCriteriaId: "E8941F71-0292-414E-AEA5-DD55EA3C2009", versionEndExcluding: "32.5.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:nvidia:jetson_agx_xavier_16gb:-:*:*:*:*:*:*:*", matchCriteriaId: "E0E081CB-B6EC-42DC-BA04-BCA13C17D190", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_agx_xavier_32gb:-:*:*:*:*:*:*:*", matchCriteriaId: "4F92D471-8E65-41FC-A5DE-255136F6F989", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_agx_xavier_8gb:-:*:*:*:*:*:*:*", matchCriteriaId: "E29459F7-997A-4B87-9164-6E3B5158ADC3", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2:-:*:*:*:*:*:*:*", matchCriteriaId: "DE9D4A55-A232-4AF2-B7E9-CD58D7D17479", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2_4gb:-:*:*:*:*:*:*:*", matchCriteriaId: "71994F94-5279-4107-99F5-48990AE0C686", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2_nx:-:*:*:*:*:*:*:*", matchCriteriaId: "64C3FB58-08AA-4FE4-97BE-21B254BA229F", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2i:-:*:*:*:*:*:*:*", matchCriteriaId: "5DF55ABB-1B4F-452E-9D84-C01A638F88A0", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:*:*:*:*:*:*", matchCriteriaId: "B0AA5976-FD71-4A53-BD4F-D342E871FEB0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Trusty contains a vulnerability in all trusted applications (TAs) where the stack cookie was not randomized, which might result in stack-based buffer overflow, leading to denial of service, escalation of privileges, and information disclosure.", }, { lang: "es", value: "Trusty contiene una vulnerabilidad en todas las aplicaciones confiables (TAs) donde la cookie de la pila no fue aleatoria, lo que podría resultar en un desbordamiento del búfer en la región stack de la memoria, conllevando a una denegación de servicio, escalada de privilegios y divulgación de información", }, ], id: "CVE-2021-34375", lastModified: "2024-11-21T06:10:15.873", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.7, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.1, impactScore: 6, source: "psirt@nvidia.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-06-30T11:15:08.333", references: [ { source: "psirt@nvidia.com", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5205", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5205", }, ], sourceIdentifier: "psirt@nvidia.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-11-20 15:15
Modified
2024-11-21 05:43
Severity ?
4.1 (Medium) - CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Summary
NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to utilize debug mechanisms with insufficient access control, which may lead to information disclosure.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:h:nvidia:dgx-1_p100:-:*:*:*:*:*:*:*", matchCriteriaId: "47EAF1F2-41D7-4F6F-A6F4-CDC36F544204", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:dgx-1_v100:-:*:*:*:*:*:*:*", matchCriteriaId: "CBFD6294-13E6-4615-8BB0-7863CC5E62B4", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:dgx-2:-:*:*:*:*:*:*:*", matchCriteriaId: "2578180E-CD9E-4D45-B092-CEFDC3653878", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:dgx_station_a100:-:*:*:*:*:*:*:*", matchCriteriaId: "96A05233-855C-4099-BF73-0D04F8F58A44", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:drive_constellation:-:*:*:*:*:*:*:*", matchCriteriaId: "36517415-0642-4DF2-9CAF-CC73DFD301D3", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_605:-:*:*:*:*:*:*:*", matchCriteriaId: "6A6FE1DB-4930-46B5-868D-4445EF312A33", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_610:-:*:*:*:*:*:*:*", matchCriteriaId: "B600A94B-877D-42BA-B4F7-360198F3ECF6", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_620:-:*:*:*:*:*:*:*", matchCriteriaId: "36438CBB-37FB-455B-AE50-D68726E092BD", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_625:-:*:*:*:*:*:*:*", matchCriteriaId: "EC98A0F7-89B0-4BE0-A6EE-58EA39781E53", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_630:-:*:*:*:*:*:*:*", matchCriteriaId: "0B8C2CAC-B37E-47AD-AF02-C6BF5952DF87", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_635:-:*:*:*:*:*:*:*", matchCriteriaId: "635D27CF-65F3-4166-867E-7FD25EEE5303", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_640:-:*:*:*:*:*:*:*", matchCriteriaId: "95DB79D1-C580-4A62-B177-7E47737147F9", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_705:-:*:*:*:*:*:*:*", matchCriteriaId: "0225FE8D-16A7-4400-94F2-CE857D2255C7", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_710:-:*:*:*:*:*:*:*", matchCriteriaId: "1B72BBAC-CEBD-4405-B1EC-7535794FF5EB", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_720:-:*:*:*:*:*:*:*", matchCriteriaId: "BCC9048C-F848-48AD-BD5D-59D36E684949", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_730:-:*:*:*:*:*:*:*", matchCriteriaId: "A2C9365F-B4A5-4EA2-917B-2F07457017EB", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_740:-:*:*:*:*:*:*:*", matchCriteriaId: "21FE9995-2F38-4257-9FE1-2495D05D1993", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1050:-:*:*:*:*:*:*:*", matchCriteriaId: "D835EE77-6031-40D6-8305-F962F42E7018", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1050_ti:-:*:*:*:*:*:*:*", matchCriteriaId: "49C8D547-A817-4A62-9045-789843998A18", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1060:-:*:*:*:*:*:*:*", matchCriteriaId: "F0ED6F8E-1F82-4C50-9EEF-A5F58DB440AD", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1070:-:*:*:*:*:*:*:*", matchCriteriaId: "E884CEDD-CAA5-489D-A526-B628BB3DE460", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1070_ti:-:*:*:*:*:*:*:*", matchCriteriaId: "73F427BC-F15D-443D-B7F8-B0BB0C52C427", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1080:-:*:*:*:*:*:*:*", matchCriteriaId: "9E3455DE-4408-4603-86B2-5ECE76ED459C", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1080_ti:-:*:*:*:*:*:*:*", matchCriteriaId: "57CA2FAC-9170-4E68-B6A6-E2CD9CCF0600", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1650:-:*:*:*:*:*:*:*", matchCriteriaId: "2E8B18CF-58CF-48C8-A4AE-F6922E215E5C", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1650_super:-:*:*:*:*:*:*:*", matchCriteriaId: "FD84C049-7F87-4C92-9FCB-7BD7382E25E9", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1660:-:*:*:*:*:*:*:*", matchCriteriaId: "573887F7-E422-48AA-8205-56166D81536C", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1660_super:-:*:*:*:*:*:*:*", matchCriteriaId: "DA37A3BB-35DF-4863-9A95-29B631587DB0", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1660_ti:-:*:*:*:*:*:*:*", matchCriteriaId: "D3913E75-6B38-498F-9C6A-A4A8B752D5BC", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_645:-:*:*:*:*:*:*:*", matchCriteriaId: "C519FF2F-0AE9-4290-8115-F60EB9B830C3", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_650:-:*:*:*:*:*:*:*", matchCriteriaId: "0D0E7C6F-C42F-40E1-9DF1-2ED17938DCC1", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_650_ti:-:*:*:*:*:*:*:*", matchCriteriaId: "3A978D1E-BD96-4534-83FE-434F0157AB54", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_650_ti_boost:-:*:*:*:*:*:*:*", matchCriteriaId: "0FCD9648-DA33-4F4F-9AC7-7FB826205729", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_660:-:*:*:*:*:*:*:*", matchCriteriaId: "89B38FD5-B548-4BF7-8E35-37701320569C", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_660_ti:-:*:*:*:*:*:*:*", matchCriteriaId: "7AD0960F-EBEF-4876-8DC6-7B42B799105F", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_670:-:*:*:*:*:*:*:*", matchCriteriaId: "4A4F5E65-0E6F-47FD-8E5B-D00D5F82D467", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_680:-:*:*:*:*:*:*:*", matchCriteriaId: "07F9F2F5-AE1B-4BE5-8D6B-D16967A208F2", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_690:-:*:*:*:*:*:*:*", matchCriteriaId: "8416729C-0339-4B1C-99AC-C132D45744C7", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_745:-:*:*:*:*:*:*:*", matchCriteriaId: "8E733A3A-347E-4147-89AE-9EEC9B4DB787", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_750:-:*:*:*:*:*:*:*", matchCriteriaId: "EDC42D37-5DDE-4545-A4B9-7701749C0982", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_750_ti:-:*:*:*:*:*:*:*", matchCriteriaId: "7F2F1B32-CFEE-4417-843D-880302E4D6FF", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_760:-:*:*:*:*:*:*:*", matchCriteriaId: "B5176FD7-C3F6-4642-831C-1FE33D3E3B35", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_760_ti:-:*:*:*:*:*:*:*", matchCriteriaId: "F61534DC-EA6D-42E8-9AE5-AE6420906318", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_770:-:*:*:*:*:*:*:*", matchCriteriaId: "530C2C04-A37D-442C-BB0E-BEA01864D73C", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_780:-:*:*:*:*:*:*:*", matchCriteriaId: "22A5378C-2395-4D23-BD06-0995C5637857", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_780_ti:-:*:*:*:*:*:*:*", matchCriteriaId: "D651C50E-63D1-4FC6-8EEA-095E17A1342A", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_950:-:*:*:*:*:*:*:*", matchCriteriaId: "52379F40-A0B8-404F-8187-26D085F3568A", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_960:-:*:*:*:*:*:*:*", matchCriteriaId: "29D0D308-1A59-4D8C-930C-2B480E718FB2", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_970:-:*:*:*:*:*:*:*", matchCriteriaId: "B957ED4F-2A0E-4E6E-AF06-CC09722A4008", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_980:-:*:*:*:*:*:*:*", matchCriteriaId: "280BE7CC-3E8C-4630-BDA3-CFC409C2E5A2", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_titan_x:-:*:*:*:*:*:*:*", matchCriteriaId: "5A7ED258-77DC-45FA-B6AE-B9310049ECDE", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_rtx_2060:-:*:*:*:*:*:*:*", matchCriteriaId: "B5743279-2E97-4D92-A43B-732B9AE0979C", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_rtx_2060_super:-:*:*:*:*:*:*:*", matchCriteriaId: "A54F1D17-30C3-4912-858B-B656AE636C58", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_rtx_2070:-:*:*:*:*:*:*:*", matchCriteriaId: "9472E1FC-B22D-437B-A62E-9476A903F2BC", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_rtx_2070_super:-:*:*:*:*:*:*:*", matchCriteriaId: "483E83C0-FD09-4473-8036-A2E1C362A2E0", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_rtx_2080:-:*:*:*:*:*:*:*", matchCriteriaId: "88DEB01F-0C63-4EA1-878A-2DC9701DAA41", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_rtx_2080_super:-:*:*:*:*:*:*:*", matchCriteriaId: "633AB383-A5D6-4F0F-A973-FE777117A856", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_rtx_2080_ti:-:*:*:*:*:*:*:*", matchCriteriaId: "0BF0DE98-5862-4738-A8D5-06C9599B5317", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:gtx_titan:-:*:*:*:*:*:*:*", matchCriteriaId: "114895F2-AE45-4A46-BCFF-FD7C2573D88B", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:gtx_titan_black:-:*:*:*:*:*:*:*", matchCriteriaId: "E4A83155-9EA1-4F67-803F-3F8F692C6729", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:gtx_titan_z:-:*:*:*:*:*:*:*", matchCriteriaId: "FED1874A-9E4B-4725-A130-6CA872D491CA", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:jetson_agx_xavier_16gb:-:*:*:*:*:*:*:*", matchCriteriaId: "E0E081CB-B6EC-42DC-BA04-BCA13C17D190", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:jetson_agx_xavier_32gb:-:*:*:*:*:*:*:*", matchCriteriaId: "4F92D471-8E65-41FC-A5DE-255136F6F989", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:jetson_agx_xavier_8gb:-:*:*:*:*:*:*:*", matchCriteriaId: "E29459F7-997A-4B87-9164-6E3B5158ADC3", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:jetson_nano:-:*:*:*:*:*:*:*", matchCriteriaId: "2B2B041F-21A8-4F0B-BBAF-7CDD8B911547", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:jetson_nano:-:*:-:*:*:*:*:*", matchCriteriaId: "9244F123-8518-4D81-AD26-5695F27F413B", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:jetson_nano:-:*:developer_kit:*:*:*:*:*", matchCriteriaId: "80BF53A0-8FDF-4827-9C00-ED082C4A68C7", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx1:-:*:*:*:*:*:*:*", matchCriteriaId: "86D1FDAD-C594-43D9-9BF6-F7461177AB91", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2:-:*:*:*:*:*:*:*", matchCriteriaId: "DE9D4A55-A232-4AF2-B7E9-CD58D7D17479", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2_4gb:-:*:*:*:*:*:*:*", matchCriteriaId: "71994F94-5279-4107-99F5-48990AE0C686", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2_nx:-:*:*:*:*:*:*:*", matchCriteriaId: "64C3FB58-08AA-4FE4-97BE-21B254BA229F", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2i:-:*:*:*:*:*:*:*", matchCriteriaId: "5DF55ABB-1B4F-452E-9D84-C01A638F88A0", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:*:*:*:*:*:*", matchCriteriaId: "B0AA5976-FD71-4A53-BD4F-D342E871FEB0", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:developer_kit:*:*:*:*:*", matchCriteriaId: "3E54B955-F0E2-44BD-9B8C-3C788BBCF2A9", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:production:*:*:*:*:*", matchCriteriaId: "3E0C93C3-26F6-48E4-BADA-4DB05A7BA9D1", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:nvidia_hgx-2:-:*:*:*:*:*:*:*", matchCriteriaId: "9D697CF9-CBAE-4E29-AA3C-50FEDEB4F20E", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:nvidia_t1000:-:*:*:*:*:*:*:*", matchCriteriaId: "284CDDF2-12D5-4A35-9A1F-496E9112F798", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:nvidia_t2000:-:*:*:*:*:*:*:*", matchCriteriaId: "98CD730F-BBB7-4EE0-93B5-88555B9494B7", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:nvidia_t4:-:*:*:*:*:*:*:*", matchCriteriaId: "1292795D-A6ED-40D6-BE2D-D396909C5D59", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:nvidia_t400:-:*:*:*:*:*:*:*", matchCriteriaId: "80AA0372-BA25-4C5E-B464-13AB660D1D98", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:nvidia_t600:-:*:*:*:*:*:*:*", matchCriteriaId: "F6A7C069-DE2C-4390-8B2C-8A3175D692F7", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_gv100:-:*:*:*:*:*:*:*", matchCriteriaId: "A30CCD00-60D7-42B5-B88C-AF2BD81B796F", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m1000m:-:*:*:*:*:*:*:*", matchCriteriaId: "3896B47E-8787-45D2-96B3-BF4892780F35", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m1200:-:*:*:*:*:*:*:*", matchCriteriaId: "A1E9293F-C51A-40B0-9461-83A31366C8C5", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m2000:-:*:*:*:*:*:*:*", matchCriteriaId: "316C9573-7C7D-4429-8563-B74FD752AC51", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m2000m:-:*:*:*:*:*:*:*", matchCriteriaId: "6FEC13EF-BB2F-4ED2-BC8B-8234ABAEEE02", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m2200:-:*:*:*:*:*:*:*", matchCriteriaId: "E607C924-1682-4348-B6BF-31912E3A3D13", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m3000m:-:*:*:*:*:*:*:*", matchCriteriaId: "B5E13B65-F61B-44D4-B1D7-1E96D9CB45BD", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m4000:-:*:*:*:*:*:*:*", matchCriteriaId: "76ABA317-6621-4D57-874F-307451EC9C2E", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m4000m:-:*:*:*:*:*:*:*", matchCriteriaId: "477D72B5-A3EA-440A-B495-8A09E8564E8D", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m5000:-:*:*:*:*:*:*:*", matchCriteriaId: "F2B507EE-F005-4806-A8FC-8C8D9A31B0DB", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m5000m:-:*:*:*:*:*:*:*", matchCriteriaId: "DAD67DC6-AA36-4F93-B8DB-77EB8C153BCA", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m500m:-:*:*:*:*:*:*:*", matchCriteriaId: "E707A80B-6482-47DD-8BF3-6E58BC2C697A", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m520:-:*:*:*:*:*:*:*", matchCriteriaId: "2F5E94B4-0DF1-4F79-87A0-C90A6131091B", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m5500:-:*:*:*:*:*:*:*", matchCriteriaId: "0E8D2AC7-DC75-4BBA-BF4E-58BF88B49B11", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m6000:-:*:*:*:*:*:*:*", matchCriteriaId: "ED233BC3-6982-41E1-9205-5159C17A4A56", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m600m:-:*:*:*:*:*:*:*", matchCriteriaId: "7C186F38-89C7-4616-A424-201804F842C9", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m620:-:*:*:*:*:*:*:*", matchCriteriaId: "DB2D3A4D-0C03-402F-BB8A-2DE5AE14FDA5", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_p1000:-:*:*:*:*:*:*:*", matchCriteriaId: "DFB1F23E-99C5-4FBC-9E9C-8AD8A05AE8C8", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_p2000:-:*:*:*:*:*:*:*", matchCriteriaId: "05069DB9-7DD0-4FF1-8D98-8DC3A0B2AF77", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_p2200:-:*:*:*:*:*:*:*", matchCriteriaId: "02BC9134-0188-4F79-BAB6-77409617D752", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_p3000:-:*:*:*:*:*:*:*", matchCriteriaId: "BC64DC02-91A7-4E10-9023-6932A4A14D77", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_p3200:-:*:*:*:*:*:*:*", matchCriteriaId: "C91BB45E-C2BF-4B48-892B-82EF5710AA7E", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_p400:-:*:*:*:*:*:*:*", matchCriteriaId: "5E7CC54F-15FE-4ED8-AA5D-900AAFFAEEC6", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_p4000:-:*:*:*:*:*:*:*", matchCriteriaId: "8FBB9DDD-963E-4B10-B0BC-99588C82969F", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_p4200:-:*:*:*:*:*:*:*", matchCriteriaId: "CECB5A97-0088-4ACD-9A9C-964D4C3DE699", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_p500:-:*:*:*:*:*:*:*", matchCriteriaId: "4E57FD81-AC93-49BE-B0E1-FB5699CE7A52", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_p5000:-:*:*:*:*:*:*:*", matchCriteriaId: "DCDC421C-3B8F-4EAA-A2D4-14C14CD7F3DB", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_p520:-:*:*:*:*:*:*:*", matchCriteriaId: "453E0F78-7B35-42B2-B5FA-43ACE9F7602A", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_p5200:-:*:*:*:*:*:*:*", matchCriteriaId: "004D6C59-E6C9-4E0E-BBA8-8E3AD0F0BC1F", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_p600:-:*:*:*:*:*:*:*", matchCriteriaId: "BC5FA1F3-5D7E-4085-B5D3-D86CF5A6E412", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_p6000:-:*:*:*:*:*:*:*", matchCriteriaId: "60176B23-2751-4415-A0D3-DF1BE640F6C3", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_p620:-:*:*:*:*:*:*:*", matchCriteriaId: "3F9219FD-849D-4A0A-97F0-85492B4B2189", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_rtx_3000:-:*:*:*:*:*:*:*", matchCriteriaId: "7F4AB1BC-2B82-4C12-96B0-B269462032B3", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_rtx_4000:-:*:*:*:*:*:*:*", matchCriteriaId: "323643CB-D03C-47D1-9FAF-0A5C0777DF61", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_rtx_5000:-:*:*:*:*:*:*:*", matchCriteriaId: "A5175F77-1E61-4296-AFDD-F00D1C0B5560", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_rtx_6000:-:*:*:*:*:*:*:*", matchCriteriaId: "F06F4994-5EDF-4652-B673-4F90907994DE", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_rtx_8000:-:*:*:*:*:*:*:*", matchCriteriaId: "66216B9A-F79D-4681-BBC4-6F5D80A3E5EE", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_t1000:-:*:*:*:*:*:*:*", matchCriteriaId: "33D439F5-86EC-47FC-826A-229C028EB149", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_t2000:-:*:*:*:*:*:*:*", matchCriteriaId: "CD476101-4981-46F9-9898-717701C0CAE0", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_t400:-:*:*:*:*:*:*:*", matchCriteriaId: "85351FD4-28CD-4392-B154-90E4DE270F7F", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_t600:-:*:*:*:*:*:*:*", matchCriteriaId: "109B8099-C1AD-4695-877A-13B4301FEBB7", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:shield_tv:-:*:*:*:*:*:*:*", matchCriteriaId: "49F85C44-6B7E-4B7C-AC8D-9D5727DFA0B8", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:shield_tv_pro:-:*:*:*:*:*:*:*", matchCriteriaId: "76300BC2-B496-4B4D-979B-6C56F590449A", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:tesla_m10:-:*:*:*:*:*:*:*", matchCriteriaId: "343850DA-E975-467A-99A2-852E24135DD2", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:tesla_m4:-:*:*:*:*:*:*:*", matchCriteriaId: "B8C459A6-EE1D-482F-BC23-866836870512", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:tesla_m40:-:*:*:*:*:*:*:*", matchCriteriaId: "A6DDBF7C-C346-4515-AD0D-922E7E2F09E8", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:tesla_m6:-:*:*:*:*:*:*:*", matchCriteriaId: "2E92C2C2-1CF7-4531-B431-D67BF6049635", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:tesla_m60:-:*:*:*:*:*:*:*", matchCriteriaId: "44B63168-6671-4D31-A984-B0A0F71CB799", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:tesla_p100:-:*:*:*:*:*:*:*", matchCriteriaId: "6299665D-182A-4F2C-B451-1103B943CAE2", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:tesla_p4:-:*:*:*:*:*:*:*", matchCriteriaId: "EDCAD45A-986C-42AE-80F6-728E9427187C", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:tesla_p40:-:*:*:*:*:*:*:*", matchCriteriaId: "B4D9D634-1F0C-49A7-B680-24423CA6468E", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:tesla_p6:-:*:*:*:*:*:*:*", matchCriteriaId: "656DD5D8-A9DC-4A18-A444-C1D73580C6E9", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:tesla_v100:-:*:*:*:*:*:*:*", matchCriteriaId: "B2CC382C-4F8D-471B-B525-DE28D60E14EF", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:tesla_v100s:-:*:*:*:*:*:*:*", matchCriteriaId: "E5E8719D-831E-4703-9989-A33782F4FFBE", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:titan_rtx:-:*:*:*:*:*:*:*", matchCriteriaId: "C494A0AF-5DBF-47BE-8156-3CB876BAE779", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:titan_v:-:*:*:*:*:*:*:*", matchCriteriaId: "8751F9FE-920A-4438-B0E3-F6F493B1B72C", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:titan_x:-:*:*:*:*:*:*:*", matchCriteriaId: "2FABA79A-A70A-40A5-ADA7-893EAB42FE9E", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:titan_xp:-:*:*:*:*:*:*:*", matchCriteriaId: "0C9A97E1-2F0F-495D-97E8-0538AAC066EE", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", matchCriteriaId: "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", vulnerable: false, }, { criteria: "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", matchCriteriaId: "A2572D17-1DE6-457B-99CC-64AFD54487EA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to utilize debug mechanisms with insufficient access control, which may lead to information disclosure.", }, { lang: "es", value: "La GPU NVIDIA y el hardware Tegra contienen una vulnerabilidad en el microcontrolador interno que puede permitir a un usuario con altos privilegios usar mecanismos de depuración con un control de acceso insuficiente, que puede conllevar a una divulgación de información", }, ], id: "CVE-2021-1088", lastModified: "2024-11-21T05:43:34.367", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.1, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 4.1, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 0.5, impactScore: 3.6, source: "psirt@nvidia.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-11-20T15:15:07.647", references: [ { source: "psirt@nvidia.com", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5263", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5263", }, ], sourceIdentifier: "psirt@nvidia.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-08-11 22:15
Modified
2024-11-21 05:43
Severity ?
4.7 (Medium) - CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:H
4.7 (Medium) - CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:H
4.7 (Medium) - CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:H
Summary
NVIDIA camera firmware contains a difficult to exploit vulnerability where a highly privileged attacker can cause unauthorized modification to camera resources, which may result in complete denial of service and partial loss of data integrity for all clients.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| nvidia | jetson_linux | * | |
| nvidia | jetson_agx_xavier | - | |
| nvidia | jetson_nano | - | |
| nvidia | jetson_nano_2gb | - | |
| nvidia | jetson_tx1 | - | |
| nvidia | jetson_tx2 | - | |
| nvidia | jetson_tx2_nx | - | |
| nvidia | jetson_xavier_nx | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:nvidia:jetson_linux:*:*:*:*:*:*:*:*", matchCriteriaId: "9E69A431-2B5A-4718-BCD2-CA2D1077641B", versionEndExcluding: "32.6.1", versionStartIncluding: "32.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:nvidia:jetson_agx_xavier:-:*:*:*:*:*:*:*", matchCriteriaId: "5DD3D2AA-2A9F-470D-BB0F-A7B7C2EC2490", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_nano:-:*:*:*:*:*:*:*", matchCriteriaId: "2B2B041F-21A8-4F0B-BBAF-7CDD8B911547", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_nano_2gb:-:*:*:*:*:*:*:*", matchCriteriaId: "52E153CA-BE89-4C66-8B72-8901BF592423", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx1:-:*:*:*:*:*:*:*", matchCriteriaId: "86D1FDAD-C594-43D9-9BF6-F7461177AB91", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2:-:*:*:*:*:*:*:*", matchCriteriaId: "DE9D4A55-A232-4AF2-B7E9-CD58D7D17479", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2_nx:-:*:*:*:*:*:*:*", matchCriteriaId: "64C3FB58-08AA-4FE4-97BE-21B254BA229F", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:*:*:*:*:*:*", matchCriteriaId: "B0AA5976-FD71-4A53-BD4F-D342E871FEB0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "NVIDIA camera firmware contains a difficult to exploit vulnerability where a highly privileged attacker can cause unauthorized modification to camera resources, which may result in complete denial of service and partial loss of data integrity for all clients.", }, { lang: "es", value: "El firmware de la cámara NVIDIA contiene una vulnerabilidad difícil de explotar en la que un atacante con muchos privilegios puede provocar una modificación no autorizada de los recursos de la cámara, lo que puede provocar una denegación de servicio completa y una pérdida parcial de la integridad de los datos para todos los clientes", }, ], id: "CVE-2021-1113", lastModified: "2024-11-21T05:43:37.387", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 5.4, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:M/Au:N/C:N/I:P/A:C", version: "2.0", }, exploitabilityScore: 3.4, impactScore: 7.8, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.7, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:H", version: "3.1", }, exploitabilityScore: 0.5, impactScore: 4.2, source: "psirt@nvidia.com", type: "Secondary", }, { cvssData: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.7, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:H", version: "3.1", }, exploitabilityScore: 0.5, impactScore: 4.2, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-08-11T22:15:08.467", references: [ { source: "psirt@nvidia.com", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5216", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5216", }, ], sourceIdentifier: "psirt@nvidia.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-284", }, ], source: "psirt@nvidia.com", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-06-22 22:15
Modified
2024-11-21 06:10
Severity ?
8.2 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Trusty (the trusted OS produced by NVIDIA for Jetson devices) driver contains a vulnerability in the NVIDIA OTE protocol message parsing code where an integer overflow in a malloc() size calculation leads to a buffer overflow on the heap, which might result in information disclosure, escalation of privileges, and denial of service.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| nvidia | jetson_linux | * | |
| nvidia | jetson_agx_xavier_16gb | - | |
| nvidia | jetson_agx_xavier_32gb | - | |
| nvidia | jetson_agx_xavier_8gb | - | |
| nvidia | jetson_nano | - | |
| nvidia | jetson_nano | - | |
| nvidia | jetson_nano_2gb | - | |
| nvidia | jetson_tx1 | - | |
| nvidia | jetson_tx2 | - | |
| nvidia | jetson_tx2_4gb | - | |
| nvidia | jetson_tx2_nx | - | |
| nvidia | jetson_tx2i | - | |
| nvidia | jetson_xavier_nx | - | |
| nvidia | jetson_xavier_nx | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:nvidia:jetson_linux:*:*:*:*:*:*:*:*", matchCriteriaId: "E8941F71-0292-414E-AEA5-DD55EA3C2009", versionEndExcluding: "32.5.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:nvidia:jetson_agx_xavier_16gb:-:*:*:*:*:*:*:*", matchCriteriaId: "E0E081CB-B6EC-42DC-BA04-BCA13C17D190", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_agx_xavier_32gb:-:*:*:*:*:*:*:*", matchCriteriaId: "4F92D471-8E65-41FC-A5DE-255136F6F989", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_agx_xavier_8gb:-:*:*:*:*:*:*:*", matchCriteriaId: "E29459F7-997A-4B87-9164-6E3B5158ADC3", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_nano:-:*:-:*:*:*:*:*", matchCriteriaId: "9244F123-8518-4D81-AD26-5695F27F413B", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_nano:-:*:developer_kit:*:*:*:*:*", matchCriteriaId: "80BF53A0-8FDF-4827-9C00-ED082C4A68C7", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_nano_2gb:-:*:*:*:*:*:*:*", matchCriteriaId: "52E153CA-BE89-4C66-8B72-8901BF592423", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx1:-:*:*:*:*:*:*:*", matchCriteriaId: "86D1FDAD-C594-43D9-9BF6-F7461177AB91", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2:-:*:*:*:*:*:*:*", matchCriteriaId: "DE9D4A55-A232-4AF2-B7E9-CD58D7D17479", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2_4gb:-:*:*:*:*:*:*:*", matchCriteriaId: "71994F94-5279-4107-99F5-48990AE0C686", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2_nx:-:*:*:*:*:*:*:*", matchCriteriaId: "64C3FB58-08AA-4FE4-97BE-21B254BA229F", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2i:-:*:*:*:*:*:*:*", matchCriteriaId: "5DF55ABB-1B4F-452E-9D84-C01A638F88A0", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:developer_kit:*:*:*:*:*", matchCriteriaId: "3E54B955-F0E2-44BD-9B8C-3C788BBCF2A9", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:production:*:*:*:*:*", matchCriteriaId: "3E0C93C3-26F6-48E4-BADA-4DB05A7BA9D1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Trusty (the trusted OS produced by NVIDIA for Jetson devices) driver contains a vulnerability in the NVIDIA OTE protocol message parsing code where an integer overflow in a malloc() size calculation leads to a buffer overflow on the heap, which might result in information disclosure, escalation of privileges, and denial of service.", }, { lang: "es", value: "El controlador Trusty (el Sistema Operativo confiable producido por NVIDIA para los dispositivos Jetson) contiene una vulnerabilidad en el código de análisis de mensajes del protocolo OTE de NVIDIA en la que un desbordamiento de enteros en el cálculo del tamaño de malloc() conlleva un desbordamiento del búfer en la pila, que puede resultar en una divulgación de información, escalada de privilegios y una denegación de servicio", }, ], id: "CVE-2021-34372", lastModified: "2024-11-21T06:10:15.447", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 8.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.5, impactScore: 6, source: "psirt@nvidia.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-06-22T22:15:08.947", references: [ { source: "psirt@nvidia.com", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5205", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5205", }, ], sourceIdentifier: "psirt@nvidia.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-190", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-06-30 11:15
Modified
2024-11-21 06:10
Severity ?
7.7 (High) - CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Trusty contains a vulnerability in the HDCP service TA where bounds checking in command 9 is missing. Improper restriction of operations within the bounds of a memory buffer might lead to escalation of privileges, information disclosure, and denial of service.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| nvidia | jetson_linux | * | |
| nvidia | jetson_agx_xavier_16gb | - | |
| nvidia | jetson_agx_xavier_32gb | - | |
| nvidia | jetson_agx_xavier_8gb | - | |
| nvidia | jetson_tx2 | - | |
| nvidia | jetson_tx2_4gb | - | |
| nvidia | jetson_tx2_nx | - | |
| nvidia | jetson_tx2i | - | |
| nvidia | jetson_xavier_nx | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:nvidia:jetson_linux:*:*:*:*:*:*:*:*", matchCriteriaId: "E8941F71-0292-414E-AEA5-DD55EA3C2009", versionEndExcluding: "32.5.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:nvidia:jetson_agx_xavier_16gb:-:*:*:*:*:*:*:*", matchCriteriaId: "E0E081CB-B6EC-42DC-BA04-BCA13C17D190", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_agx_xavier_32gb:-:*:*:*:*:*:*:*", matchCriteriaId: "4F92D471-8E65-41FC-A5DE-255136F6F989", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_agx_xavier_8gb:-:*:*:*:*:*:*:*", matchCriteriaId: "E29459F7-997A-4B87-9164-6E3B5158ADC3", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2:-:*:*:*:*:*:*:*", matchCriteriaId: "DE9D4A55-A232-4AF2-B7E9-CD58D7D17479", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2_4gb:-:*:*:*:*:*:*:*", matchCriteriaId: "71994F94-5279-4107-99F5-48990AE0C686", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2_nx:-:*:*:*:*:*:*:*", matchCriteriaId: "64C3FB58-08AA-4FE4-97BE-21B254BA229F", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2i:-:*:*:*:*:*:*:*", matchCriteriaId: "5DF55ABB-1B4F-452E-9D84-C01A638F88A0", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:*:*:*:*:*:*", matchCriteriaId: "B0AA5976-FD71-4A53-BD4F-D342E871FEB0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Trusty contains a vulnerability in the HDCP service TA where bounds checking in command 9 is missing. Improper restriction of operations within the bounds of a memory buffer might lead to escalation of privileges, information disclosure, and denial of service.", }, { lang: "es", value: "Trusty contiene una vulnerabilidad en el servicio HDCP TA donde falta la comprobación de límites en el comando 9. La restricción inapropiada de las operaciones dentro de los límites de un búfer de memoria podría conllevar a una escalada de privilegios, la divulgación de información y una denegación de servicio", }, ], id: "CVE-2021-34377", lastModified: "2024-11-21T06:10:16.150", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.7, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.1, impactScore: 6, source: "psirt@nvidia.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-06-30T11:15:08.447", references: [ { source: "psirt@nvidia.com", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5205", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5205", }, ], sourceIdentifier: "psirt@nvidia.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-11-20 15:15
Modified
2024-11-21 05:43
Severity ?
4.1 (Medium) - CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:N
4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
Summary
NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to corrupt program data.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:h:nvidia:dgx-1_p100:-:*:*:*:*:*:*:*", matchCriteriaId: "47EAF1F2-41D7-4F6F-A6F4-CDC36F544204", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:dgx-1_v100:-:*:*:*:*:*:*:*", matchCriteriaId: "CBFD6294-13E6-4615-8BB0-7863CC5E62B4", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:dgx-2:-:*:*:*:*:*:*:*", matchCriteriaId: "2578180E-CD9E-4D45-B092-CEFDC3653878", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:dgx_station_a100:-:*:*:*:*:*:*:*", matchCriteriaId: "96A05233-855C-4099-BF73-0D04F8F58A44", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_605:-:*:*:*:*:*:*:*", matchCriteriaId: "6A6FE1DB-4930-46B5-868D-4445EF312A33", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_610:-:*:*:*:*:*:*:*", matchCriteriaId: "B600A94B-877D-42BA-B4F7-360198F3ECF6", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_620:-:*:*:*:*:*:*:*", matchCriteriaId: "36438CBB-37FB-455B-AE50-D68726E092BD", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_625:-:*:*:*:*:*:*:*", matchCriteriaId: "EC98A0F7-89B0-4BE0-A6EE-58EA39781E53", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_630:-:*:*:*:*:*:*:*", matchCriteriaId: "0B8C2CAC-B37E-47AD-AF02-C6BF5952DF87", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_635:-:*:*:*:*:*:*:*", matchCriteriaId: "635D27CF-65F3-4166-867E-7FD25EEE5303", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_640:-:*:*:*:*:*:*:*", matchCriteriaId: "95DB79D1-C580-4A62-B177-7E47737147F9", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_705:-:*:*:*:*:*:*:*", matchCriteriaId: "0225FE8D-16A7-4400-94F2-CE857D2255C7", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_710:-:*:*:*:*:*:*:*", matchCriteriaId: "1B72BBAC-CEBD-4405-B1EC-7535794FF5EB", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_720:-:*:*:*:*:*:*:*", matchCriteriaId: "BCC9048C-F848-48AD-BD5D-59D36E684949", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_730:-:*:*:*:*:*:*:*", matchCriteriaId: "A2C9365F-B4A5-4EA2-917B-2F07457017EB", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_740:-:*:*:*:*:*:*:*", matchCriteriaId: "21FE9995-2F38-4257-9FE1-2495D05D1993", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1050:-:*:*:*:*:*:*:*", matchCriteriaId: "D835EE77-6031-40D6-8305-F962F42E7018", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1050_ti:-:*:*:*:*:*:*:*", matchCriteriaId: "49C8D547-A817-4A62-9045-789843998A18", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1060:-:*:*:*:*:*:*:*", matchCriteriaId: "F0ED6F8E-1F82-4C50-9EEF-A5F58DB440AD", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1070:-:*:*:*:*:*:*:*", matchCriteriaId: "E884CEDD-CAA5-489D-A526-B628BB3DE460", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1070_ti:-:*:*:*:*:*:*:*", matchCriteriaId: "73F427BC-F15D-443D-B7F8-B0BB0C52C427", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1080:-:*:*:*:*:*:*:*", matchCriteriaId: "9E3455DE-4408-4603-86B2-5ECE76ED459C", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1080_ti:-:*:*:*:*:*:*:*", matchCriteriaId: "57CA2FAC-9170-4E68-B6A6-E2CD9CCF0600", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_645:-:*:*:*:*:*:*:*", matchCriteriaId: "C519FF2F-0AE9-4290-8115-F60EB9B830C3", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_650:-:*:*:*:*:*:*:*", matchCriteriaId: "0D0E7C6F-C42F-40E1-9DF1-2ED17938DCC1", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_650_ti:-:*:*:*:*:*:*:*", matchCriteriaId: "3A978D1E-BD96-4534-83FE-434F0157AB54", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_650_ti_boost:-:*:*:*:*:*:*:*", matchCriteriaId: "0FCD9648-DA33-4F4F-9AC7-7FB826205729", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_660:-:*:*:*:*:*:*:*", matchCriteriaId: "89B38FD5-B548-4BF7-8E35-37701320569C", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_660_ti:-:*:*:*:*:*:*:*", matchCriteriaId: "7AD0960F-EBEF-4876-8DC6-7B42B799105F", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_670:-:*:*:*:*:*:*:*", matchCriteriaId: "4A4F5E65-0E6F-47FD-8E5B-D00D5F82D467", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_680:-:*:*:*:*:*:*:*", matchCriteriaId: "07F9F2F5-AE1B-4BE5-8D6B-D16967A208F2", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_690:-:*:*:*:*:*:*:*", matchCriteriaId: "8416729C-0339-4B1C-99AC-C132D45744C7", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_745:-:*:*:*:*:*:*:*", matchCriteriaId: "8E733A3A-347E-4147-89AE-9EEC9B4DB787", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_750:-:*:*:*:*:*:*:*", matchCriteriaId: "EDC42D37-5DDE-4545-A4B9-7701749C0982", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_750_ti:-:*:*:*:*:*:*:*", matchCriteriaId: "7F2F1B32-CFEE-4417-843D-880302E4D6FF", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_760:-:*:*:*:*:*:*:*", matchCriteriaId: "B5176FD7-C3F6-4642-831C-1FE33D3E3B35", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_760_ti:-:*:*:*:*:*:*:*", matchCriteriaId: "F61534DC-EA6D-42E8-9AE5-AE6420906318", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_770:-:*:*:*:*:*:*:*", matchCriteriaId: "530C2C04-A37D-442C-BB0E-BEA01864D73C", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_780:-:*:*:*:*:*:*:*", matchCriteriaId: "22A5378C-2395-4D23-BD06-0995C5637857", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_780_ti:-:*:*:*:*:*:*:*", matchCriteriaId: "D651C50E-63D1-4FC6-8EEA-095E17A1342A", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_950:-:*:*:*:*:*:*:*", matchCriteriaId: "52379F40-A0B8-404F-8187-26D085F3568A", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_960:-:*:*:*:*:*:*:*", matchCriteriaId: "29D0D308-1A59-4D8C-930C-2B480E718FB2", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_970:-:*:*:*:*:*:*:*", matchCriteriaId: "B957ED4F-2A0E-4E6E-AF06-CC09722A4008", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_980:-:*:*:*:*:*:*:*", matchCriteriaId: "280BE7CC-3E8C-4630-BDA3-CFC409C2E5A2", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_titan_x:-:*:*:*:*:*:*:*", matchCriteriaId: "5A7ED258-77DC-45FA-B6AE-B9310049ECDE", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:gtx_titan:-:*:*:*:*:*:*:*", matchCriteriaId: "114895F2-AE45-4A46-BCFF-FD7C2573D88B", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:gtx_titan_black:-:*:*:*:*:*:*:*", matchCriteriaId: "E4A83155-9EA1-4F67-803F-3F8F692C6729", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:gtx_titan_z:-:*:*:*:*:*:*:*", matchCriteriaId: "FED1874A-9E4B-4725-A130-6CA872D491CA", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:jetson_agx_xavier_16gb:-:*:*:*:*:*:*:*", matchCriteriaId: "E0E081CB-B6EC-42DC-BA04-BCA13C17D190", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:jetson_agx_xavier_32gb:-:*:*:*:*:*:*:*", matchCriteriaId: "4F92D471-8E65-41FC-A5DE-255136F6F989", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:jetson_agx_xavier_8gb:-:*:*:*:*:*:*:*", matchCriteriaId: "E29459F7-997A-4B87-9164-6E3B5158ADC3", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:jetson_nano:-:*:*:*:*:*:*:*", matchCriteriaId: "2B2B041F-21A8-4F0B-BBAF-7CDD8B911547", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:jetson_nano:-:*:-:*:*:*:*:*", matchCriteriaId: "9244F123-8518-4D81-AD26-5695F27F413B", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:jetson_nano:-:*:developer_kit:*:*:*:*:*", matchCriteriaId: "80BF53A0-8FDF-4827-9C00-ED082C4A68C7", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx1:-:*:*:*:*:*:*:*", matchCriteriaId: "86D1FDAD-C594-43D9-9BF6-F7461177AB91", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2:-:*:*:*:*:*:*:*", matchCriteriaId: "DE9D4A55-A232-4AF2-B7E9-CD58D7D17479", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2_4gb:-:*:*:*:*:*:*:*", matchCriteriaId: "71994F94-5279-4107-99F5-48990AE0C686", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2_nx:-:*:*:*:*:*:*:*", matchCriteriaId: "64C3FB58-08AA-4FE4-97BE-21B254BA229F", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2i:-:*:*:*:*:*:*:*", matchCriteriaId: "5DF55ABB-1B4F-452E-9D84-C01A638F88A0", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:*:*:*:*:*:*", matchCriteriaId: "B0AA5976-FD71-4A53-BD4F-D342E871FEB0", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:developer_kit:*:*:*:*:*", matchCriteriaId: "3E54B955-F0E2-44BD-9B8C-3C788BBCF2A9", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:production:*:*:*:*:*", matchCriteriaId: "3E0C93C3-26F6-48E4-BADA-4DB05A7BA9D1", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:nvidia_hgx-2:-:*:*:*:*:*:*:*", matchCriteriaId: "9D697CF9-CBAE-4E29-AA3C-50FEDEB4F20E", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_gv100:-:*:*:*:*:*:*:*", matchCriteriaId: "A30CCD00-60D7-42B5-B88C-AF2BD81B796F", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m1000m:-:*:*:*:*:*:*:*", matchCriteriaId: "3896B47E-8787-45D2-96B3-BF4892780F35", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m1200:-:*:*:*:*:*:*:*", matchCriteriaId: "A1E9293F-C51A-40B0-9461-83A31366C8C5", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m2000:-:*:*:*:*:*:*:*", matchCriteriaId: "316C9573-7C7D-4429-8563-B74FD752AC51", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m2000m:-:*:*:*:*:*:*:*", matchCriteriaId: "6FEC13EF-BB2F-4ED2-BC8B-8234ABAEEE02", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m2200:-:*:*:*:*:*:*:*", matchCriteriaId: "E607C924-1682-4348-B6BF-31912E3A3D13", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m3000m:-:*:*:*:*:*:*:*", matchCriteriaId: "B5E13B65-F61B-44D4-B1D7-1E96D9CB45BD", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m4000:-:*:*:*:*:*:*:*", matchCriteriaId: "76ABA317-6621-4D57-874F-307451EC9C2E", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m4000m:-:*:*:*:*:*:*:*", matchCriteriaId: "477D72B5-A3EA-440A-B495-8A09E8564E8D", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m5000:-:*:*:*:*:*:*:*", matchCriteriaId: "F2B507EE-F005-4806-A8FC-8C8D9A31B0DB", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m5000m:-:*:*:*:*:*:*:*", matchCriteriaId: "DAD67DC6-AA36-4F93-B8DB-77EB8C153BCA", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m500m:-:*:*:*:*:*:*:*", matchCriteriaId: "E707A80B-6482-47DD-8BF3-6E58BC2C697A", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m520:-:*:*:*:*:*:*:*", matchCriteriaId: "2F5E94B4-0DF1-4F79-87A0-C90A6131091B", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m5500:-:*:*:*:*:*:*:*", matchCriteriaId: "0E8D2AC7-DC75-4BBA-BF4E-58BF88B49B11", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m6000:-:*:*:*:*:*:*:*", matchCriteriaId: "ED233BC3-6982-41E1-9205-5159C17A4A56", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m600m:-:*:*:*:*:*:*:*", matchCriteriaId: "7C186F38-89C7-4616-A424-201804F842C9", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m620:-:*:*:*:*:*:*:*", matchCriteriaId: "DB2D3A4D-0C03-402F-BB8A-2DE5AE14FDA5", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_p1000:-:*:*:*:*:*:*:*", matchCriteriaId: "DFB1F23E-99C5-4FBC-9E9C-8AD8A05AE8C8", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_p2000:-:*:*:*:*:*:*:*", matchCriteriaId: "05069DB9-7DD0-4FF1-8D98-8DC3A0B2AF77", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_p2200:-:*:*:*:*:*:*:*", matchCriteriaId: "02BC9134-0188-4F79-BAB6-77409617D752", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_p3000:-:*:*:*:*:*:*:*", matchCriteriaId: "BC64DC02-91A7-4E10-9023-6932A4A14D77", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_p3200:-:*:*:*:*:*:*:*", matchCriteriaId: "C91BB45E-C2BF-4B48-892B-82EF5710AA7E", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_p400:-:*:*:*:*:*:*:*", matchCriteriaId: "5E7CC54F-15FE-4ED8-AA5D-900AAFFAEEC6", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_p4000:-:*:*:*:*:*:*:*", matchCriteriaId: "8FBB9DDD-963E-4B10-B0BC-99588C82969F", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_p4200:-:*:*:*:*:*:*:*", matchCriteriaId: "CECB5A97-0088-4ACD-9A9C-964D4C3DE699", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_p500:-:*:*:*:*:*:*:*", matchCriteriaId: "4E57FD81-AC93-49BE-B0E1-FB5699CE7A52", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_p5000:-:*:*:*:*:*:*:*", matchCriteriaId: "DCDC421C-3B8F-4EAA-A2D4-14C14CD7F3DB", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_p520:-:*:*:*:*:*:*:*", matchCriteriaId: "453E0F78-7B35-42B2-B5FA-43ACE9F7602A", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_p5200:-:*:*:*:*:*:*:*", matchCriteriaId: "004D6C59-E6C9-4E0E-BBA8-8E3AD0F0BC1F", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_p600:-:*:*:*:*:*:*:*", matchCriteriaId: "BC5FA1F3-5D7E-4085-B5D3-D86CF5A6E412", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_p6000:-:*:*:*:*:*:*:*", matchCriteriaId: "60176B23-2751-4415-A0D3-DF1BE640F6C3", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_p620:-:*:*:*:*:*:*:*", matchCriteriaId: "3F9219FD-849D-4A0A-97F0-85492B4B2189", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:shield_tv:-:*:*:*:*:*:*:*", matchCriteriaId: "49F85C44-6B7E-4B7C-AC8D-9D5727DFA0B8", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:shield_tv_pro:-:*:*:*:*:*:*:*", matchCriteriaId: "76300BC2-B496-4B4D-979B-6C56F590449A", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:tesla_m10:-:*:*:*:*:*:*:*", matchCriteriaId: "343850DA-E975-467A-99A2-852E24135DD2", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:tesla_m4:-:*:*:*:*:*:*:*", matchCriteriaId: "B8C459A6-EE1D-482F-BC23-866836870512", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:tesla_m40:-:*:*:*:*:*:*:*", matchCriteriaId: "A6DDBF7C-C346-4515-AD0D-922E7E2F09E8", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:tesla_m6:-:*:*:*:*:*:*:*", matchCriteriaId: "2E92C2C2-1CF7-4531-B431-D67BF6049635", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:tesla_m60:-:*:*:*:*:*:*:*", matchCriteriaId: "44B63168-6671-4D31-A984-B0A0F71CB799", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:tesla_p100:-:*:*:*:*:*:*:*", matchCriteriaId: "6299665D-182A-4F2C-B451-1103B943CAE2", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:tesla_p4:-:*:*:*:*:*:*:*", matchCriteriaId: "EDCAD45A-986C-42AE-80F6-728E9427187C", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:tesla_p40:-:*:*:*:*:*:*:*", matchCriteriaId: "B4D9D634-1F0C-49A7-B680-24423CA6468E", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:tesla_p6:-:*:*:*:*:*:*:*", matchCriteriaId: "656DD5D8-A9DC-4A18-A444-C1D73580C6E9", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:tesla_v100:-:*:*:*:*:*:*:*", matchCriteriaId: "B2CC382C-4F8D-471B-B525-DE28D60E14EF", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:tesla_v100s:-:*:*:*:*:*:*:*", matchCriteriaId: "E5E8719D-831E-4703-9989-A33782F4FFBE", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:titan_v:-:*:*:*:*:*:*:*", matchCriteriaId: "8751F9FE-920A-4438-B0E3-F6F493B1B72C", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:titan_x:-:*:*:*:*:*:*:*", matchCriteriaId: "2FABA79A-A70A-40A5-ADA7-893EAB42FE9E", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:titan_xp:-:*:*:*:*:*:*:*", matchCriteriaId: "0C9A97E1-2F0F-495D-97E8-0538AAC066EE", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", matchCriteriaId: "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", vulnerable: false, }, { criteria: "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", matchCriteriaId: "A2572D17-1DE6-457B-99CC-64AFD54487EA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to corrupt program data.", }, { lang: "es", value: "La GPU NVIDIA y el hardware Tegra contienen una vulnerabilidad en el microcontrolador interno que puede permitir a un usuario con altos privilegios corromper los datos del programa", }, ], id: "CVE-2021-1125", lastModified: "2024-11-21T05:43:38.677", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.9, confidentialityImpact: "NONE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:N/I:C/A:N", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 4.1, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, exploitabilityScore: 0.5, impactScore: 3.6, source: "psirt@nvidia.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-11-20T15:15:07.790", references: [ { source: "psirt@nvidia.com", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5263", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5263", }, ], sourceIdentifier: "psirt@nvidia.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-06-22 22:15
Modified
2024-11-21 06:10
Severity ?
4.2 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Trusty contains a vulnerability in the NVIDIA OTE protocol that is present in all TAs. An incorrect message stream deserialization allows an attacker to use the malicious CA that is run by the user to cause the buffer overflow, which may lead to information disclosure and data modification.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| nvidia | jetson_linux | * | |
| nvidia | jetson_agx_xavier_16gb | - | |
| nvidia | jetson_agx_xavier_32gb | - | |
| nvidia | jetson_agx_xavier_8gb | - | |
| nvidia | jetson_tx2 | - | |
| nvidia | jetson_tx2_4gb | - | |
| nvidia | jetson_tx2_nx | - | |
| nvidia | jetson_tx2i | - | |
| nvidia | jetson_xavier_nx | - | |
| nvidia | jetson_xavier_nx | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:nvidia:jetson_linux:*:*:*:*:*:*:*:*", matchCriteriaId: "E8941F71-0292-414E-AEA5-DD55EA3C2009", versionEndExcluding: "32.5.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:nvidia:jetson_agx_xavier_16gb:-:*:*:*:*:*:*:*", matchCriteriaId: "E0E081CB-B6EC-42DC-BA04-BCA13C17D190", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_agx_xavier_32gb:-:*:*:*:*:*:*:*", matchCriteriaId: "4F92D471-8E65-41FC-A5DE-255136F6F989", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_agx_xavier_8gb:-:*:*:*:*:*:*:*", matchCriteriaId: "E29459F7-997A-4B87-9164-6E3B5158ADC3", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2:-:*:*:*:*:*:*:*", matchCriteriaId: "DE9D4A55-A232-4AF2-B7E9-CD58D7D17479", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2_4gb:-:*:*:*:*:*:*:*", matchCriteriaId: "71994F94-5279-4107-99F5-48990AE0C686", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2_nx:-:*:*:*:*:*:*:*", matchCriteriaId: "64C3FB58-08AA-4FE4-97BE-21B254BA229F", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2i:-:*:*:*:*:*:*:*", matchCriteriaId: "5DF55ABB-1B4F-452E-9D84-C01A638F88A0", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:developer_kit:*:*:*:*:*", matchCriteriaId: "3E54B955-F0E2-44BD-9B8C-3C788BBCF2A9", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:production:*:*:*:*:*", matchCriteriaId: "3E0C93C3-26F6-48E4-BADA-4DB05A7BA9D1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Trusty contains a vulnerability in the NVIDIA OTE protocol that is present in all TAs. An incorrect message stream deserialization allows an attacker to use the malicious CA that is run by the user to cause the buffer overflow, which may lead to information disclosure and data modification.", }, { lang: "es", value: "Trusty contiene una vulnerabilidad en el protocolo NVIDIA OTE que está presente en todos los AT. Una deserialización incorrecta del flujo de mensajes permite a un atacante utilizar la AC maliciosa que ejecuta el usuario para provocar el desbordamiento del búfer, lo que puede llevar a la divulgación de información y a la modificación de datos", }, ], id: "CVE-2021-34394", lastModified: "2024-11-21T06:10:18.440", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.2, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 0.6, impactScore: 3.6, source: "psirt@nvidia.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-06-22T22:15:09.277", references: [ { source: "psirt@nvidia.com", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5205", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5205", }, ], sourceIdentifier: "psirt@nvidia.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-502", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-11-20 15:15
Modified
2024-11-21 06:10
Severity ?
4.1 (Medium) - CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Summary
NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to gain access to information from unscrubbed memory, which may lead to information disclosure.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:h:nvidia:dgx-1_p100:-:*:*:*:*:*:*:*", matchCriteriaId: "47EAF1F2-41D7-4F6F-A6F4-CDC36F544204", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:dgx-1_v100:-:*:*:*:*:*:*:*", matchCriteriaId: "CBFD6294-13E6-4615-8BB0-7863CC5E62B4", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:dgx-2:-:*:*:*:*:*:*:*", matchCriteriaId: "2578180E-CD9E-4D45-B092-CEFDC3653878", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:dgx_station_a100:-:*:*:*:*:*:*:*", matchCriteriaId: "96A05233-855C-4099-BF73-0D04F8F58A44", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:drive_constellation:-:*:*:*:*:*:*:*", matchCriteriaId: "36517415-0642-4DF2-9CAF-CC73DFD301D3", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_605:-:*:*:*:*:*:*:*", matchCriteriaId: "6A6FE1DB-4930-46B5-868D-4445EF312A33", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_610:-:*:*:*:*:*:*:*", matchCriteriaId: "B600A94B-877D-42BA-B4F7-360198F3ECF6", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_620:-:*:*:*:*:*:*:*", matchCriteriaId: "36438CBB-37FB-455B-AE50-D68726E092BD", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_625:-:*:*:*:*:*:*:*", matchCriteriaId: "EC98A0F7-89B0-4BE0-A6EE-58EA39781E53", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_630:-:*:*:*:*:*:*:*", matchCriteriaId: "0B8C2CAC-B37E-47AD-AF02-C6BF5952DF87", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_635:-:*:*:*:*:*:*:*", matchCriteriaId: "635D27CF-65F3-4166-867E-7FD25EEE5303", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_640:-:*:*:*:*:*:*:*", matchCriteriaId: "95DB79D1-C580-4A62-B177-7E47737147F9", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_705:-:*:*:*:*:*:*:*", matchCriteriaId: "0225FE8D-16A7-4400-94F2-CE857D2255C7", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_710:-:*:*:*:*:*:*:*", matchCriteriaId: "1B72BBAC-CEBD-4405-B1EC-7535794FF5EB", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_720:-:*:*:*:*:*:*:*", matchCriteriaId: "BCC9048C-F848-48AD-BD5D-59D36E684949", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_730:-:*:*:*:*:*:*:*", matchCriteriaId: "A2C9365F-B4A5-4EA2-917B-2F07457017EB", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_740:-:*:*:*:*:*:*:*", matchCriteriaId: "21FE9995-2F38-4257-9FE1-2495D05D1993", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1050:-:*:*:*:*:*:*:*", matchCriteriaId: "D835EE77-6031-40D6-8305-F962F42E7018", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1050_ti:-:*:*:*:*:*:*:*", matchCriteriaId: "49C8D547-A817-4A62-9045-789843998A18", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1060:-:*:*:*:*:*:*:*", matchCriteriaId: "F0ED6F8E-1F82-4C50-9EEF-A5F58DB440AD", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1070:-:*:*:*:*:*:*:*", matchCriteriaId: "E884CEDD-CAA5-489D-A526-B628BB3DE460", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1070_ti:-:*:*:*:*:*:*:*", matchCriteriaId: "73F427BC-F15D-443D-B7F8-B0BB0C52C427", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1080:-:*:*:*:*:*:*:*", matchCriteriaId: "9E3455DE-4408-4603-86B2-5ECE76ED459C", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1080_ti:-:*:*:*:*:*:*:*", matchCriteriaId: "57CA2FAC-9170-4E68-B6A6-E2CD9CCF0600", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1650:-:*:*:*:*:*:*:*", matchCriteriaId: "2E8B18CF-58CF-48C8-A4AE-F6922E215E5C", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1650_super:-:*:*:*:*:*:*:*", matchCriteriaId: "FD84C049-7F87-4C92-9FCB-7BD7382E25E9", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1660:-:*:*:*:*:*:*:*", matchCriteriaId: "573887F7-E422-48AA-8205-56166D81536C", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1660_super:-:*:*:*:*:*:*:*", matchCriteriaId: "DA37A3BB-35DF-4863-9A95-29B631587DB0", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1660_ti:-:*:*:*:*:*:*:*", matchCriteriaId: "D3913E75-6B38-498F-9C6A-A4A8B752D5BC", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_645:-:*:*:*:*:*:*:*", matchCriteriaId: "C519FF2F-0AE9-4290-8115-F60EB9B830C3", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_650:-:*:*:*:*:*:*:*", matchCriteriaId: "0D0E7C6F-C42F-40E1-9DF1-2ED17938DCC1", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_650_ti:-:*:*:*:*:*:*:*", matchCriteriaId: "3A978D1E-BD96-4534-83FE-434F0157AB54", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_650_ti_boost:-:*:*:*:*:*:*:*", matchCriteriaId: "0FCD9648-DA33-4F4F-9AC7-7FB826205729", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_660:-:*:*:*:*:*:*:*", matchCriteriaId: "89B38FD5-B548-4BF7-8E35-37701320569C", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_660_ti:-:*:*:*:*:*:*:*", matchCriteriaId: "7AD0960F-EBEF-4876-8DC6-7B42B799105F", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_670:-:*:*:*:*:*:*:*", matchCriteriaId: "4A4F5E65-0E6F-47FD-8E5B-D00D5F82D467", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_680:-:*:*:*:*:*:*:*", matchCriteriaId: "07F9F2F5-AE1B-4BE5-8D6B-D16967A208F2", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_690:-:*:*:*:*:*:*:*", matchCriteriaId: "8416729C-0339-4B1C-99AC-C132D45744C7", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_745:-:*:*:*:*:*:*:*", matchCriteriaId: "8E733A3A-347E-4147-89AE-9EEC9B4DB787", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_750:-:*:*:*:*:*:*:*", matchCriteriaId: "EDC42D37-5DDE-4545-A4B9-7701749C0982", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_750_ti:-:*:*:*:*:*:*:*", matchCriteriaId: "7F2F1B32-CFEE-4417-843D-880302E4D6FF", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_760:-:*:*:*:*:*:*:*", matchCriteriaId: "B5176FD7-C3F6-4642-831C-1FE33D3E3B35", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_760_ti:-:*:*:*:*:*:*:*", matchCriteriaId: "F61534DC-EA6D-42E8-9AE5-AE6420906318", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_770:-:*:*:*:*:*:*:*", matchCriteriaId: "530C2C04-A37D-442C-BB0E-BEA01864D73C", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_780:-:*:*:*:*:*:*:*", matchCriteriaId: "22A5378C-2395-4D23-BD06-0995C5637857", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_780_ti:-:*:*:*:*:*:*:*", matchCriteriaId: "D651C50E-63D1-4FC6-8EEA-095E17A1342A", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_950:-:*:*:*:*:*:*:*", matchCriteriaId: "52379F40-A0B8-404F-8187-26D085F3568A", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_960:-:*:*:*:*:*:*:*", matchCriteriaId: "29D0D308-1A59-4D8C-930C-2B480E718FB2", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_970:-:*:*:*:*:*:*:*", matchCriteriaId: "B957ED4F-2A0E-4E6E-AF06-CC09722A4008", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_980:-:*:*:*:*:*:*:*", matchCriteriaId: "280BE7CC-3E8C-4630-BDA3-CFC409C2E5A2", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_titan_x:-:*:*:*:*:*:*:*", matchCriteriaId: "5A7ED258-77DC-45FA-B6AE-B9310049ECDE", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_rtx_2060:-:*:*:*:*:*:*:*", matchCriteriaId: "B5743279-2E97-4D92-A43B-732B9AE0979C", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_rtx_2060_super:-:*:*:*:*:*:*:*", matchCriteriaId: "A54F1D17-30C3-4912-858B-B656AE636C58", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_rtx_2070:-:*:*:*:*:*:*:*", matchCriteriaId: "9472E1FC-B22D-437B-A62E-9476A903F2BC", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_rtx_2070_super:-:*:*:*:*:*:*:*", matchCriteriaId: "483E83C0-FD09-4473-8036-A2E1C362A2E0", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_rtx_2080:-:*:*:*:*:*:*:*", matchCriteriaId: "88DEB01F-0C63-4EA1-878A-2DC9701DAA41", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_rtx_2080_super:-:*:*:*:*:*:*:*", matchCriteriaId: "633AB383-A5D6-4F0F-A973-FE777117A856", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_rtx_2080_ti:-:*:*:*:*:*:*:*", matchCriteriaId: "0BF0DE98-5862-4738-A8D5-06C9599B5317", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:gtx_titan:-:*:*:*:*:*:*:*", matchCriteriaId: "114895F2-AE45-4A46-BCFF-FD7C2573D88B", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:gtx_titan_black:-:*:*:*:*:*:*:*", matchCriteriaId: "E4A83155-9EA1-4F67-803F-3F8F692C6729", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:gtx_titan_z:-:*:*:*:*:*:*:*", matchCriteriaId: "FED1874A-9E4B-4725-A130-6CA872D491CA", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:jetson_agx_xavier_16gb:-:*:*:*:*:*:*:*", matchCriteriaId: "E0E081CB-B6EC-42DC-BA04-BCA13C17D190", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:jetson_agx_xavier_32gb:-:*:*:*:*:*:*:*", matchCriteriaId: "4F92D471-8E65-41FC-A5DE-255136F6F989", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:jetson_agx_xavier_8gb:-:*:*:*:*:*:*:*", matchCriteriaId: "E29459F7-997A-4B87-9164-6E3B5158ADC3", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:jetson_nano:-:*:*:*:*:*:*:*", matchCriteriaId: "2B2B041F-21A8-4F0B-BBAF-7CDD8B911547", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:jetson_nano:-:*:-:*:*:*:*:*", matchCriteriaId: "9244F123-8518-4D81-AD26-5695F27F413B", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:jetson_nano:-:*:developer_kit:*:*:*:*:*", matchCriteriaId: "80BF53A0-8FDF-4827-9C00-ED082C4A68C7", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx1:-:*:*:*:*:*:*:*", matchCriteriaId: "86D1FDAD-C594-43D9-9BF6-F7461177AB91", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2:-:*:*:*:*:*:*:*", matchCriteriaId: "DE9D4A55-A232-4AF2-B7E9-CD58D7D17479", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2_4gb:-:*:*:*:*:*:*:*", matchCriteriaId: "71994F94-5279-4107-99F5-48990AE0C686", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2_nx:-:*:*:*:*:*:*:*", matchCriteriaId: "64C3FB58-08AA-4FE4-97BE-21B254BA229F", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2i:-:*:*:*:*:*:*:*", matchCriteriaId: "5DF55ABB-1B4F-452E-9D84-C01A638F88A0", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:*:*:*:*:*:*", matchCriteriaId: "B0AA5976-FD71-4A53-BD4F-D342E871FEB0", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:developer_kit:*:*:*:*:*", matchCriteriaId: "3E54B955-F0E2-44BD-9B8C-3C788BBCF2A9", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:production:*:*:*:*:*", matchCriteriaId: "3E0C93C3-26F6-48E4-BADA-4DB05A7BA9D1", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:nvidia_hgx-2:-:*:*:*:*:*:*:*", matchCriteriaId: "9D697CF9-CBAE-4E29-AA3C-50FEDEB4F20E", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:nvidia_t1000:-:*:*:*:*:*:*:*", matchCriteriaId: "284CDDF2-12D5-4A35-9A1F-496E9112F798", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:nvidia_t2000:-:*:*:*:*:*:*:*", matchCriteriaId: "98CD730F-BBB7-4EE0-93B5-88555B9494B7", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:nvidia_t4:-:*:*:*:*:*:*:*", matchCriteriaId: "1292795D-A6ED-40D6-BE2D-D396909C5D59", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:nvidia_t400:-:*:*:*:*:*:*:*", matchCriteriaId: "80AA0372-BA25-4C5E-B464-13AB660D1D98", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:nvidia_t600:-:*:*:*:*:*:*:*", matchCriteriaId: "F6A7C069-DE2C-4390-8B2C-8A3175D692F7", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_gv100:-:*:*:*:*:*:*:*", matchCriteriaId: "A30CCD00-60D7-42B5-B88C-AF2BD81B796F", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m1000m:-:*:*:*:*:*:*:*", matchCriteriaId: "3896B47E-8787-45D2-96B3-BF4892780F35", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m1200:-:*:*:*:*:*:*:*", matchCriteriaId: "A1E9293F-C51A-40B0-9461-83A31366C8C5", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m2000:-:*:*:*:*:*:*:*", matchCriteriaId: "316C9573-7C7D-4429-8563-B74FD752AC51", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m2000m:-:*:*:*:*:*:*:*", matchCriteriaId: "6FEC13EF-BB2F-4ED2-BC8B-8234ABAEEE02", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m2200:-:*:*:*:*:*:*:*", matchCriteriaId: "E607C924-1682-4348-B6BF-31912E3A3D13", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m3000m:-:*:*:*:*:*:*:*", matchCriteriaId: "B5E13B65-F61B-44D4-B1D7-1E96D9CB45BD", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m4000:-:*:*:*:*:*:*:*", matchCriteriaId: "76ABA317-6621-4D57-874F-307451EC9C2E", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m4000m:-:*:*:*:*:*:*:*", matchCriteriaId: "477D72B5-A3EA-440A-B495-8A09E8564E8D", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m5000:-:*:*:*:*:*:*:*", matchCriteriaId: "F2B507EE-F005-4806-A8FC-8C8D9A31B0DB", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m5000m:-:*:*:*:*:*:*:*", matchCriteriaId: "DAD67DC6-AA36-4F93-B8DB-77EB8C153BCA", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m500m:-:*:*:*:*:*:*:*", matchCriteriaId: "E707A80B-6482-47DD-8BF3-6E58BC2C697A", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m520:-:*:*:*:*:*:*:*", matchCriteriaId: "2F5E94B4-0DF1-4F79-87A0-C90A6131091B", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m5500:-:*:*:*:*:*:*:*", matchCriteriaId: "0E8D2AC7-DC75-4BBA-BF4E-58BF88B49B11", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m6000:-:*:*:*:*:*:*:*", matchCriteriaId: "ED233BC3-6982-41E1-9205-5159C17A4A56", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m600m:-:*:*:*:*:*:*:*", matchCriteriaId: "7C186F38-89C7-4616-A424-201804F842C9", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m620:-:*:*:*:*:*:*:*", matchCriteriaId: "DB2D3A4D-0C03-402F-BB8A-2DE5AE14FDA5", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_p1000:-:*:*:*:*:*:*:*", matchCriteriaId: "DFB1F23E-99C5-4FBC-9E9C-8AD8A05AE8C8", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_p2000:-:*:*:*:*:*:*:*", matchCriteriaId: "05069DB9-7DD0-4FF1-8D98-8DC3A0B2AF77", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_p2200:-:*:*:*:*:*:*:*", matchCriteriaId: "02BC9134-0188-4F79-BAB6-77409617D752", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_p3000:-:*:*:*:*:*:*:*", matchCriteriaId: "BC64DC02-91A7-4E10-9023-6932A4A14D77", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_p3200:-:*:*:*:*:*:*:*", matchCriteriaId: "C91BB45E-C2BF-4B48-892B-82EF5710AA7E", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_p400:-:*:*:*:*:*:*:*", matchCriteriaId: "5E7CC54F-15FE-4ED8-AA5D-900AAFFAEEC6", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_p4000:-:*:*:*:*:*:*:*", matchCriteriaId: "8FBB9DDD-963E-4B10-B0BC-99588C82969F", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_p4200:-:*:*:*:*:*:*:*", matchCriteriaId: "CECB5A97-0088-4ACD-9A9C-964D4C3DE699", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_p500:-:*:*:*:*:*:*:*", matchCriteriaId: "4E57FD81-AC93-49BE-B0E1-FB5699CE7A52", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_p5000:-:*:*:*:*:*:*:*", matchCriteriaId: "DCDC421C-3B8F-4EAA-A2D4-14C14CD7F3DB", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_p520:-:*:*:*:*:*:*:*", matchCriteriaId: "453E0F78-7B35-42B2-B5FA-43ACE9F7602A", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_p5200:-:*:*:*:*:*:*:*", matchCriteriaId: "004D6C59-E6C9-4E0E-BBA8-8E3AD0F0BC1F", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_p600:-:*:*:*:*:*:*:*", matchCriteriaId: "BC5FA1F3-5D7E-4085-B5D3-D86CF5A6E412", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_p6000:-:*:*:*:*:*:*:*", matchCriteriaId: "60176B23-2751-4415-A0D3-DF1BE640F6C3", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_p620:-:*:*:*:*:*:*:*", matchCriteriaId: "3F9219FD-849D-4A0A-97F0-85492B4B2189", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_rtx_3000:-:*:*:*:*:*:*:*", matchCriteriaId: "7F4AB1BC-2B82-4C12-96B0-B269462032B3", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_rtx_4000:-:*:*:*:*:*:*:*", matchCriteriaId: "323643CB-D03C-47D1-9FAF-0A5C0777DF61", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_rtx_5000:-:*:*:*:*:*:*:*", matchCriteriaId: "A5175F77-1E61-4296-AFDD-F00D1C0B5560", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_rtx_6000:-:*:*:*:*:*:*:*", matchCriteriaId: "F06F4994-5EDF-4652-B673-4F90907994DE", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_rtx_8000:-:*:*:*:*:*:*:*", matchCriteriaId: "66216B9A-F79D-4681-BBC4-6F5D80A3E5EE", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_t1000:-:*:*:*:*:*:*:*", matchCriteriaId: "33D439F5-86EC-47FC-826A-229C028EB149", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_t2000:-:*:*:*:*:*:*:*", matchCriteriaId: "CD476101-4981-46F9-9898-717701C0CAE0", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_t400:-:*:*:*:*:*:*:*", matchCriteriaId: "85351FD4-28CD-4392-B154-90E4DE270F7F", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_t600:-:*:*:*:*:*:*:*", matchCriteriaId: "109B8099-C1AD-4695-877A-13B4301FEBB7", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:shield_tv:-:*:*:*:*:*:*:*", matchCriteriaId: "49F85C44-6B7E-4B7C-AC8D-9D5727DFA0B8", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:shield_tv_pro:-:*:*:*:*:*:*:*", matchCriteriaId: "76300BC2-B496-4B4D-979B-6C56F590449A", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:tesla_m10:-:*:*:*:*:*:*:*", matchCriteriaId: "343850DA-E975-467A-99A2-852E24135DD2", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:tesla_m4:-:*:*:*:*:*:*:*", matchCriteriaId: "B8C459A6-EE1D-482F-BC23-866836870512", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:tesla_m40:-:*:*:*:*:*:*:*", matchCriteriaId: "A6DDBF7C-C346-4515-AD0D-922E7E2F09E8", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:tesla_m6:-:*:*:*:*:*:*:*", matchCriteriaId: "2E92C2C2-1CF7-4531-B431-D67BF6049635", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:tesla_m60:-:*:*:*:*:*:*:*", matchCriteriaId: "44B63168-6671-4D31-A984-B0A0F71CB799", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:tesla_p100:-:*:*:*:*:*:*:*", matchCriteriaId: "6299665D-182A-4F2C-B451-1103B943CAE2", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:tesla_p4:-:*:*:*:*:*:*:*", matchCriteriaId: "EDCAD45A-986C-42AE-80F6-728E9427187C", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:tesla_p40:-:*:*:*:*:*:*:*", matchCriteriaId: "B4D9D634-1F0C-49A7-B680-24423CA6468E", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:tesla_p6:-:*:*:*:*:*:*:*", matchCriteriaId: "656DD5D8-A9DC-4A18-A444-C1D73580C6E9", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:tesla_v100:-:*:*:*:*:*:*:*", matchCriteriaId: "B2CC382C-4F8D-471B-B525-DE28D60E14EF", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:tesla_v100s:-:*:*:*:*:*:*:*", matchCriteriaId: "E5E8719D-831E-4703-9989-A33782F4FFBE", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:titan_rtx:-:*:*:*:*:*:*:*", matchCriteriaId: "C494A0AF-5DBF-47BE-8156-3CB876BAE779", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:titan_v:-:*:*:*:*:*:*:*", matchCriteriaId: "8751F9FE-920A-4438-B0E3-F6F493B1B72C", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:titan_x:-:*:*:*:*:*:*:*", matchCriteriaId: "2FABA79A-A70A-40A5-ADA7-893EAB42FE9E", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:titan_xp:-:*:*:*:*:*:*:*", matchCriteriaId: "0C9A97E1-2F0F-495D-97E8-0538AAC066EE", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", matchCriteriaId: "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", vulnerable: false, }, { criteria: "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", matchCriteriaId: "A2572D17-1DE6-457B-99CC-64AFD54487EA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to gain access to information from unscrubbed memory, which may lead to information disclosure.", }, { lang: "es", value: "La GPU NVIDIA y el hardware Tegra contienen una vulnerabilidad en el microcontrolador interno que puede permitir a un usuario con altos privilegios acceder a información de la memoria no depurada, que puede conllevar a una divulgación de información", }, ], id: "CVE-2021-34400", lastModified: "2024-11-21T06:10:19.293", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.1, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 4.1, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 0.5, impactScore: 3.6, source: "psirt@nvidia.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-11-20T15:15:08.033", references: [ { source: "psirt@nvidia.com", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5263", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5263", }, ], sourceIdentifier: "psirt@nvidia.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-06-30 11:15
Modified
2024-11-21 06:10
Severity ?
6.4 (Medium) - CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Bootloader contains a vulnerability in NVIDIA MB2 where a potential heap overflow might lead to denial of service or escalation of privileges.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| nvidia | jetson_linux | * | |
| nvidia | jetson_agx_xavier_16gb | - | |
| nvidia | jetson_agx_xavier_32gb | - | |
| nvidia | jetson_agx_xavier_8gb | - | |
| nvidia | jetson_tx2 | - | |
| nvidia | jetson_tx2_4gb | - | |
| nvidia | jetson_tx2_nx | - | |
| nvidia | jetson_tx2i | - | |
| nvidia | jetson_xavier_nx | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:nvidia:jetson_linux:*:*:*:*:*:*:*:*", matchCriteriaId: "E8941F71-0292-414E-AEA5-DD55EA3C2009", versionEndExcluding: "32.5.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:nvidia:jetson_agx_xavier_16gb:-:*:*:*:*:*:*:*", matchCriteriaId: "E0E081CB-B6EC-42DC-BA04-BCA13C17D190", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_agx_xavier_32gb:-:*:*:*:*:*:*:*", matchCriteriaId: "4F92D471-8E65-41FC-A5DE-255136F6F989", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_agx_xavier_8gb:-:*:*:*:*:*:*:*", matchCriteriaId: "E29459F7-997A-4B87-9164-6E3B5158ADC3", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2:-:*:*:*:*:*:*:*", matchCriteriaId: "DE9D4A55-A232-4AF2-B7E9-CD58D7D17479", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2_4gb:-:*:*:*:*:*:*:*", matchCriteriaId: "71994F94-5279-4107-99F5-48990AE0C686", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2_nx:-:*:*:*:*:*:*:*", matchCriteriaId: "64C3FB58-08AA-4FE4-97BE-21B254BA229F", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2i:-:*:*:*:*:*:*:*", matchCriteriaId: "5DF55ABB-1B4F-452E-9D84-C01A638F88A0", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:*:*:*:*:*:*", matchCriteriaId: "B0AA5976-FD71-4A53-BD4F-D342E871FEB0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Bootloader contains a vulnerability in NVIDIA MB2 where a potential heap overflow might lead to denial of service or escalation of privileges.", }, { lang: "es", value: "El cargador de arranque contiene una vulnerabilidad en NVIDIA MB2 donde un potencial desbordamiento de pila podría conllevar a una denegación de servicio o una escalada de privilegios", }, ], id: "CVE-2021-34383", lastModified: "2024-11-21T06:10:16.950", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.4, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.5, impactScore: 5.9, source: "psirt@nvidia.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-06-30T11:15:08.800", references: [ { source: "psirt@nvidia.com", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5205", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5205", }, ], sourceIdentifier: "psirt@nvidia.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-06-30 11:15
Modified
2024-11-21 06:10
Severity ?
7.7 (High) - CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Trusty contains a vulnerability in the HDCP service TA where bounds checking in command 10 is missing. The length of an I/O buffer parameter is not checked, which might lead to memory corruption.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| nvidia | jetson_linux | * | |
| nvidia | jetson_agx_xavier_16gb | - | |
| nvidia | jetson_agx_xavier_32gb | - | |
| nvidia | jetson_agx_xavier_8gb | - | |
| nvidia | jetson_tx2 | - | |
| nvidia | jetson_tx2_4gb | - | |
| nvidia | jetson_tx2_nx | - | |
| nvidia | jetson_tx2i | - | |
| nvidia | jetson_xavier_nx | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:nvidia:jetson_linux:*:*:*:*:*:*:*:*", matchCriteriaId: "E8941F71-0292-414E-AEA5-DD55EA3C2009", versionEndExcluding: "32.5.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:nvidia:jetson_agx_xavier_16gb:-:*:*:*:*:*:*:*", matchCriteriaId: "E0E081CB-B6EC-42DC-BA04-BCA13C17D190", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_agx_xavier_32gb:-:*:*:*:*:*:*:*", matchCriteriaId: "4F92D471-8E65-41FC-A5DE-255136F6F989", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_agx_xavier_8gb:-:*:*:*:*:*:*:*", matchCriteriaId: "E29459F7-997A-4B87-9164-6E3B5158ADC3", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2:-:*:*:*:*:*:*:*", matchCriteriaId: "DE9D4A55-A232-4AF2-B7E9-CD58D7D17479", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2_4gb:-:*:*:*:*:*:*:*", matchCriteriaId: "71994F94-5279-4107-99F5-48990AE0C686", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2_nx:-:*:*:*:*:*:*:*", matchCriteriaId: "64C3FB58-08AA-4FE4-97BE-21B254BA229F", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2i:-:*:*:*:*:*:*:*", matchCriteriaId: "5DF55ABB-1B4F-452E-9D84-C01A638F88A0", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:*:*:*:*:*:*", matchCriteriaId: "B0AA5976-FD71-4A53-BD4F-D342E871FEB0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Trusty contains a vulnerability in the HDCP service TA where bounds checking in command 10 is missing. The length of an I/O buffer parameter is not checked, which might lead to memory corruption.", }, { lang: "es", value: "Trusty contiene una vulnerabilidad en el servicio HDCP TA donde falta la comprobación de límites en el comando 10. La longitud de un parámetro del búfer I/O no es comprobada, lo que podría conllevar a una corrupción de memoria", }, ], id: "CVE-2021-34379", lastModified: "2024-11-21T06:10:16.430", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.7, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.1, impactScore: 6, source: "psirt@nvidia.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-06-30T11:15:08.560", references: [ { source: "psirt@nvidia.com", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5205", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5205", }, ], sourceIdentifier: "psirt@nvidia.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-06-22 22:15
Modified
2024-11-21 06:10
Severity ?
4.2 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N
4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Summary
Trusty contains a vulnerability in TSEC TA which deserializes the incoming messages even though the TSEC TA does not expose any command. This vulnerability might allow an attacker to exploit the deserializer to impact code execution, causing information disclosure.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| nvidia | jetson_linux | * | |
| nvidia | jetson_agx_xavier_16gb | - | |
| nvidia | jetson_agx_xavier_32gb | - | |
| nvidia | jetson_agx_xavier_8gb | - | |
| nvidia | jetson_tx1 | - | |
| nvidia | jetson_tx2 | - | |
| nvidia | jetson_tx2_4gb | - | |
| nvidia | jetson_tx2_nx | - | |
| nvidia | jetson_tx2i | - | |
| nvidia | jetson_xavier_nx | - | |
| nvidia | jetson_xavier_nx | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:nvidia:jetson_linux:*:*:*:*:*:*:*:*", matchCriteriaId: "E8941F71-0292-414E-AEA5-DD55EA3C2009", versionEndExcluding: "32.5.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:nvidia:jetson_agx_xavier_16gb:-:*:*:*:*:*:*:*", matchCriteriaId: "E0E081CB-B6EC-42DC-BA04-BCA13C17D190", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_agx_xavier_32gb:-:*:*:*:*:*:*:*", matchCriteriaId: "4F92D471-8E65-41FC-A5DE-255136F6F989", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_agx_xavier_8gb:-:*:*:*:*:*:*:*", matchCriteriaId: "E29459F7-997A-4B87-9164-6E3B5158ADC3", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx1:-:*:*:*:*:*:*:*", matchCriteriaId: "86D1FDAD-C594-43D9-9BF6-F7461177AB91", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2:-:*:*:*:*:*:*:*", matchCriteriaId: "DE9D4A55-A232-4AF2-B7E9-CD58D7D17479", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2_4gb:-:*:*:*:*:*:*:*", matchCriteriaId: "71994F94-5279-4107-99F5-48990AE0C686", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2_nx:-:*:*:*:*:*:*:*", matchCriteriaId: "64C3FB58-08AA-4FE4-97BE-21B254BA229F", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2i:-:*:*:*:*:*:*:*", matchCriteriaId: "5DF55ABB-1B4F-452E-9D84-C01A638F88A0", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:developer_kit:*:*:*:*:*", matchCriteriaId: "3E54B955-F0E2-44BD-9B8C-3C788BBCF2A9", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:production:*:*:*:*:*", matchCriteriaId: "3E0C93C3-26F6-48E4-BADA-4DB05A7BA9D1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Trusty contains a vulnerability in TSEC TA which deserializes the incoming messages even though the TSEC TA does not expose any command. This vulnerability might allow an attacker to exploit the deserializer to impact code execution, causing information disclosure.", }, { lang: "es", value: "Trusty contiene una vulnerabilidad en TSEC TA que deserializa los mensajes entrantes incluso aunque el TSEC TA no exponga ningún comando. Esta vulnerabilidad podría permitir a un atacante explotar el deserializador para impactar en la ejecución de código, causando divulgación de información", }, ], id: "CVE-2021-34393", lastModified: "2024-11-21T06:10:18.307", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.1, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 4.2, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 0.6, impactScore: 3.6, source: "psirt@nvidia.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-06-22T22:15:09.210", references: [ { source: "psirt@nvidia.com", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5205", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5205", }, ], sourceIdentifier: "psirt@nvidia.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-502", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-12-30 23:15
Modified
2024-11-21 07:24
Severity ?
7.9 (High) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N
7.9 (High) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N
7.9 (High) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N
Summary
NVIDIA Trusted OS contains a vulnerability in an SMC call handler, where failure to validate untrusted input may allow a highly privileged local attacker to cause information disclosure and compromise integrity. The scope of the impact can extend to other components.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:nvidia:jetson_linux:*:*:*:*:*:*:*:*", matchCriteriaId: "5C65BE02-61B8-4A4D-84A8-52BCA6895C34", versionEndExcluding: "32.7.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:nvidia:jetson_agx_xavier:-:*:*:*:*:*:*:*", matchCriteriaId: "5DD3D2AA-2A9F-470D-BB0F-A7B7C2EC2490", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_agx_xavier_16gb:-:*:*:*:*:*:*:*", matchCriteriaId: "E0E081CB-B6EC-42DC-BA04-BCA13C17D190", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_agx_xavier_32gb:-:*:*:*:*:*:*:*", matchCriteriaId: "4F92D471-8E65-41FC-A5DE-255136F6F989", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_agx_xavier_64gb:-:*:*:*:*:*:*:*", matchCriteriaId: "B51F666B-F3ED-4CF3-B48E-B39BDE1C2579", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_agx_xavier_8gb:-:*:*:*:*:*:*:*", matchCriteriaId: "E29459F7-997A-4B87-9164-6E3B5158ADC3", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_agx_xavier_industrial:-:*:*:*:*:*:*:*", matchCriteriaId: "3C7C6B22-EBD3-4465-9852-4A4844AA714A", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx1:-:*:*:*:*:*:*:*", matchCriteriaId: "86D1FDAD-C594-43D9-9BF6-F7461177AB91", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2:-:*:*:*:*:*:*:*", matchCriteriaId: "DE9D4A55-A232-4AF2-B7E9-CD58D7D17479", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2_4gb:-:*:*:*:*:*:*:*", matchCriteriaId: "71994F94-5279-4107-99F5-48990AE0C686", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2_nx:-:*:*:*:*:*:*:*", matchCriteriaId: "64C3FB58-08AA-4FE4-97BE-21B254BA229F", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2i:-:*:*:*:*:*:*:*", matchCriteriaId: "5DF55ABB-1B4F-452E-9D84-C01A638F88A0", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:*:*:*:*:*:*", matchCriteriaId: "B0AA5976-FD71-4A53-BD4F-D342E871FEB0", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_xavier_nx_16gb:-:*:*:*:*:*:*:*", matchCriteriaId: "A36028A3-EE83-4158-9039-5C6C795FA048", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "NVIDIA Trusted OS contains a vulnerability in an SMC call handler, where failure to validate untrusted input may allow a highly privileged local attacker to cause information disclosure and compromise integrity. The scope of the impact can extend to other components.", }, { lang: "es", value: "NVIDIA Trusted OS contiene una vulnerabilidad en un controlador de llamadas SMC, donde no validar entradas que no son de confianza puede permitir que un atacante local con privilegios elevados provoque la divulgación de información y comprometa la integridad. El alcance del impacto puede extenderse a otros componentes.", }, ], id: "CVE-2022-42269", lastModified: "2024-11-21T07:24:37.670", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 7.9, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N", version: "3.1", }, exploitabilityScore: 1.5, impactScore: 5.8, source: "psirt@nvidia.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 7.9, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N", version: "3.1", }, exploitabilityScore: 1.5, impactScore: 5.8, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-12-30T23:15:11.750", references: [ { source: "psirt@nvidia.com", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5417", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5417", }, ], sourceIdentifier: "psirt@nvidia.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "psirt@nvidia.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-06-30 11:15
Modified
2024-11-21 06:10
Severity ?
7.7 (High) - CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Trusty contains a vulnerability in the HDCP service TA where bounds checking in command 5 is missing. Improper restriction of operations within the bounds of a memory buffer might lead to denial of service, escalation of privileges, and information disclosure.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| nvidia | jetson_linux | * | |
| nvidia | jetson_agx_xavier_16gb | - | |
| nvidia | jetson_agx_xavier_32gb | - | |
| nvidia | jetson_agx_xavier_8gb | - | |
| nvidia | jetson_tx2 | - | |
| nvidia | jetson_tx2_4gb | - | |
| nvidia | jetson_tx2_nx | - | |
| nvidia | jetson_tx2i | - | |
| nvidia | jetson_xavier_nx | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:nvidia:jetson_linux:*:*:*:*:*:*:*:*", matchCriteriaId: "E8941F71-0292-414E-AEA5-DD55EA3C2009", versionEndExcluding: "32.5.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:nvidia:jetson_agx_xavier_16gb:-:*:*:*:*:*:*:*", matchCriteriaId: "E0E081CB-B6EC-42DC-BA04-BCA13C17D190", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_agx_xavier_32gb:-:*:*:*:*:*:*:*", matchCriteriaId: "4F92D471-8E65-41FC-A5DE-255136F6F989", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_agx_xavier_8gb:-:*:*:*:*:*:*:*", matchCriteriaId: "E29459F7-997A-4B87-9164-6E3B5158ADC3", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2:-:*:*:*:*:*:*:*", matchCriteriaId: "DE9D4A55-A232-4AF2-B7E9-CD58D7D17479", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2_4gb:-:*:*:*:*:*:*:*", matchCriteriaId: "71994F94-5279-4107-99F5-48990AE0C686", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2_nx:-:*:*:*:*:*:*:*", matchCriteriaId: "64C3FB58-08AA-4FE4-97BE-21B254BA229F", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2i:-:*:*:*:*:*:*:*", matchCriteriaId: "5DF55ABB-1B4F-452E-9D84-C01A638F88A0", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:*:*:*:*:*:*", matchCriteriaId: "B0AA5976-FD71-4A53-BD4F-D342E871FEB0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Trusty contains a vulnerability in the HDCP service TA where bounds checking in command 5 is missing. Improper restriction of operations within the bounds of a memory buffer might lead to denial of service, escalation of privileges, and information disclosure.", }, { lang: "es", value: "Trusty contiene una vulnerabilidad en el servicio HDCP TA donde falta la comprobación de límites en el comando 5. La restricción inapropiada de las operaciones dentro de los límites de un búfer de memoria podría conllevar a una denegación de servicio, una escalada de privilegios y la divulgación de información", }, ], id: "CVE-2021-34376", lastModified: "2024-11-21T06:10:16.007", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.7, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.1, impactScore: 6, source: "psirt@nvidia.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-06-30T11:15:08.390", references: [ { source: "psirt@nvidia.com", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5205", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5205", }, ], sourceIdentifier: "psirt@nvidia.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-08-08 17:15
Modified
2024-09-16 19:27
Severity ?
8.7 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L
8.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Summary
NVIDIA Jetson Linux contains a vulnerability in NvGPU where error handling paths in GPU MMU mapping code fail to clean up a failed mapping attempt. A successful exploit of this vulnerability may lead to denial of service, code execution, and escalation of privileges.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@nvidia.com | https://nvidia.custhelp.com/app/answers/detail/a_id/5555 | Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:nvidia:jetson_linux:*:*:*:*:*:*:*:*", matchCriteriaId: "C62FF93F-21E6-41E4-A82C-07AC7DC7951E", versionEndExcluding: "32.7.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:nvidia:jetson_agx_xavier:-:*:*:*:*:*:*:*", matchCriteriaId: "5DD3D2AA-2A9F-470D-BB0F-A7B7C2EC2490", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_agx_xavier_16gb:-:*:*:*:*:*:*:*", matchCriteriaId: "E0E081CB-B6EC-42DC-BA04-BCA13C17D190", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_agx_xavier_32gb:-:*:*:*:*:*:*:*", matchCriteriaId: "4F92D471-8E65-41FC-A5DE-255136F6F989", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_agx_xavier_64gb:-:*:*:*:*:*:*:*", matchCriteriaId: "B51F666B-F3ED-4CF3-B48E-B39BDE1C2579", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_agx_xavier_8gb:-:*:*:*:*:*:*:*", matchCriteriaId: "E29459F7-997A-4B87-9164-6E3B5158ADC3", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_agx_xavier_industrial:-:*:*:*:*:*:*:*", matchCriteriaId: "3C7C6B22-EBD3-4465-9852-4A4844AA714A", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_nano:-:*:*:*:*:*:*:*", matchCriteriaId: "2B2B041F-21A8-4F0B-BBAF-7CDD8B911547", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_nano:-:*:-:*:*:*:*:*", matchCriteriaId: "9244F123-8518-4D81-AD26-5695F27F413B", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_nano:-:*:developer_kit:*:*:*:*:*", matchCriteriaId: "80BF53A0-8FDF-4827-9C00-ED082C4A68C7", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_nano_2gb:-:*:*:*:*:*:*:*", matchCriteriaId: "52E153CA-BE89-4C66-8B72-8901BF592423", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx1:-:*:*:*:*:*:*:*", matchCriteriaId: "86D1FDAD-C594-43D9-9BF6-F7461177AB91", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx1_l4t:-:*:*:*:*:*:*:*", matchCriteriaId: "F08A43AD-CA33-4EA7-9456-C7BDE622FD05", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2:-:*:*:*:*:*:*:*", matchCriteriaId: "DE9D4A55-A232-4AF2-B7E9-CD58D7D17479", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2_4gb:-:*:*:*:*:*:*:*", matchCriteriaId: "71994F94-5279-4107-99F5-48990AE0C686", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2_nx:-:*:*:*:*:*:*:*", matchCriteriaId: "64C3FB58-08AA-4FE4-97BE-21B254BA229F", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2i:-:*:*:*:*:*:*:*", matchCriteriaId: "5DF55ABB-1B4F-452E-9D84-C01A638F88A0", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:*:*:*:*:*:*", matchCriteriaId: "B0AA5976-FD71-4A53-BD4F-D342E871FEB0", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:developer_kit:*:*:*:*:*", matchCriteriaId: "3E54B955-F0E2-44BD-9B8C-3C788BBCF2A9", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:production:*:*:*:*:*", matchCriteriaId: "3E0C93C3-26F6-48E4-BADA-4DB05A7BA9D1", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_xavier_nx_16gb:-:*:*:*:*:*:*:*", matchCriteriaId: "A36028A3-EE83-4158-9039-5C6C795FA048", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "NVIDIA Jetson Linux contains a vulnerability in NvGPU where error handling paths in GPU MMU mapping code fail to clean up a failed mapping attempt. A successful exploit of this vulnerability may lead to denial of service, code execution, and escalation of privileges.", }, { lang: "es", value: "NVIDIA Jetson Linux contiene una vulnerabilidad en NvGPU donde las rutas de manejo de errores en el código de mapeo de GPU MMU no logran limpiar un intento fallido de mapeo. Una explotación exitosa de esta vulnerabilidad puede provocar denegación de servicio, ejecución de código y escalada de privilegios.", }, ], id: "CVE-2024-0108", lastModified: "2024-09-16T19:27:19.833", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 8.7, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L", version: "3.1", }, exploitabilityScore: 2, impactScore: 6, source: "psirt@nvidia.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2, impactScore: 6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-08-08T17:15:18.473", references: [ { source: "psirt@nvidia.com", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5555", }, ], sourceIdentifier: "psirt@nvidia.com", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-755", }, ], source: "psirt@nvidia.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-755", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-11-20 15:15
Modified
2024-11-21 05:51
Severity ?
4.1 (Medium) - CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
4.1 (Medium) - CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
4.1 (Medium) - CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
Summary
NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller, which may allow a user with elevated privileges to access protected information by identifying, exploiting, and loading vulnerable microcode. Such an attack may lead to information disclosure.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:h:nvidia:dgx-1_p100:-:*:*:*:*:*:*:*", matchCriteriaId: "47EAF1F2-41D7-4F6F-A6F4-CDC36F544204", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:dgx-1_v100:-:*:*:*:*:*:*:*", matchCriteriaId: "CBFD6294-13E6-4615-8BB0-7863CC5E62B4", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:dgx-2:-:*:*:*:*:*:*:*", matchCriteriaId: "2578180E-CD9E-4D45-B092-CEFDC3653878", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:dgx_station_a100:-:*:*:*:*:*:*:*", matchCriteriaId: "96A05233-855C-4099-BF73-0D04F8F58A44", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:drive_constellation:-:*:*:*:*:*:*:*", matchCriteriaId: "36517415-0642-4DF2-9CAF-CC73DFD301D3", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_605:-:*:*:*:*:*:*:*", matchCriteriaId: "6A6FE1DB-4930-46B5-868D-4445EF312A33", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_610:-:*:*:*:*:*:*:*", matchCriteriaId: "B600A94B-877D-42BA-B4F7-360198F3ECF6", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_620:-:*:*:*:*:*:*:*", matchCriteriaId: "36438CBB-37FB-455B-AE50-D68726E092BD", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_625:-:*:*:*:*:*:*:*", matchCriteriaId: "EC98A0F7-89B0-4BE0-A6EE-58EA39781E53", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_630:-:*:*:*:*:*:*:*", matchCriteriaId: "0B8C2CAC-B37E-47AD-AF02-C6BF5952DF87", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_635:-:*:*:*:*:*:*:*", matchCriteriaId: "635D27CF-65F3-4166-867E-7FD25EEE5303", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_640:-:*:*:*:*:*:*:*", matchCriteriaId: "95DB79D1-C580-4A62-B177-7E47737147F9", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_705:-:*:*:*:*:*:*:*", matchCriteriaId: "0225FE8D-16A7-4400-94F2-CE857D2255C7", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_710:-:*:*:*:*:*:*:*", matchCriteriaId: "1B72BBAC-CEBD-4405-B1EC-7535794FF5EB", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_720:-:*:*:*:*:*:*:*", matchCriteriaId: "BCC9048C-F848-48AD-BD5D-59D36E684949", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_730:-:*:*:*:*:*:*:*", matchCriteriaId: "A2C9365F-B4A5-4EA2-917B-2F07457017EB", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_740:-:*:*:*:*:*:*:*", matchCriteriaId: "21FE9995-2F38-4257-9FE1-2495D05D1993", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1050:-:*:*:*:*:*:*:*", matchCriteriaId: "D835EE77-6031-40D6-8305-F962F42E7018", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1050_ti:-:*:*:*:*:*:*:*", matchCriteriaId: "49C8D547-A817-4A62-9045-789843998A18", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1060:-:*:*:*:*:*:*:*", matchCriteriaId: "F0ED6F8E-1F82-4C50-9EEF-A5F58DB440AD", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1070:-:*:*:*:*:*:*:*", matchCriteriaId: "E884CEDD-CAA5-489D-A526-B628BB3DE460", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1070_ti:-:*:*:*:*:*:*:*", matchCriteriaId: "73F427BC-F15D-443D-B7F8-B0BB0C52C427", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1080:-:*:*:*:*:*:*:*", matchCriteriaId: "9E3455DE-4408-4603-86B2-5ECE76ED459C", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1080_ti:-:*:*:*:*:*:*:*", matchCriteriaId: "57CA2FAC-9170-4E68-B6A6-E2CD9CCF0600", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1650:-:*:*:*:*:*:*:*", matchCriteriaId: "2E8B18CF-58CF-48C8-A4AE-F6922E215E5C", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1650_super:-:*:*:*:*:*:*:*", matchCriteriaId: "FD84C049-7F87-4C92-9FCB-7BD7382E25E9", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1660:-:*:*:*:*:*:*:*", matchCriteriaId: "573887F7-E422-48AA-8205-56166D81536C", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1660_super:-:*:*:*:*:*:*:*", matchCriteriaId: "DA37A3BB-35DF-4863-9A95-29B631587DB0", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1660_ti:-:*:*:*:*:*:*:*", matchCriteriaId: "D3913E75-6B38-498F-9C6A-A4A8B752D5BC", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_645:-:*:*:*:*:*:*:*", matchCriteriaId: "C519FF2F-0AE9-4290-8115-F60EB9B830C3", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_650:-:*:*:*:*:*:*:*", matchCriteriaId: "0D0E7C6F-C42F-40E1-9DF1-2ED17938DCC1", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_650_ti:-:*:*:*:*:*:*:*", matchCriteriaId: "3A978D1E-BD96-4534-83FE-434F0157AB54", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_650_ti_boost:-:*:*:*:*:*:*:*", matchCriteriaId: "0FCD9648-DA33-4F4F-9AC7-7FB826205729", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_660:-:*:*:*:*:*:*:*", matchCriteriaId: "89B38FD5-B548-4BF7-8E35-37701320569C", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_660_ti:-:*:*:*:*:*:*:*", matchCriteriaId: "7AD0960F-EBEF-4876-8DC6-7B42B799105F", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_670:-:*:*:*:*:*:*:*", matchCriteriaId: "4A4F5E65-0E6F-47FD-8E5B-D00D5F82D467", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_680:-:*:*:*:*:*:*:*", matchCriteriaId: "07F9F2F5-AE1B-4BE5-8D6B-D16967A208F2", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_690:-:*:*:*:*:*:*:*", matchCriteriaId: "8416729C-0339-4B1C-99AC-C132D45744C7", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_745:-:*:*:*:*:*:*:*", matchCriteriaId: "8E733A3A-347E-4147-89AE-9EEC9B4DB787", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_750:-:*:*:*:*:*:*:*", matchCriteriaId: "EDC42D37-5DDE-4545-A4B9-7701749C0982", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_750_ti:-:*:*:*:*:*:*:*", matchCriteriaId: "7F2F1B32-CFEE-4417-843D-880302E4D6FF", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_760:-:*:*:*:*:*:*:*", matchCriteriaId: "B5176FD7-C3F6-4642-831C-1FE33D3E3B35", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_760_ti:-:*:*:*:*:*:*:*", matchCriteriaId: "F61534DC-EA6D-42E8-9AE5-AE6420906318", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_770:-:*:*:*:*:*:*:*", matchCriteriaId: "530C2C04-A37D-442C-BB0E-BEA01864D73C", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_780:-:*:*:*:*:*:*:*", matchCriteriaId: "22A5378C-2395-4D23-BD06-0995C5637857", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_780_ti:-:*:*:*:*:*:*:*", matchCriteriaId: "D651C50E-63D1-4FC6-8EEA-095E17A1342A", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_950:-:*:*:*:*:*:*:*", matchCriteriaId: "52379F40-A0B8-404F-8187-26D085F3568A", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_960:-:*:*:*:*:*:*:*", matchCriteriaId: "29D0D308-1A59-4D8C-930C-2B480E718FB2", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_970:-:*:*:*:*:*:*:*", matchCriteriaId: "B957ED4F-2A0E-4E6E-AF06-CC09722A4008", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_980:-:*:*:*:*:*:*:*", matchCriteriaId: "280BE7CC-3E8C-4630-BDA3-CFC409C2E5A2", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_titan_x:-:*:*:*:*:*:*:*", matchCriteriaId: "5A7ED258-77DC-45FA-B6AE-B9310049ECDE", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_rtx_2060:-:*:*:*:*:*:*:*", matchCriteriaId: "B5743279-2E97-4D92-A43B-732B9AE0979C", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_rtx_2060_super:-:*:*:*:*:*:*:*", matchCriteriaId: "A54F1D17-30C3-4912-858B-B656AE636C58", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_rtx_2070:-:*:*:*:*:*:*:*", matchCriteriaId: "9472E1FC-B22D-437B-A62E-9476A903F2BC", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_rtx_2070_super:-:*:*:*:*:*:*:*", matchCriteriaId: "483E83C0-FD09-4473-8036-A2E1C362A2E0", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_rtx_2080:-:*:*:*:*:*:*:*", matchCriteriaId: "88DEB01F-0C63-4EA1-878A-2DC9701DAA41", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_rtx_2080_super:-:*:*:*:*:*:*:*", matchCriteriaId: "633AB383-A5D6-4F0F-A973-FE777117A856", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_rtx_2080_ti:-:*:*:*:*:*:*:*", matchCriteriaId: "0BF0DE98-5862-4738-A8D5-06C9599B5317", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:gtx_titan:-:*:*:*:*:*:*:*", matchCriteriaId: "114895F2-AE45-4A46-BCFF-FD7C2573D88B", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:gtx_titan_black:-:*:*:*:*:*:*:*", matchCriteriaId: "E4A83155-9EA1-4F67-803F-3F8F692C6729", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:gtx_titan_z:-:*:*:*:*:*:*:*", matchCriteriaId: "FED1874A-9E4B-4725-A130-6CA872D491CA", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:jetson_agx_xavier_16gb:-:*:*:*:*:*:*:*", matchCriteriaId: "E0E081CB-B6EC-42DC-BA04-BCA13C17D190", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:jetson_agx_xavier_32gb:-:*:*:*:*:*:*:*", matchCriteriaId: "4F92D471-8E65-41FC-A5DE-255136F6F989", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:jetson_agx_xavier_8gb:-:*:*:*:*:*:*:*", matchCriteriaId: "E29459F7-997A-4B87-9164-6E3B5158ADC3", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:jetson_nano:-:*:*:*:*:*:*:*", matchCriteriaId: "2B2B041F-21A8-4F0B-BBAF-7CDD8B911547", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:jetson_nano:-:*:-:*:*:*:*:*", matchCriteriaId: "9244F123-8518-4D81-AD26-5695F27F413B", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:jetson_nano:-:*:developer_kit:*:*:*:*:*", matchCriteriaId: "80BF53A0-8FDF-4827-9C00-ED082C4A68C7", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx1:-:*:*:*:*:*:*:*", matchCriteriaId: "86D1FDAD-C594-43D9-9BF6-F7461177AB91", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2:-:*:*:*:*:*:*:*", matchCriteriaId: "DE9D4A55-A232-4AF2-B7E9-CD58D7D17479", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2_4gb:-:*:*:*:*:*:*:*", matchCriteriaId: "71994F94-5279-4107-99F5-48990AE0C686", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2_nx:-:*:*:*:*:*:*:*", matchCriteriaId: "64C3FB58-08AA-4FE4-97BE-21B254BA229F", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2i:-:*:*:*:*:*:*:*", matchCriteriaId: "5DF55ABB-1B4F-452E-9D84-C01A638F88A0", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:*:*:*:*:*:*", matchCriteriaId: "B0AA5976-FD71-4A53-BD4F-D342E871FEB0", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:developer_kit:*:*:*:*:*", matchCriteriaId: "3E54B955-F0E2-44BD-9B8C-3C788BBCF2A9", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:production:*:*:*:*:*", matchCriteriaId: "3E0C93C3-26F6-48E4-BADA-4DB05A7BA9D1", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:nvidia_hgx-2:-:*:*:*:*:*:*:*", matchCriteriaId: "9D697CF9-CBAE-4E29-AA3C-50FEDEB4F20E", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:nvidia_t1000:-:*:*:*:*:*:*:*", matchCriteriaId: "284CDDF2-12D5-4A35-9A1F-496E9112F798", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:nvidia_t2000:-:*:*:*:*:*:*:*", matchCriteriaId: "98CD730F-BBB7-4EE0-93B5-88555B9494B7", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:nvidia_t4:-:*:*:*:*:*:*:*", matchCriteriaId: "1292795D-A6ED-40D6-BE2D-D396909C5D59", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:nvidia_t400:-:*:*:*:*:*:*:*", matchCriteriaId: "80AA0372-BA25-4C5E-B464-13AB660D1D98", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:nvidia_t600:-:*:*:*:*:*:*:*", matchCriteriaId: "F6A7C069-DE2C-4390-8B2C-8A3175D692F7", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_gv100:-:*:*:*:*:*:*:*", matchCriteriaId: "A30CCD00-60D7-42B5-B88C-AF2BD81B796F", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m1000m:-:*:*:*:*:*:*:*", matchCriteriaId: "3896B47E-8787-45D2-96B3-BF4892780F35", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m1200:-:*:*:*:*:*:*:*", matchCriteriaId: "A1E9293F-C51A-40B0-9461-83A31366C8C5", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m2000:-:*:*:*:*:*:*:*", matchCriteriaId: "316C9573-7C7D-4429-8563-B74FD752AC51", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m2000m:-:*:*:*:*:*:*:*", matchCriteriaId: "6FEC13EF-BB2F-4ED2-BC8B-8234ABAEEE02", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m2200:-:*:*:*:*:*:*:*", matchCriteriaId: "E607C924-1682-4348-B6BF-31912E3A3D13", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m3000m:-:*:*:*:*:*:*:*", matchCriteriaId: "B5E13B65-F61B-44D4-B1D7-1E96D9CB45BD", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m4000:-:*:*:*:*:*:*:*", matchCriteriaId: "76ABA317-6621-4D57-874F-307451EC9C2E", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m4000m:-:*:*:*:*:*:*:*", matchCriteriaId: "477D72B5-A3EA-440A-B495-8A09E8564E8D", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m5000:-:*:*:*:*:*:*:*", matchCriteriaId: "F2B507EE-F005-4806-A8FC-8C8D9A31B0DB", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m5000m:-:*:*:*:*:*:*:*", matchCriteriaId: "DAD67DC6-AA36-4F93-B8DB-77EB8C153BCA", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m500m:-:*:*:*:*:*:*:*", matchCriteriaId: "E707A80B-6482-47DD-8BF3-6E58BC2C697A", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m520:-:*:*:*:*:*:*:*", matchCriteriaId: "2F5E94B4-0DF1-4F79-87A0-C90A6131091B", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m5500:-:*:*:*:*:*:*:*", matchCriteriaId: "0E8D2AC7-DC75-4BBA-BF4E-58BF88B49B11", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m6000:-:*:*:*:*:*:*:*", matchCriteriaId: "ED233BC3-6982-41E1-9205-5159C17A4A56", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m600m:-:*:*:*:*:*:*:*", matchCriteriaId: "7C186F38-89C7-4616-A424-201804F842C9", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m620:-:*:*:*:*:*:*:*", matchCriteriaId: "DB2D3A4D-0C03-402F-BB8A-2DE5AE14FDA5", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_p1000:-:*:*:*:*:*:*:*", matchCriteriaId: "DFB1F23E-99C5-4FBC-9E9C-8AD8A05AE8C8", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_p2000:-:*:*:*:*:*:*:*", matchCriteriaId: "05069DB9-7DD0-4FF1-8D98-8DC3A0B2AF77", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_p2200:-:*:*:*:*:*:*:*", matchCriteriaId: "02BC9134-0188-4F79-BAB6-77409617D752", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_p3000:-:*:*:*:*:*:*:*", matchCriteriaId: "BC64DC02-91A7-4E10-9023-6932A4A14D77", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_p3200:-:*:*:*:*:*:*:*", matchCriteriaId: "C91BB45E-C2BF-4B48-892B-82EF5710AA7E", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_p400:-:*:*:*:*:*:*:*", matchCriteriaId: "5E7CC54F-15FE-4ED8-AA5D-900AAFFAEEC6", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_p4000:-:*:*:*:*:*:*:*", matchCriteriaId: "8FBB9DDD-963E-4B10-B0BC-99588C82969F", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_p4200:-:*:*:*:*:*:*:*", matchCriteriaId: "CECB5A97-0088-4ACD-9A9C-964D4C3DE699", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_p500:-:*:*:*:*:*:*:*", matchCriteriaId: "4E57FD81-AC93-49BE-B0E1-FB5699CE7A52", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_p5000:-:*:*:*:*:*:*:*", matchCriteriaId: "DCDC421C-3B8F-4EAA-A2D4-14C14CD7F3DB", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_p520:-:*:*:*:*:*:*:*", matchCriteriaId: "453E0F78-7B35-42B2-B5FA-43ACE9F7602A", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_p5200:-:*:*:*:*:*:*:*", matchCriteriaId: "004D6C59-E6C9-4E0E-BBA8-8E3AD0F0BC1F", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_p600:-:*:*:*:*:*:*:*", matchCriteriaId: "BC5FA1F3-5D7E-4085-B5D3-D86CF5A6E412", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_p6000:-:*:*:*:*:*:*:*", matchCriteriaId: "60176B23-2751-4415-A0D3-DF1BE640F6C3", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_p620:-:*:*:*:*:*:*:*", matchCriteriaId: "3F9219FD-849D-4A0A-97F0-85492B4B2189", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_rtx_3000:-:*:*:*:*:*:*:*", matchCriteriaId: "7F4AB1BC-2B82-4C12-96B0-B269462032B3", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_rtx_4000:-:*:*:*:*:*:*:*", matchCriteriaId: "323643CB-D03C-47D1-9FAF-0A5C0777DF61", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_rtx_5000:-:*:*:*:*:*:*:*", matchCriteriaId: "A5175F77-1E61-4296-AFDD-F00D1C0B5560", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_rtx_6000:-:*:*:*:*:*:*:*", matchCriteriaId: "F06F4994-5EDF-4652-B673-4F90907994DE", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_rtx_8000:-:*:*:*:*:*:*:*", matchCriteriaId: "66216B9A-F79D-4681-BBC4-6F5D80A3E5EE", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_t1000:-:*:*:*:*:*:*:*", matchCriteriaId: "33D439F5-86EC-47FC-826A-229C028EB149", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_t2000:-:*:*:*:*:*:*:*", matchCriteriaId: "CD476101-4981-46F9-9898-717701C0CAE0", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_t400:-:*:*:*:*:*:*:*", matchCriteriaId: "85351FD4-28CD-4392-B154-90E4DE270F7F", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_t600:-:*:*:*:*:*:*:*", matchCriteriaId: "109B8099-C1AD-4695-877A-13B4301FEBB7", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:shield_tv:-:*:*:*:*:*:*:*", matchCriteriaId: "49F85C44-6B7E-4B7C-AC8D-9D5727DFA0B8", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:shield_tv_pro:-:*:*:*:*:*:*:*", matchCriteriaId: "76300BC2-B496-4B4D-979B-6C56F590449A", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:tesla_m10:-:*:*:*:*:*:*:*", matchCriteriaId: "343850DA-E975-467A-99A2-852E24135DD2", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:tesla_m4:-:*:*:*:*:*:*:*", matchCriteriaId: "B8C459A6-EE1D-482F-BC23-866836870512", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:tesla_m40:-:*:*:*:*:*:*:*", matchCriteriaId: "A6DDBF7C-C346-4515-AD0D-922E7E2F09E8", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:tesla_m6:-:*:*:*:*:*:*:*", matchCriteriaId: "2E92C2C2-1CF7-4531-B431-D67BF6049635", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:tesla_m60:-:*:*:*:*:*:*:*", matchCriteriaId: "44B63168-6671-4D31-A984-B0A0F71CB799", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:tesla_p100:-:*:*:*:*:*:*:*", matchCriteriaId: "6299665D-182A-4F2C-B451-1103B943CAE2", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:tesla_p4:-:*:*:*:*:*:*:*", matchCriteriaId: "EDCAD45A-986C-42AE-80F6-728E9427187C", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:tesla_p40:-:*:*:*:*:*:*:*", matchCriteriaId: "B4D9D634-1F0C-49A7-B680-24423CA6468E", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:tesla_p6:-:*:*:*:*:*:*:*", matchCriteriaId: "656DD5D8-A9DC-4A18-A444-C1D73580C6E9", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:tesla_v100:-:*:*:*:*:*:*:*", matchCriteriaId: "B2CC382C-4F8D-471B-B525-DE28D60E14EF", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:tesla_v100s:-:*:*:*:*:*:*:*", matchCriteriaId: "E5E8719D-831E-4703-9989-A33782F4FFBE", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:titan_rtx:-:*:*:*:*:*:*:*", matchCriteriaId: "C494A0AF-5DBF-47BE-8156-3CB876BAE779", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:titan_v:-:*:*:*:*:*:*:*", matchCriteriaId: "8751F9FE-920A-4438-B0E3-F6F493B1B72C", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:titan_x:-:*:*:*:*:*:*:*", matchCriteriaId: "2FABA79A-A70A-40A5-ADA7-893EAB42FE9E", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:titan_xp:-:*:*:*:*:*:*:*", matchCriteriaId: "0C9A97E1-2F0F-495D-97E8-0538AAC066EE", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", matchCriteriaId: "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", vulnerable: false, }, { criteria: "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", matchCriteriaId: "A2572D17-1DE6-457B-99CC-64AFD54487EA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller, which may allow a user with elevated privileges to access protected information by identifying, exploiting, and loading vulnerable microcode. Such an attack may lead to information disclosure.", }, { lang: "es", value: "La GPU NVIDIA y el hardware Tegra contienen una vulnerabilidad en el microcontrolador interno que puede permitir a un usuario con privilegios elevados acceder a información protegida identificando, explotando y cargando microcódigo vulnerable. Un ataque de este tipo puede conducir a la divulgación de información", }, ], id: "CVE-2021-23219", lastModified: "2024-11-21T05:51:23.760", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "MEDIUM", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 1.9, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:L/AC:M/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 3.4, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 4.1, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 0.5, impactScore: 3.6, source: "psirt@nvidia.com", type: "Secondary", }, { cvssData: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 4.1, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 0.5, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-11-20T15:15:07.933", references: [ { source: "psirt@nvidia.com", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5263", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5263", }, ], sourceIdentifier: "psirt@nvidia.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-11-20 15:15
Modified
2024-11-21 06:10
Severity ?
4.1 (Medium) - CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Summary
NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to gain access to information from unscrubbed registers, which may lead to information disclosure.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:h:nvidia:dgx-1_p100:-:*:*:*:*:*:*:*", matchCriteriaId: "47EAF1F2-41D7-4F6F-A6F4-CDC36F544204", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:dgx-1_v100:-:*:*:*:*:*:*:*", matchCriteriaId: "CBFD6294-13E6-4615-8BB0-7863CC5E62B4", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:dgx-2:-:*:*:*:*:*:*:*", matchCriteriaId: "2578180E-CD9E-4D45-B092-CEFDC3653878", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:dgx_station_a100:-:*:*:*:*:*:*:*", matchCriteriaId: "96A05233-855C-4099-BF73-0D04F8F58A44", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:drive_constellation:-:*:*:*:*:*:*:*", matchCriteriaId: "36517415-0642-4DF2-9CAF-CC73DFD301D3", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_605:-:*:*:*:*:*:*:*", matchCriteriaId: "6A6FE1DB-4930-46B5-868D-4445EF312A33", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_610:-:*:*:*:*:*:*:*", matchCriteriaId: "B600A94B-877D-42BA-B4F7-360198F3ECF6", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_620:-:*:*:*:*:*:*:*", matchCriteriaId: "36438CBB-37FB-455B-AE50-D68726E092BD", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_625:-:*:*:*:*:*:*:*", matchCriteriaId: "EC98A0F7-89B0-4BE0-A6EE-58EA39781E53", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_630:-:*:*:*:*:*:*:*", matchCriteriaId: "0B8C2CAC-B37E-47AD-AF02-C6BF5952DF87", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_635:-:*:*:*:*:*:*:*", matchCriteriaId: "635D27CF-65F3-4166-867E-7FD25EEE5303", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_640:-:*:*:*:*:*:*:*", matchCriteriaId: "95DB79D1-C580-4A62-B177-7E47737147F9", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_705:-:*:*:*:*:*:*:*", matchCriteriaId: "0225FE8D-16A7-4400-94F2-CE857D2255C7", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_710:-:*:*:*:*:*:*:*", matchCriteriaId: "1B72BBAC-CEBD-4405-B1EC-7535794FF5EB", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_720:-:*:*:*:*:*:*:*", matchCriteriaId: "BCC9048C-F848-48AD-BD5D-59D36E684949", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_730:-:*:*:*:*:*:*:*", matchCriteriaId: "A2C9365F-B4A5-4EA2-917B-2F07457017EB", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_740:-:*:*:*:*:*:*:*", matchCriteriaId: "21FE9995-2F38-4257-9FE1-2495D05D1993", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1050:-:*:*:*:*:*:*:*", matchCriteriaId: "D835EE77-6031-40D6-8305-F962F42E7018", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1050_ti:-:*:*:*:*:*:*:*", matchCriteriaId: "49C8D547-A817-4A62-9045-789843998A18", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1060:-:*:*:*:*:*:*:*", matchCriteriaId: "F0ED6F8E-1F82-4C50-9EEF-A5F58DB440AD", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1070:-:*:*:*:*:*:*:*", matchCriteriaId: "E884CEDD-CAA5-489D-A526-B628BB3DE460", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1070_ti:-:*:*:*:*:*:*:*", matchCriteriaId: "73F427BC-F15D-443D-B7F8-B0BB0C52C427", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1080:-:*:*:*:*:*:*:*", matchCriteriaId: "9E3455DE-4408-4603-86B2-5ECE76ED459C", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1080_ti:-:*:*:*:*:*:*:*", matchCriteriaId: "57CA2FAC-9170-4E68-B6A6-E2CD9CCF0600", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1650:-:*:*:*:*:*:*:*", matchCriteriaId: "2E8B18CF-58CF-48C8-A4AE-F6922E215E5C", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1650_super:-:*:*:*:*:*:*:*", matchCriteriaId: "FD84C049-7F87-4C92-9FCB-7BD7382E25E9", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1660:-:*:*:*:*:*:*:*", matchCriteriaId: "573887F7-E422-48AA-8205-56166D81536C", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1660_super:-:*:*:*:*:*:*:*", matchCriteriaId: "DA37A3BB-35DF-4863-9A95-29B631587DB0", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_1660_ti:-:*:*:*:*:*:*:*", matchCriteriaId: "D3913E75-6B38-498F-9C6A-A4A8B752D5BC", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_645:-:*:*:*:*:*:*:*", matchCriteriaId: "C519FF2F-0AE9-4290-8115-F60EB9B830C3", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_650:-:*:*:*:*:*:*:*", matchCriteriaId: "0D0E7C6F-C42F-40E1-9DF1-2ED17938DCC1", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_650_ti:-:*:*:*:*:*:*:*", matchCriteriaId: "3A978D1E-BD96-4534-83FE-434F0157AB54", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_650_ti_boost:-:*:*:*:*:*:*:*", matchCriteriaId: "0FCD9648-DA33-4F4F-9AC7-7FB826205729", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_660:-:*:*:*:*:*:*:*", matchCriteriaId: "89B38FD5-B548-4BF7-8E35-37701320569C", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_660_ti:-:*:*:*:*:*:*:*", matchCriteriaId: "7AD0960F-EBEF-4876-8DC6-7B42B799105F", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_670:-:*:*:*:*:*:*:*", matchCriteriaId: "4A4F5E65-0E6F-47FD-8E5B-D00D5F82D467", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_680:-:*:*:*:*:*:*:*", matchCriteriaId: "07F9F2F5-AE1B-4BE5-8D6B-D16967A208F2", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_690:-:*:*:*:*:*:*:*", matchCriteriaId: "8416729C-0339-4B1C-99AC-C132D45744C7", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_745:-:*:*:*:*:*:*:*", matchCriteriaId: "8E733A3A-347E-4147-89AE-9EEC9B4DB787", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_750:-:*:*:*:*:*:*:*", matchCriteriaId: "EDC42D37-5DDE-4545-A4B9-7701749C0982", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_750_ti:-:*:*:*:*:*:*:*", matchCriteriaId: "7F2F1B32-CFEE-4417-843D-880302E4D6FF", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_760:-:*:*:*:*:*:*:*", matchCriteriaId: "B5176FD7-C3F6-4642-831C-1FE33D3E3B35", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_760_ti:-:*:*:*:*:*:*:*", matchCriteriaId: "F61534DC-EA6D-42E8-9AE5-AE6420906318", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_770:-:*:*:*:*:*:*:*", matchCriteriaId: "530C2C04-A37D-442C-BB0E-BEA01864D73C", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_780:-:*:*:*:*:*:*:*", matchCriteriaId: "22A5378C-2395-4D23-BD06-0995C5637857", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_780_ti:-:*:*:*:*:*:*:*", matchCriteriaId: "D651C50E-63D1-4FC6-8EEA-095E17A1342A", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_950:-:*:*:*:*:*:*:*", matchCriteriaId: "52379F40-A0B8-404F-8187-26D085F3568A", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_960:-:*:*:*:*:*:*:*", matchCriteriaId: "29D0D308-1A59-4D8C-930C-2B480E718FB2", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_970:-:*:*:*:*:*:*:*", matchCriteriaId: "B957ED4F-2A0E-4E6E-AF06-CC09722A4008", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_980:-:*:*:*:*:*:*:*", matchCriteriaId: "280BE7CC-3E8C-4630-BDA3-CFC409C2E5A2", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_titan_x:-:*:*:*:*:*:*:*", matchCriteriaId: "5A7ED258-77DC-45FA-B6AE-B9310049ECDE", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_rtx_2060:-:*:*:*:*:*:*:*", matchCriteriaId: "B5743279-2E97-4D92-A43B-732B9AE0979C", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_rtx_2060_super:-:*:*:*:*:*:*:*", matchCriteriaId: "A54F1D17-30C3-4912-858B-B656AE636C58", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_rtx_2070:-:*:*:*:*:*:*:*", matchCriteriaId: "9472E1FC-B22D-437B-A62E-9476A903F2BC", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_rtx_2070_super:-:*:*:*:*:*:*:*", matchCriteriaId: "483E83C0-FD09-4473-8036-A2E1C362A2E0", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_rtx_2080:-:*:*:*:*:*:*:*", matchCriteriaId: "88DEB01F-0C63-4EA1-878A-2DC9701DAA41", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_rtx_2080_super:-:*:*:*:*:*:*:*", matchCriteriaId: "633AB383-A5D6-4F0F-A973-FE777117A856", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_rtx_2080_ti:-:*:*:*:*:*:*:*", matchCriteriaId: "0BF0DE98-5862-4738-A8D5-06C9599B5317", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:gtx_titan:-:*:*:*:*:*:*:*", matchCriteriaId: "114895F2-AE45-4A46-BCFF-FD7C2573D88B", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:gtx_titan_black:-:*:*:*:*:*:*:*", matchCriteriaId: "E4A83155-9EA1-4F67-803F-3F8F692C6729", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:gtx_titan_z:-:*:*:*:*:*:*:*", matchCriteriaId: "FED1874A-9E4B-4725-A130-6CA872D491CA", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:jetson_agx_xavier_16gb:-:*:*:*:*:*:*:*", matchCriteriaId: "E0E081CB-B6EC-42DC-BA04-BCA13C17D190", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:jetson_agx_xavier_32gb:-:*:*:*:*:*:*:*", matchCriteriaId: "4F92D471-8E65-41FC-A5DE-255136F6F989", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:jetson_agx_xavier_8gb:-:*:*:*:*:*:*:*", matchCriteriaId: "E29459F7-997A-4B87-9164-6E3B5158ADC3", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:jetson_nano:-:*:*:*:*:*:*:*", matchCriteriaId: "2B2B041F-21A8-4F0B-BBAF-7CDD8B911547", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:jetson_nano:-:*:-:*:*:*:*:*", matchCriteriaId: "9244F123-8518-4D81-AD26-5695F27F413B", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:jetson_nano:-:*:developer_kit:*:*:*:*:*", matchCriteriaId: "80BF53A0-8FDF-4827-9C00-ED082C4A68C7", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx1:-:*:*:*:*:*:*:*", matchCriteriaId: "86D1FDAD-C594-43D9-9BF6-F7461177AB91", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2:-:*:*:*:*:*:*:*", matchCriteriaId: "DE9D4A55-A232-4AF2-B7E9-CD58D7D17479", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2_4gb:-:*:*:*:*:*:*:*", matchCriteriaId: "71994F94-5279-4107-99F5-48990AE0C686", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2_nx:-:*:*:*:*:*:*:*", matchCriteriaId: "64C3FB58-08AA-4FE4-97BE-21B254BA229F", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2i:-:*:*:*:*:*:*:*", matchCriteriaId: "5DF55ABB-1B4F-452E-9D84-C01A638F88A0", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:*:*:*:*:*:*", matchCriteriaId: "B0AA5976-FD71-4A53-BD4F-D342E871FEB0", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:developer_kit:*:*:*:*:*", matchCriteriaId: "3E54B955-F0E2-44BD-9B8C-3C788BBCF2A9", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:production:*:*:*:*:*", matchCriteriaId: "3E0C93C3-26F6-48E4-BADA-4DB05A7BA9D1", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:nvidia_hgx-2:-:*:*:*:*:*:*:*", matchCriteriaId: "9D697CF9-CBAE-4E29-AA3C-50FEDEB4F20E", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:nvidia_t1000:-:*:*:*:*:*:*:*", matchCriteriaId: "284CDDF2-12D5-4A35-9A1F-496E9112F798", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:nvidia_t2000:-:*:*:*:*:*:*:*", matchCriteriaId: "98CD730F-BBB7-4EE0-93B5-88555B9494B7", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:nvidia_t4:-:*:*:*:*:*:*:*", matchCriteriaId: "1292795D-A6ED-40D6-BE2D-D396909C5D59", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:nvidia_t400:-:*:*:*:*:*:*:*", matchCriteriaId: "80AA0372-BA25-4C5E-B464-13AB660D1D98", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:nvidia_t600:-:*:*:*:*:*:*:*", matchCriteriaId: "F6A7C069-DE2C-4390-8B2C-8A3175D692F7", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_gv100:-:*:*:*:*:*:*:*", matchCriteriaId: "A30CCD00-60D7-42B5-B88C-AF2BD81B796F", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m1000m:-:*:*:*:*:*:*:*", matchCriteriaId: "3896B47E-8787-45D2-96B3-BF4892780F35", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m1200:-:*:*:*:*:*:*:*", matchCriteriaId: "A1E9293F-C51A-40B0-9461-83A31366C8C5", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m2000:-:*:*:*:*:*:*:*", matchCriteriaId: "316C9573-7C7D-4429-8563-B74FD752AC51", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m2000m:-:*:*:*:*:*:*:*", matchCriteriaId: "6FEC13EF-BB2F-4ED2-BC8B-8234ABAEEE02", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m2200:-:*:*:*:*:*:*:*", matchCriteriaId: "E607C924-1682-4348-B6BF-31912E3A3D13", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m3000m:-:*:*:*:*:*:*:*", matchCriteriaId: "B5E13B65-F61B-44D4-B1D7-1E96D9CB45BD", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m4000:-:*:*:*:*:*:*:*", matchCriteriaId: "76ABA317-6621-4D57-874F-307451EC9C2E", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m4000m:-:*:*:*:*:*:*:*", matchCriteriaId: "477D72B5-A3EA-440A-B495-8A09E8564E8D", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m5000:-:*:*:*:*:*:*:*", matchCriteriaId: "F2B507EE-F005-4806-A8FC-8C8D9A31B0DB", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m5000m:-:*:*:*:*:*:*:*", matchCriteriaId: "DAD67DC6-AA36-4F93-B8DB-77EB8C153BCA", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m500m:-:*:*:*:*:*:*:*", matchCriteriaId: "E707A80B-6482-47DD-8BF3-6E58BC2C697A", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m520:-:*:*:*:*:*:*:*", matchCriteriaId: "2F5E94B4-0DF1-4F79-87A0-C90A6131091B", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m5500:-:*:*:*:*:*:*:*", matchCriteriaId: "0E8D2AC7-DC75-4BBA-BF4E-58BF88B49B11", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m6000:-:*:*:*:*:*:*:*", matchCriteriaId: "ED233BC3-6982-41E1-9205-5159C17A4A56", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m600m:-:*:*:*:*:*:*:*", matchCriteriaId: "7C186F38-89C7-4616-A424-201804F842C9", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m620:-:*:*:*:*:*:*:*", matchCriteriaId: "DB2D3A4D-0C03-402F-BB8A-2DE5AE14FDA5", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_p1000:-:*:*:*:*:*:*:*", matchCriteriaId: "DFB1F23E-99C5-4FBC-9E9C-8AD8A05AE8C8", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_p2000:-:*:*:*:*:*:*:*", matchCriteriaId: "05069DB9-7DD0-4FF1-8D98-8DC3A0B2AF77", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_p2200:-:*:*:*:*:*:*:*", matchCriteriaId: "02BC9134-0188-4F79-BAB6-77409617D752", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_p3000:-:*:*:*:*:*:*:*", matchCriteriaId: "BC64DC02-91A7-4E10-9023-6932A4A14D77", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_p3200:-:*:*:*:*:*:*:*", matchCriteriaId: "C91BB45E-C2BF-4B48-892B-82EF5710AA7E", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_p400:-:*:*:*:*:*:*:*", matchCriteriaId: "5E7CC54F-15FE-4ED8-AA5D-900AAFFAEEC6", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_p4000:-:*:*:*:*:*:*:*", matchCriteriaId: "8FBB9DDD-963E-4B10-B0BC-99588C82969F", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_p4200:-:*:*:*:*:*:*:*", matchCriteriaId: "CECB5A97-0088-4ACD-9A9C-964D4C3DE699", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_p500:-:*:*:*:*:*:*:*", matchCriteriaId: "4E57FD81-AC93-49BE-B0E1-FB5699CE7A52", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_p5000:-:*:*:*:*:*:*:*", matchCriteriaId: "DCDC421C-3B8F-4EAA-A2D4-14C14CD7F3DB", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_p520:-:*:*:*:*:*:*:*", matchCriteriaId: "453E0F78-7B35-42B2-B5FA-43ACE9F7602A", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_p5200:-:*:*:*:*:*:*:*", matchCriteriaId: "004D6C59-E6C9-4E0E-BBA8-8E3AD0F0BC1F", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_p600:-:*:*:*:*:*:*:*", matchCriteriaId: "BC5FA1F3-5D7E-4085-B5D3-D86CF5A6E412", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_p6000:-:*:*:*:*:*:*:*", matchCriteriaId: "60176B23-2751-4415-A0D3-DF1BE640F6C3", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_p620:-:*:*:*:*:*:*:*", matchCriteriaId: "3F9219FD-849D-4A0A-97F0-85492B4B2189", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_rtx_3000:-:*:*:*:*:*:*:*", matchCriteriaId: "7F4AB1BC-2B82-4C12-96B0-B269462032B3", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_rtx_4000:-:*:*:*:*:*:*:*", matchCriteriaId: "323643CB-D03C-47D1-9FAF-0A5C0777DF61", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_rtx_5000:-:*:*:*:*:*:*:*", matchCriteriaId: "A5175F77-1E61-4296-AFDD-F00D1C0B5560", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_rtx_6000:-:*:*:*:*:*:*:*", matchCriteriaId: "F06F4994-5EDF-4652-B673-4F90907994DE", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_rtx_8000:-:*:*:*:*:*:*:*", matchCriteriaId: "66216B9A-F79D-4681-BBC4-6F5D80A3E5EE", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_t1000:-:*:*:*:*:*:*:*", matchCriteriaId: "33D439F5-86EC-47FC-826A-229C028EB149", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_t2000:-:*:*:*:*:*:*:*", matchCriteriaId: "CD476101-4981-46F9-9898-717701C0CAE0", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_t400:-:*:*:*:*:*:*:*", matchCriteriaId: "85351FD4-28CD-4392-B154-90E4DE270F7F", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_t600:-:*:*:*:*:*:*:*", matchCriteriaId: "109B8099-C1AD-4695-877A-13B4301FEBB7", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:shield_tv:-:*:*:*:*:*:*:*", matchCriteriaId: "49F85C44-6B7E-4B7C-AC8D-9D5727DFA0B8", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:shield_tv_pro:-:*:*:*:*:*:*:*", matchCriteriaId: "76300BC2-B496-4B4D-979B-6C56F590449A", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:tesla_m10:-:*:*:*:*:*:*:*", matchCriteriaId: "343850DA-E975-467A-99A2-852E24135DD2", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:tesla_m4:-:*:*:*:*:*:*:*", matchCriteriaId: "B8C459A6-EE1D-482F-BC23-866836870512", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:tesla_m40:-:*:*:*:*:*:*:*", matchCriteriaId: "A6DDBF7C-C346-4515-AD0D-922E7E2F09E8", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:tesla_m6:-:*:*:*:*:*:*:*", matchCriteriaId: "2E92C2C2-1CF7-4531-B431-D67BF6049635", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:tesla_m60:-:*:*:*:*:*:*:*", matchCriteriaId: "44B63168-6671-4D31-A984-B0A0F71CB799", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:tesla_p100:-:*:*:*:*:*:*:*", matchCriteriaId: "6299665D-182A-4F2C-B451-1103B943CAE2", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:tesla_p4:-:*:*:*:*:*:*:*", matchCriteriaId: "EDCAD45A-986C-42AE-80F6-728E9427187C", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:tesla_p40:-:*:*:*:*:*:*:*", matchCriteriaId: "B4D9D634-1F0C-49A7-B680-24423CA6468E", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:tesla_p6:-:*:*:*:*:*:*:*", matchCriteriaId: "656DD5D8-A9DC-4A18-A444-C1D73580C6E9", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:tesla_v100:-:*:*:*:*:*:*:*", matchCriteriaId: "B2CC382C-4F8D-471B-B525-DE28D60E14EF", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:tesla_v100s:-:*:*:*:*:*:*:*", matchCriteriaId: "E5E8719D-831E-4703-9989-A33782F4FFBE", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:titan_rtx:-:*:*:*:*:*:*:*", matchCriteriaId: "C494A0AF-5DBF-47BE-8156-3CB876BAE779", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:titan_v:-:*:*:*:*:*:*:*", matchCriteriaId: "8751F9FE-920A-4438-B0E3-F6F493B1B72C", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:titan_x:-:*:*:*:*:*:*:*", matchCriteriaId: "2FABA79A-A70A-40A5-ADA7-893EAB42FE9E", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:titan_xp:-:*:*:*:*:*:*:*", matchCriteriaId: "0C9A97E1-2F0F-495D-97E8-0538AAC066EE", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", matchCriteriaId: "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", vulnerable: false, }, { criteria: "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", matchCriteriaId: "A2572D17-1DE6-457B-99CC-64AFD54487EA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to gain access to information from unscrubbed registers, which may lead to information disclosure.", }, { lang: "es", value: "La GPU NVIDIA y el hardware Tegra contienen una vulnerabilidad en el microcontrolador interno que puede permitir a un usuario con altos privilegios acceder a información de registros no depurados, que puede conllevar a una divulgación de información", }, ], id: "CVE-2021-34399", lastModified: "2024-11-21T06:10:19.100", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.1, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 4.1, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 0.5, impactScore: 3.6, source: "psirt@nvidia.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-11-20T15:15:07.983", references: [ { source: "psirt@nvidia.com", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5263", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5263", }, ], sourceIdentifier: "psirt@nvidia.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-08-11 22:15
Modified
2024-11-21 05:43
Severity ?
7.3 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H
7.3 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H
7.3 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H
Summary
NVIDIA Linux kernel distributions contain a vulnerability in FuSa Capture (VI/ISP), where integer underflow due to lack of input validation may lead to complete denial of service, partial integrity, and serious confidentiality loss for all processes in the system.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| nvidia | jetson_linux | * | |
| nvidia | jetson_agx_xavier | - | |
| nvidia | jetson_nano | - | |
| nvidia | jetson_nano_2gb | - | |
| nvidia | jetson_tx1 | - | |
| nvidia | jetson_tx2 | - | |
| nvidia | jetson_tx2_nx | - | |
| nvidia | jetson_xavier_nx | - | |
| nvidia | shield_experience | * | |
| nvidia | shield_tv | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:nvidia:jetson_linux:*:*:*:*:*:*:*:*", matchCriteriaId: "9E69A431-2B5A-4718-BCD2-CA2D1077641B", versionEndExcluding: "32.6.1", versionStartIncluding: "32.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:nvidia:jetson_agx_xavier:-:*:*:*:*:*:*:*", matchCriteriaId: "5DD3D2AA-2A9F-470D-BB0F-A7B7C2EC2490", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_nano:-:*:*:*:*:*:*:*", matchCriteriaId: "2B2B041F-21A8-4F0B-BBAF-7CDD8B911547", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_nano_2gb:-:*:*:*:*:*:*:*", matchCriteriaId: "52E153CA-BE89-4C66-8B72-8901BF592423", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx1:-:*:*:*:*:*:*:*", matchCriteriaId: "86D1FDAD-C594-43D9-9BF6-F7461177AB91", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2:-:*:*:*:*:*:*:*", matchCriteriaId: "DE9D4A55-A232-4AF2-B7E9-CD58D7D17479", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2_nx:-:*:*:*:*:*:*:*", matchCriteriaId: "64C3FB58-08AA-4FE4-97BE-21B254BA229F", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:*:*:*:*:*:*", matchCriteriaId: "B0AA5976-FD71-4A53-BD4F-D342E871FEB0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:shield_experience:*:*:*:*:*:*:*:*", matchCriteriaId: "71B40848-51B9-47D6-83D9-B45EDBA785DA", versionEndExcluding: "9.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:nvidia:shield_tv:-:*:*:*:*:*:*:*", matchCriteriaId: "49F85C44-6B7E-4B7C-AC8D-9D5727DFA0B8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "NVIDIA Linux kernel distributions contain a vulnerability in FuSa Capture (VI/ISP), where integer underflow due to lack of input validation may lead to complete denial of service, partial integrity, and serious confidentiality loss for all processes in the system.", }, { lang: "es", value: "Las distribuciones del kernel de Linux de NVIDIA contienen una vulnerabilidad en FuSa Capture (VI/ISP), en la que un desbordamiento de enteros debido a la falta de comprobación de entrada puede conllevar a una denegación de servicio completa, una integridad parcial y una grave pérdida de confidencialidad para todos los procesos del sistema", }, ], id: "CVE-2021-1108", lastModified: "2024-11-21T05:43:36.800", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.3, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.5, source: "psirt@nvidia.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.3, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.5, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-08-11T22:15:08.127", references: [ { source: "psirt@nvidia.com", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5216", }, { source: "psirt@nvidia.com", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5259", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5216", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5259", }, ], sourceIdentifier: "psirt@nvidia.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-191", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-06-23 18:15
Modified
2024-11-21 07:49
Severity ?
4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
NVIDIA Jetson Linux Driver Package contains a vulnerability in nvbootctrl, where a privileged local attacker can configure invalid settings, resulting in denial of service.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| nvidia | jetson_linux | * | |
| nvidia | jetson_agx_xavier | - | |
| nvidia | jetson_tx2 | - | |
| nvidia | jetson_tx2_nx | - | |
| nvidia | jetson_xavier_nx | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:nvidia:jetson_linux:*:*:*:*:*:*:*:*", matchCriteriaId: "4F98866A-11A7-4529-B67F-106637A95767", versionEndExcluding: "32.7.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:nvidia:jetson_agx_xavier:-:*:*:*:*:*:*:*", matchCriteriaId: "5DD3D2AA-2A9F-470D-BB0F-A7B7C2EC2490", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2:-:*:*:*:*:*:*:*", matchCriteriaId: "DE9D4A55-A232-4AF2-B7E9-CD58D7D17479", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2_nx:-:*:*:*:*:*:*:*", matchCriteriaId: "64C3FB58-08AA-4FE4-97BE-21B254BA229F", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:*:*:*:*:*:*", matchCriteriaId: "B0AA5976-FD71-4A53-BD4F-D342E871FEB0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "\nNVIDIA Jetson Linux Driver Package contains a vulnerability in nvbootctrl, where a privileged local attacker can configure invalid settings, resulting in denial of service.\n\n", }, ], id: "CVE-2023-25520", lastModified: "2024-11-21T07:49:39.520", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 3.6, source: "psirt@nvidia.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-06-23T18:15:11.033", references: [ { source: "psirt@nvidia.com", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5466", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5466", }, ], sourceIdentifier: "psirt@nvidia.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "psirt@nvidia.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-08-11 22:15
Modified
2024-11-21 05:43
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
NVIDIA Linux kernel distributions contain a vulnerability in nvmap, where writes may be allowed to read-only buffers, which may result in escalation of privileges, complete denial of service, unconstrained information disclosure, and serious data tampering of all processes on the system.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| nvidia | jetson_linux | * | |
| nvidia | jetson_agx_xavier | - | |
| nvidia | jetson_nano | - | |
| nvidia | jetson_nano_2gb | - | |
| nvidia | jetson_tx1 | - | |
| nvidia | jetson_tx2 | - | |
| nvidia | jetson_tx2_nx | - | |
| nvidia | jetson_xavier_nx | - | |
| nvidia | shield_experience | * | |
| nvidia | shield_tv | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:nvidia:jetson_linux:*:*:*:*:*:*:*:*", matchCriteriaId: "9E69A431-2B5A-4718-BCD2-CA2D1077641B", versionEndExcluding: "32.6.1", versionStartIncluding: "32.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:nvidia:jetson_agx_xavier:-:*:*:*:*:*:*:*", matchCriteriaId: "5DD3D2AA-2A9F-470D-BB0F-A7B7C2EC2490", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_nano:-:*:*:*:*:*:*:*", matchCriteriaId: "2B2B041F-21A8-4F0B-BBAF-7CDD8B911547", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_nano_2gb:-:*:*:*:*:*:*:*", matchCriteriaId: "52E153CA-BE89-4C66-8B72-8901BF592423", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx1:-:*:*:*:*:*:*:*", matchCriteriaId: "86D1FDAD-C594-43D9-9BF6-F7461177AB91", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2:-:*:*:*:*:*:*:*", matchCriteriaId: "DE9D4A55-A232-4AF2-B7E9-CD58D7D17479", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx2_nx:-:*:*:*:*:*:*:*", matchCriteriaId: "64C3FB58-08AA-4FE4-97BE-21B254BA229F", vulnerable: false, }, { criteria: "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:*:*:*:*:*:*", matchCriteriaId: "B0AA5976-FD71-4A53-BD4F-D342E871FEB0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:shield_experience:*:*:*:*:*:*:*:*", matchCriteriaId: "71B40848-51B9-47D6-83D9-B45EDBA785DA", versionEndExcluding: "9.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:nvidia:shield_tv:-:*:*:*:*:*:*:*", matchCriteriaId: "49F85C44-6B7E-4B7C-AC8D-9D5727DFA0B8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "NVIDIA Linux kernel distributions contain a vulnerability in nvmap, where writes may be allowed to read-only buffers, which may result in escalation of privileges, complete denial of service, unconstrained information disclosure, and serious data tampering of all processes on the system.", }, { lang: "es", value: "Las distribuciones del kernel de Linux de NVIDIA contienen una vulnerabilidad en nvmap, donde se pueden permitir escrituras en búferes de sólo lectura, lo que puede resultar en una escalada de privilegios, una denegación de servicio completa, una divulgación de información sin restricciones y una grave alteración de los datos de todos los procesos del sistema", }, ], id: "CVE-2021-1106", lastModified: "2024-11-21T05:43:36.550", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "psirt@nvidia.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-08-11T22:15:07.983", references: [ { source: "psirt@nvidia.com", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5216", }, { source: "psirt@nvidia.com", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5259", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5216", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5259", }, ], sourceIdentifier: "psirt@nvidia.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
cve-2021-1111
Vulnerability from cvelistv5
Published
2021-08-11 21:33
Modified
2024-08-03 15:55
Severity ?
EPSS score ?
Summary
Bootloader contains a vulnerability in the NV3P server where any user with physical access through USB can trigger an incorrect bounds check, which may lead to buffer overflow, resulting in limited information disclosure, limited data integrity, and denial of service across all components.
References
| ▼ | URL | Tags |
|---|---|---|
| https://nvidia.custhelp.com/app/answers/detail/a_id/5216 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| NVIDIA | NVIDIA Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX |
Version: All Jetson Linux versions prior to r32.6.1 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T15:55:18.644Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5216", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "NVIDIA Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX", vendor: "NVIDIA", versions: [ { status: "affected", version: "All Jetson Linux versions prior to r32.6.1", }, ], }, ], descriptions: [ { lang: "en", value: "Bootloader contains a vulnerability in the NV3P server where any user with physical access through USB can trigger an incorrect bounds check, which may lead to buffer overflow, resulting in limited information disclosure, limited data integrity, and denial of service across all components.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "PHYSICAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-119", description: "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-01-25T10:37:41", orgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", shortName: "nvidia", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5216", }, ], source: { discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.0.9", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@nvidia.com", ID: "CVE-2021-1111", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "NVIDIA Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX", version: { version_data: [ { version_value: "All Jetson Linux versions prior to r32.6.1", }, ], }, }, ], }, vendor_name: "NVIDIA", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Bootloader contains a vulnerability in the NV3P server where any user with physical access through USB can trigger an incorrect bounds check, which may lead to buffer overflow, resulting in limited information disclosure, limited data integrity, and denial of service across all components.", }, ], }, generator: { engine: "Vulnogram 0.0.9", }, impact: { cvss: { attackComplexity: "LOW", attackVector: "PHYSICAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:H", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer", }, ], }, ], }, references: { reference_data: [ { name: "https://nvidia.custhelp.com/app/answers/detail/a_id/5216", refsource: "CONFIRM", url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5216", }, ], }, source: { discovery: "UNKNOWN", }, }, }, }, cveMetadata: { assignerOrgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", assignerShortName: "nvidia", cveId: "CVE-2021-1111", datePublished: "2021-08-11T21:33:04", dateReserved: "2020-11-12T00:00:00", dateUpdated: "2024-08-03T15:55:18.644Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-34397
Vulnerability from cvelistv5
Published
2021-06-22 21:25
Modified
2024-08-04 00:12
Severity ?
EPSS score ?
Summary
Bootloader contains a vulnerability in NVIDIA MB2, which may cause free-the-wrong-heap, which may lead to limited denial of service.
References
| ▼ | URL | Tags |
|---|---|---|
| https://nvidia.custhelp.com/app/answers/detail/a_id/5205 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| NVIDIA | NVIDIA Jetson TX2 series, TX2 NX, AGX Xavier series, Xavier NX |
Version: All Jetson Linux versions prior to r32.5.1 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T00:12:49.915Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5205", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "NVIDIA Jetson TX2 series, TX2 NX, AGX Xavier series, Xavier NX", vendor: "NVIDIA", versions: [ { status: "affected", version: "All Jetson Linux versions prior to r32.5.1", }, ], }, ], descriptions: [ { lang: "en", value: "Bootloader contains a vulnerability in NVIDIA MB2, which may cause free-the-wrong-heap, which may lead to limited denial of service.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 1.9, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "denial of service", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-06-22T21:25:33", orgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", shortName: "nvidia", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5205", }, ], source: { discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.0.9", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@nvidia.com", ID: "CVE-2021-34397", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "NVIDIA Jetson TX2 series, TX2 NX, AGX Xavier series, Xavier NX", version: { version_data: [ { version_value: "All Jetson Linux versions prior to r32.5.1", }, ], }, }, ], }, vendor_name: "NVIDIA", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Bootloader contains a vulnerability in NVIDIA MB2, which may cause free-the-wrong-heap, which may lead to limited denial of service.", }, ], }, generator: { engine: "Vulnogram 0.0.9", }, impact: { cvss: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 1.9, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "denial of service", }, ], }, ], }, references: { reference_data: [ { name: "https://nvidia.custhelp.com/app/answers/detail/a_id/5205", refsource: "CONFIRM", url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5205", }, ], }, source: { discovery: "UNKNOWN", }, }, }, }, cveMetadata: { assignerOrgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", assignerShortName: "nvidia", cveId: "CVE-2021-34397", datePublished: "2021-06-22T21:25:33", dateReserved: "2021-06-09T00:00:00", dateUpdated: "2024-08-04T00:12:49.915Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-34394
Vulnerability from cvelistv5
Published
2021-06-22 21:25
Modified
2024-08-04 00:12
Severity ?
EPSS score ?
Summary
Trusty contains a vulnerability in the NVIDIA OTE protocol that is present in all TAs. An incorrect message stream deserialization allows an attacker to use the malicious CA that is run by the user to cause the buffer overflow, which may lead to information disclosure and data modification.
References
| ▼ | URL | Tags |
|---|---|---|
| https://nvidia.custhelp.com/app/answers/detail/a_id/5205 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| NVIDIA | NVIDIA Jetson TX2 series, TX2 NX, AGX Xavier series, Xavier NX |
Version: All Jetson Linux versions prior to r32.5.1 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T00:12:50.176Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5205", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "NVIDIA Jetson TX2 series, TX2 NX, AGX Xavier series, Xavier NX", vendor: "NVIDIA", versions: [ { status: "affected", version: "All Jetson Linux versions prior to r32.5.1", }, ], }, ], descriptions: [ { lang: "en", value: "Trusty contains a vulnerability in the NVIDIA OTE protocol that is present in all TAs. An incorrect message stream deserialization allows an attacker to use the malicious CA that is run by the user to cause the buffer overflow, which may lead to information disclosure and data modification.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.2, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "denial of service", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-07-16T22:50:48", orgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", shortName: "nvidia", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5205", }, ], source: { discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.0.9", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@nvidia.com", ID: "CVE-2021-34394", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "NVIDIA Jetson TX2 series, TX2 NX, AGX Xavier series, Xavier NX", version: { version_data: [ { version_value: "All Jetson Linux versions prior to r32.5.1", }, ], }, }, ], }, vendor_name: "NVIDIA", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Trusty contains a vulnerability in the NVIDIA OTE protocol that is present in all TAs. An incorrect message stream deserialization allows an attacker to use the malicious CA that is run by the user to cause the buffer overflow, which may lead to information disclosure and data modification.", }, ], }, generator: { engine: "Vulnogram 0.0.9", }, impact: { cvss: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.2, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "denial of service", }, ], }, ], }, references: { reference_data: [ { name: "https://nvidia.custhelp.com/app/answers/detail/a_id/5205", refsource: "CONFIRM", url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5205", }, ], }, source: { discovery: "UNKNOWN", }, }, }, }, cveMetadata: { assignerOrgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", assignerShortName: "nvidia", cveId: "CVE-2021-34394", datePublished: "2021-06-22T21:25:29", dateReserved: "2021-06-09T00:00:00", dateUpdated: "2024-08-04T00:12:50.176Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-1109
Vulnerability from cvelistv5
Published
2021-08-11 21:33
Modified
2024-08-03 15:55
Severity ?
EPSS score ?
Summary
NVIDIA camera firmware contains a multistep, timing-related vulnerability where an unauthorized modification by camera resources may result in loss of data integrity or denial of service across several streams.
References
| ▼ | URL | Tags |
|---|---|---|
| https://nvidia.custhelp.com/app/answers/detail/a_id/5216 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| NVIDIA | Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX, Jetson Nano, Jetson Nano 2GB, Jetson TX1. |
Version: All Jetson Linux versions prior to r32.6.1 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T15:55:18.681Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5216", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX, Jetson Nano, Jetson Nano 2GB, Jetson TX1.", vendor: "NVIDIA", versions: [ { status: "affected", version: "All Jetson Linux versions prior to r32.6.1", }, ], }, ], descriptions: [ { lang: "en", value: "NVIDIA camera firmware contains a multistep, timing-related vulnerability where an unauthorized modification by camera resources may result in loss of data integrity or denial of service across several streams.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:H/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "data integrity, denial of service.", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-08-11T21:33:02", orgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", shortName: "nvidia", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5216", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@nvidia.com", ID: "CVE-2021-1109", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX, Jetson Nano, Jetson Nano 2GB, Jetson TX1.", version: { version_data: [ { version_value: "All Jetson Linux versions prior to r32.6.1", }, ], }, }, ], }, vendor_name: "NVIDIA", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "NVIDIA camera firmware contains a multistep, timing-related vulnerability where an unauthorized modification by camera resources may result in loss of data integrity or denial of service across several streams.", }, ], }, impact: { cvss: { baseScore: 7.2, baseSeverity: "High", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:H/A:H", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "data integrity, denial of service.", }, ], }, ], }, references: { reference_data: [ { name: "https://nvidia.custhelp.com/app/answers/detail/a_id/5216", refsource: "MISC", url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5216", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", assignerShortName: "nvidia", cveId: "CVE-2021-1109", datePublished: "2021-08-11T21:33:02", dateReserved: "2020-11-12T00:00:00", dateUpdated: "2024-08-03T15:55:18.681Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-1113
Vulnerability from cvelistv5
Published
2021-08-11 21:33
Modified
2024-08-03 15:55
Severity ?
EPSS score ?
Summary
NVIDIA camera firmware contains a difficult to exploit vulnerability where a highly privileged attacker can cause unauthorized modification to camera resources, which may result in complete denial of service and partial loss of data integrity for all clients.
References
| ▼ | URL | Tags |
|---|---|---|
| https://nvidia.custhelp.com/app/answers/detail/a_id/5216 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| NVIDIA | Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX, Jetson Nano, Jetson Nano 2GB, Jetson TX1 |
Version: All Jetson Linux versions prior to r32.6.1 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T15:55:18.645Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5216", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX, Jetson Nano, Jetson Nano 2GB, Jetson TX1", vendor: "NVIDIA", versions: [ { status: "affected", version: "All Jetson Linux versions prior to r32.6.1", }, ], }, ], descriptions: [ { lang: "en", value: "NVIDIA camera firmware contains a difficult to exploit vulnerability where a highly privileged attacker can cause unauthorized modification to camera resources, which may result in complete denial of service and partial loss of data integrity for all clients.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.7, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-284", description: "CWE-284 Improper Access Control", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-01-22T17:30:26", orgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", shortName: "nvidia", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5216", }, ], source: { discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.0.9", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@nvidia.com", ID: "CVE-2021-1113", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX, Jetson Nano, Jetson Nano 2GB, Jetson TX1", version: { version_data: [ { version_value: "All Jetson Linux versions prior to r32.6.1", }, ], }, }, ], }, vendor_name: "NVIDIA", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "NVIDIA camera firmware contains a difficult to exploit vulnerability where a highly privileged attacker can cause unauthorized modification to camera resources, which may result in complete denial of service and partial loss of data integrity for all clients.", }, ], }, generator: { engine: "Vulnogram 0.0.9", }, impact: { cvss: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.7, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:H", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-284 Improper Access Control", }, ], }, ], }, references: { reference_data: [ { name: "https://nvidia.custhelp.com/app/answers/detail/a_id/5216", refsource: "CONFIRM", url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5216", }, ], }, source: { discovery: "UNKNOWN", }, }, }, }, cveMetadata: { assignerOrgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", assignerShortName: "nvidia", cveId: "CVE-2021-1113", datePublished: "2021-08-11T21:33:06", dateReserved: "2020-11-12T00:00:00", dateUpdated: "2024-08-03T15:55:18.645Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-34396
Vulnerability from cvelistv5
Published
2021-06-22 21:25
Modified
2024-08-04 00:12
Severity ?
EPSS score ?
Summary
Bootloader contains a vulnerability in access permission settings where unauthorized software may be able to overwrite NVIDIA MB2 code, which would result in limited denial of service.
References
| ▼ | URL | Tags |
|---|---|---|
| https://nvidia.custhelp.com/app/answers/detail/a_id/5205 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| NVIDIA | NVIDIA Jetson TX2 series, TX2 NX |
Version: All Jetson Linux versions prior to r32.5.1 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T00:12:50.016Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5205", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "NVIDIA Jetson TX2 series, TX2 NX", vendor: "NVIDIA", versions: [ { status: "affected", version: "All Jetson Linux versions prior to r32.5.1", }, ], }, ], descriptions: [ { lang: "en", value: "Bootloader contains a vulnerability in access permission settings where unauthorized software may be able to overwrite NVIDIA MB2 code, which would result in limited denial of service.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 3, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:L", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "denial of service", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-06-22T21:25:31", orgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", shortName: "nvidia", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5205", }, ], source: { discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.0.9", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@nvidia.com", ID: "CVE-2021-34396", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "NVIDIA Jetson TX2 series, TX2 NX", version: { version_data: [ { version_value: "All Jetson Linux versions prior to r32.5.1", }, ], }, }, ], }, vendor_name: "NVIDIA", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Bootloader contains a vulnerability in access permission settings where unauthorized software may be able to overwrite NVIDIA MB2 code, which would result in limited denial of service.", }, ], }, generator: { engine: "Vulnogram 0.0.9", }, impact: { cvss: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 3, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:L", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "denial of service", }, ], }, ], }, references: { reference_data: [ { name: "https://nvidia.custhelp.com/app/answers/detail/a_id/5205", refsource: "CONFIRM", url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5205", }, ], }, source: { discovery: "UNKNOWN", }, }, }, }, cveMetadata: { assignerOrgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", assignerShortName: "nvidia", cveId: "CVE-2021-34396", datePublished: "2021-06-22T21:25:32", dateReserved: "2021-06-09T00:00:00", dateUpdated: "2024-08-04T00:12:50.016Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-28196
Vulnerability from cvelistv5
Published
2022-04-27 17:57
Modified
2024-08-03 05:48
Severity ?
EPSS score ?
Summary
NVIDIA Jetson Linux Driver Package contains a vulnerability in the Cboot blob_decompress function, where insufficient validation of untrusted data may allow a local attacker with elevated privileges to cause a memory buffer overflow, which may lead to code execution, limited loss of Integrity, and limited denial of service. The scope of impact can extend to other components.
References
| ▼ | URL | Tags |
|---|---|---|
| https://nvidia.custhelp.com/app/answers/detail/a_id/5343 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| NVIDIA | Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 NX, Jetson TX2 series |
Version: All 32.x versions prior to 32.7.2 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T05:48:37.325Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5343", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 NX, Jetson TX2 series", vendor: "NVIDIA", versions: [ { status: "affected", version: "All 32.x versions prior to 32.7.2", }, ], }, ], descriptions: [ { lang: "en", value: "NVIDIA Jetson Linux Driver Package contains a vulnerability in the Cboot blob_decompress function, where insufficient validation of untrusted data may allow a local attacker with elevated privileges to cause a memory buffer overflow, which may lead to code execution, limited loss of Integrity, and limited denial of service. The scope of impact can extend to other components.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 4.6, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:L", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20 Improper Input Validation", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-05-30T18:00:18", orgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", shortName: "nvidia", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5343", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@nvidia.com", ID: "CVE-2022-28196", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 NX, Jetson TX2 series", version: { version_data: [ { version_value: "All 32.x versions prior to 32.7.2", }, ], }, }, ], }, vendor_name: "NVIDIA", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "NVIDIA Jetson Linux Driver Package contains a vulnerability in the Cboot blob_decompress function, where insufficient validation of untrusted data may allow a local attacker with elevated privileges to cause a memory buffer overflow, which may lead to code execution, limited loss of Integrity, and limited denial of service. The scope of impact can extend to other components.", }, ], }, impact: { cvss: { baseScore: 4.6, baseSeverity: "Medium", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:L", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-20 Improper Input Validation", }, ], }, ], }, references: { reference_data: [ { name: "https://nvidia.custhelp.com/app/answers/detail/a_id/5343", refsource: "MISC", url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5343", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", assignerShortName: "nvidia", cveId: "CVE-2022-28196", datePublished: "2022-04-27T17:57:44", dateReserved: "2022-03-30T00:00:00", dateUpdated: "2024-08-03T05:48:37.325Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-34377
Vulnerability from cvelistv5
Published
2021-06-30 10:24
Modified
2024-08-04 00:12
Severity ?
EPSS score ?
Summary
Trusty contains a vulnerability in the HDCP service TA where bounds checking in command 9 is missing. Improper restriction of operations within the bounds of a memory buffer might lead to escalation of privileges, information disclosure, and denial of service.
References
| ▼ | URL | Tags |
|---|---|---|
| https://nvidia.custhelp.com/app/answers/detail/a_id/5205 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| NVIDIA | NVIDIA Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX |
Version: All Jetson Linux versions prior to r32.5.1 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T00:12:49.966Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5205", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "NVIDIA Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX", vendor: "NVIDIA", versions: [ { status: "affected", version: "All Jetson Linux versions prior to r32.5.1", }, ], }, ], descriptions: [ { lang: "en", value: "Trusty contains a vulnerability in the HDCP service TA where bounds checking in command 9 is missing. Improper restriction of operations within the bounds of a memory buffer might lead to escalation of privileges, information disclosure, and denial of service.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.7, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "information disclosure, escalation of privileges, denial of service", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-06-30T10:24:31", orgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", shortName: "nvidia", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5205", }, ], source: { discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.0.9", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@nvidia.com", ID: "CVE-2021-34377", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "NVIDIA Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX", version: { version_data: [ { version_value: "All Jetson Linux versions prior to r32.5.1", }, ], }, }, ], }, vendor_name: "NVIDIA", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Trusty contains a vulnerability in the HDCP service TA where bounds checking in command 9 is missing. Improper restriction of operations within the bounds of a memory buffer might lead to escalation of privileges, information disclosure, and denial of service.", }, ], }, generator: { engine: "Vulnogram 0.0.9", }, impact: { cvss: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.7, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "information disclosure, escalation of privileges, denial of service", }, ], }, ], }, references: { reference_data: [ { name: "https://nvidia.custhelp.com/app/answers/detail/a_id/5205", refsource: "CONFIRM", url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5205", }, ], }, source: { discovery: "UNKNOWN", }, }, }, }, cveMetadata: { assignerOrgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", assignerShortName: "nvidia", cveId: "CVE-2021-34377", datePublished: "2021-06-30T10:24:31", dateReserved: "2021-06-09T00:00:00", dateUpdated: "2024-08-04T00:12:49.966Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-1112
Vulnerability from cvelistv5
Published
2021-08-11 21:33
Modified
2024-08-03 15:55
Severity ?
EPSS score ?
Summary
NVIDIA Linux kernel distributions contain a vulnerability in nvmap, where a null pointer dereference may lead to complete denial of service.
References
| ▼ | URL | Tags |
|---|---|---|
| https://nvidia.custhelp.com/app/answers/detail/a_id/5216 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| NVIDIA | Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX, Jetson Nano, Jetson Nano 2GB, Jetson TX1 |
Version: All Jetson Linux versions prior to r32.6.1 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T15:55:18.681Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5216", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX, Jetson Nano, Jetson Nano 2GB, Jetson TX1", vendor: "NVIDIA", versions: [ { status: "affected", version: "All Jetson Linux versions prior to r32.6.1", }, ], }, ], descriptions: [ { lang: "en", value: "NVIDIA Linux kernel distributions contain a vulnerability in nvmap, where a null pointer dereference may lead to complete denial of service.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "Null Pointer Dereference", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-08-24T15:57:08", orgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", shortName: "nvidia", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5216", }, ], source: { discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.0.9", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@nvidia.com", ID: "CVE-2021-1112", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX, Jetson Nano, Jetson Nano 2GB, Jetson TX1", version: { version_data: [ { version_value: "All Jetson Linux versions prior to r32.6.1", }, ], }, }, ], }, vendor_name: "NVIDIA", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "NVIDIA Linux kernel distributions contain a vulnerability in nvmap, where a null pointer dereference may lead to complete denial of service.", }, ], }, generator: { engine: "Vulnogram 0.0.9", }, impact: { cvss: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Null Pointer Dereference", }, ], }, ], }, references: { reference_data: [ { name: "https://nvidia.custhelp.com/app/answers/detail/a_id/5216", refsource: "CONFIRM", url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5216", }, ], }, source: { discovery: "UNKNOWN", }, }, }, }, cveMetadata: { assignerOrgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", assignerShortName: "nvidia", cveId: "CVE-2021-1112", datePublished: "2021-08-11T21:33:05", dateReserved: "2020-11-12T00:00:00", dateUpdated: "2024-08-03T15:55:18.681Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-1114
Vulnerability from cvelistv5
Published
2021-08-11 21:33
Modified
2024-08-03 15:55
Severity ?
EPSS score ?
Summary
NVIDIA Linux kernel distributions contain a vulnerability in the kernel crypto node, where use after free may lead to complete denial of service.
References
| ▼ | URL | Tags |
|---|---|---|
| https://nvidia.custhelp.com/app/answers/detail/a_id/5216 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| NVIDIA | NVIDIA Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX |
Version: All Jetson Linux versions prior to r32.6.1 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T15:55:18.530Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5216", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "NVIDIA Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX", vendor: "NVIDIA", versions: [ { status: "affected", version: "All Jetson Linux versions prior to r32.6.1", }, ], }, ], descriptions: [ { lang: "en", value: "NVIDIA Linux kernel distributions contain a vulnerability in the kernel crypto node, where use after free may lead to complete denial of service.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "Use After Free", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-08-24T15:57:12", orgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", shortName: "nvidia", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5216", }, ], source: { discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.0.9", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@nvidia.com", ID: "CVE-2021-1114", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "NVIDIA Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX", version: { version_data: [ { version_value: "All Jetson Linux versions prior to r32.6.1", }, ], }, }, ], }, vendor_name: "NVIDIA", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "NVIDIA Linux kernel distributions contain a vulnerability in the kernel crypto node, where use after free may lead to complete denial of service.", }, ], }, generator: { engine: "Vulnogram 0.0.9", }, impact: { cvss: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Use After Free", }, ], }, ], }, references: { reference_data: [ { name: "https://nvidia.custhelp.com/app/answers/detail/a_id/5216", refsource: "CONFIRM", url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5216", }, ], }, source: { discovery: "UNKNOWN", }, }, }, }, cveMetadata: { assignerOrgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", assignerShortName: "nvidia", cveId: "CVE-2021-1114", datePublished: "2021-08-11T21:33:07", dateReserved: "2020-11-12T00:00:00", dateUpdated: "2024-08-03T15:55:18.530Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-1106
Vulnerability from cvelistv5
Published
2021-08-11 21:32
Modified
2024-08-03 15:55
Severity ?
EPSS score ?
Summary
NVIDIA Linux kernel distributions contain a vulnerability in nvmap, where writes may be allowed to read-only buffers, which may result in escalation of privileges, complete denial of service, unconstrained information disclosure, and serious data tampering of all processes on the system.
References
| ▼ | URL | Tags |
|---|---|---|
| https://nvidia.custhelp.com/app/answers/detail/a_id/5216 | x_refsource_MISC | |
| https://nvidia.custhelp.com/app/answers/detail/a_id/5259 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | NVIDIA | Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX, Jetson Nano, Jetson Nano 2GB, Jetson TX1 |
Version: All Jetson Linux versions prior to r32.6.1 |
||||||
|
|||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T15:55:18.558Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5216", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5259", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX, Jetson Nano, Jetson Nano 2GB, Jetson TX1", vendor: "NVIDIA", versions: [ { status: "affected", version: "All Jetson Linux versions prior to r32.6.1", }, ], }, { product: "Shield TV", vendor: "NVIDIA", versions: [ { status: "affected", version: "All versions prior to SE 9.0", }, ], }, ], descriptions: [ { lang: "en", value: "NVIDIA Linux kernel distributions contain a vulnerability in nvmap, where writes may be allowed to read-only buffers, which may result in escalation of privileges, complete denial of service, unconstrained information disclosure, and serious data tampering of all processes on the system.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "escalation of privileges, denial of service, information disclosure, and data tampering", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-01-19T16:56:07", orgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", shortName: "nvidia", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5216", }, { tags: [ "x_refsource_MISC", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5259", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@nvidia.com", ID: "CVE-2021-1106", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX, Jetson Nano, Jetson Nano 2GB, Jetson TX1", version: { version_data: [ { version_value: "All Jetson Linux versions prior to r32.6.1", }, ], }, }, { product_name: "Shield TV", version: { version_data: [ { version_value: "All versions prior to SE 9.0", }, ], }, }, ], }, vendor_name: "NVIDIA", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "NVIDIA Linux kernel distributions contain a vulnerability in nvmap, where writes may be allowed to read-only buffers, which may result in escalation of privileges, complete denial of service, unconstrained information disclosure, and serious data tampering of all processes on the system.", }, ], }, impact: { cvss: { baseScore: 7.8, baseSeverity: "High", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "escalation of privileges, denial of service, information disclosure, and data tampering", }, ], }, ], }, references: { reference_data: [ { name: "https://nvidia.custhelp.com/app/answers/detail/a_id/5216", refsource: "MISC", url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5216", }, { name: "https://nvidia.custhelp.com/app/answers/detail/a_id/5259", refsource: "MISC", url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5259", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", assignerShortName: "nvidia", cveId: "CVE-2021-1106", datePublished: "2021-08-11T21:32:58", dateReserved: "2020-11-12T00:00:00", dateUpdated: "2024-08-03T15:55:18.558Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-34388
Vulnerability from cvelistv5
Published
2021-06-21 21:35
Modified
2024-08-04 00:12
Severity ?
EPSS score ?
Summary
Bootloader contains a vulnerability in NVIDIA TegraBoot where a potential heap overflow might allow an attacker to control all the RAM after the heap block, leading to denial of service or code execution.
References
| ▼ | URL | Tags |
|---|---|---|
| https://nvidia.custhelp.com/app/answers/detail/a_id/5205 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| NVIDIA | NVIDIA Jetson TX1, TX2 series, TX2 NX, AGX Xavier series, Xavier NX, Nano and Nano 2GB |
Version: All Jetson Linux versions prior to r32.5.1 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T00:12:49.987Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5205", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "NVIDIA Jetson TX1, TX2 series, TX2 NX, AGX Xavier series, Xavier NX, Nano and Nano 2GB", vendor: "NVIDIA", versions: [ { status: "affected", version: "All Jetson Linux versions prior to r32.5.1", }, ], }, ], descriptions: [ { lang: "en", value: "Bootloader contains a vulnerability in NVIDIA TegraBoot where a potential heap overflow might allow an attacker to control all the RAM after the heap block, leading to denial of service or code execution.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "code execution, denial of service", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-06-30T10:14:55", orgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", shortName: "nvidia", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5205", }, ], source: { discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.0.9", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@nvidia.com", ID: "CVE-2021-34388", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "NVIDIA Jetson TX1, TX2 series, TX2 NX, AGX Xavier series, Xavier NX, Nano and Nano 2GB", version: { version_data: [ { version_value: "All Jetson Linux versions prior to r32.5.1", }, ], }, }, ], }, vendor_name: "NVIDIA", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Bootloader contains a vulnerability in NVIDIA TegraBoot where a potential heap overflow might allow an attacker to control all the RAM after the heap block, leading to denial of service or code execution.", }, ], }, generator: { engine: "Vulnogram 0.0.9", }, impact: { cvss: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "code execution, denial of service", }, ], }, ], }, references: { reference_data: [ { name: "https://nvidia.custhelp.com/app/answers/detail/a_id/5205", refsource: "CONFIRM", url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5205", }, ], }, source: { discovery: "UNKNOWN", }, }, }, }, cveMetadata: { assignerOrgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", assignerShortName: "nvidia", cveId: "CVE-2021-34388", datePublished: "2021-06-21T21:35:17", dateReserved: "2021-06-09T00:00:00", dateUpdated: "2024-08-04T00:12:49.987Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-1105
Vulnerability from cvelistv5
Published
2021-11-20 14:55
Modified
2024-08-03 15:55
Severity ?
EPSS score ?
Summary
NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to access debug registers during runtime, which may lead to information disclosure.
References
| ▼ | URL | Tags |
|---|---|---|
| https://nvidia.custhelp.com/app/answers/detail/a_id/5263 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| NVIDIA | NVIDIA GPU and Tegra hardware |
Version: Turing, Volta, Pascal, Maxwell, Tegra X1, Tegra X1+, Tegra TX2, Xavier |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T15:55:18.491Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5263", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "NVIDIA GPU and Tegra hardware", vendor: "NVIDIA", versions: [ { status: "affected", version: "Turing, Volta, Pascal, Maxwell, Tegra X1, Tegra X1+, Tegra TX2, Xavier", }, ], }, ], descriptions: [ { lang: "en", value: "NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to access debug registers during runtime, which may lead to information disclosure.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 4.1, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "CWE 1313: Hardware Allows Activation of Test or Debug Logic at Runtime", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-11-20T14:55:18", orgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", shortName: "nvidia", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5263", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@nvidia.com", ID: "CVE-2021-1105", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "NVIDIA GPU and Tegra hardware", version: { version_data: [ { version_value: "Turing, Volta, Pascal, Maxwell, Tegra X1, Tegra X1+, Tegra TX2, Xavier", }, ], }, }, ], }, vendor_name: "NVIDIA", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to access debug registers during runtime, which may lead to information disclosure.", }, ], }, impact: { cvss: { baseScore: 4.1, baseSeverity: "Medium", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE 1313: Hardware Allows Activation of Test or Debug Logic at Runtime", }, ], }, ], }, references: { reference_data: [ { name: "https://nvidia.custhelp.com/app/answers/detail/a_id/5263", refsource: "CONFIRM", url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5263", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", assignerShortName: "nvidia", cveId: "CVE-2021-1105", datePublished: "2021-11-20T14:55:19", dateReserved: "2020-11-12T00:00:00", dateUpdated: "2024-08-03T15:55:18.491Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-34375
Vulnerability from cvelistv5
Published
2021-06-30 10:24
Modified
2024-08-04 00:12
Severity ?
EPSS score ?
Summary
Trusty contains a vulnerability in all trusted applications (TAs) where the stack cookie was not randomized, which might result in stack-based buffer overflow, leading to denial of service, escalation of privileges, and information disclosure.
References
| ▼ | URL | Tags |
|---|---|---|
| https://nvidia.custhelp.com/app/answers/detail/a_id/5205 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| NVIDIA | NVIDIA Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX |
Version: All Jetson Linux versions prior to r32.5.1 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T00:12:49.957Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5205", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "NVIDIA Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX", vendor: "NVIDIA", versions: [ { status: "affected", version: "All Jetson Linux versions prior to r32.5.1", }, ], }, ], descriptions: [ { lang: "en", value: "Trusty contains a vulnerability in all trusted applications (TAs) where the stack cookie was not randomized, which might result in stack-based buffer overflow, leading to denial of service, escalation of privileges, and information disclosure.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.7, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "information disclosure, escalation of privileges, denial of service", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-06-30T10:24:29", orgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", shortName: "nvidia", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5205", }, ], source: { discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.0.9", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@nvidia.com", ID: "CVE-2021-34375", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "NVIDIA Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX", version: { version_data: [ { version_value: "All Jetson Linux versions prior to r32.5.1", }, ], }, }, ], }, vendor_name: "NVIDIA", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Trusty contains a vulnerability in all trusted applications (TAs) where the stack cookie was not randomized, which might result in stack-based buffer overflow, leading to denial of service, escalation of privileges, and information disclosure.", }, ], }, generator: { engine: "Vulnogram 0.0.9", }, impact: { cvss: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.7, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "information disclosure, escalation of privileges, denial of service", }, ], }, ], }, references: { reference_data: [ { name: "https://nvidia.custhelp.com/app/answers/detail/a_id/5205", refsource: "CONFIRM", url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5205", }, ], }, source: { discovery: "UNKNOWN", }, }, }, }, cveMetadata: { assignerOrgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", assignerShortName: "nvidia", cveId: "CVE-2021-34375", datePublished: "2021-06-30T10:24:29", dateReserved: "2021-06-09T00:00:00", dateUpdated: "2024-08-04T00:12:49.957Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-1107
Vulnerability from cvelistv5
Published
2021-08-11 21:33
Modified
2024-08-03 15:55
Severity ?
EPSS score ?
Summary
NVIDIA Linux kernel distributions contain a vulnerability in nvmap NVMAP_IOC_WRITE* paths, where improper access controls may lead to code execution, complete denial of service, and seriously compromised integrity of all system components.
References
| ▼ | URL | Tags |
|---|---|---|
| https://nvidia.custhelp.com/app/answers/detail/a_id/5216 | x_refsource_MISC | |
| https://nvidia.custhelp.com/app/answers/detail/a_id/5259 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | NVIDIA | Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX, Jetson Nano, Jetson Nano 2GB, Jetson TX1 |
Version: All Jetson Linux versions prior to r32.6.1 |
||||||
|
|||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T15:55:18.683Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5216", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5259", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX, Jetson Nano, Jetson Nano 2GB, Jetson TX1", vendor: "NVIDIA", versions: [ { status: "affected", version: "All Jetson Linux versions prior to r32.6.1", }, ], }, { product: "Shield TV", vendor: "NVIDIA", versions: [ { status: "affected", version: "All Shield TV versions prior to SE 9.0", }, ], }, ], descriptions: [ { lang: "en", value: "NVIDIA Linux kernel distributions contain a vulnerability in nvmap NVMAP_IOC_WRITE* paths, where improper access controls may lead to code execution, complete denial of service, and seriously compromised integrity of all system components.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "code execution, denial of service, loss of integrity", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-01-19T16:56:10", orgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", shortName: "nvidia", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5216", }, { tags: [ "x_refsource_MISC", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5259", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@nvidia.com", ID: "CVE-2021-1107", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX, Jetson Nano, Jetson Nano 2GB, Jetson TX1", version: { version_data: [ { version_value: "All Jetson Linux versions prior to r32.6.1", }, ], }, }, { product_name: "Shield TV", version: { version_data: [ { version_value: "All Shield TV versions prior to SE 9.0", }, ], }, }, ], }, vendor_name: "NVIDIA", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "NVIDIA Linux kernel distributions contain a vulnerability in nvmap NVMAP_IOC_WRITE* paths, where improper access controls may lead to code execution, complete denial of service, and seriously compromised integrity of all system components.", }, ], }, impact: { cvss: { baseScore: 7.8, baseSeverity: "High", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "code execution, denial of service, loss of integrity", }, ], }, ], }, references: { reference_data: [ { name: "https://nvidia.custhelp.com/app/answers/detail/a_id/5216", refsource: "MISC", url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5216", }, { name: "https://nvidia.custhelp.com/app/answers/detail/a_id/5259", refsource: "MISC", url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5259", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", assignerShortName: "nvidia", cveId: "CVE-2021-1107", datePublished: "2021-08-11T21:33:00", dateReserved: "2020-11-12T00:00:00", dateUpdated: "2024-08-03T15:55:18.683Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-34399
Vulnerability from cvelistv5
Published
2021-11-20 14:55
Modified
2024-08-04 00:12
Severity ?
EPSS score ?
Summary
NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to gain access to information from unscrubbed registers, which may lead to information disclosure.
References
| ▼ | URL | Tags |
|---|---|---|
| https://nvidia.custhelp.com/app/answers/detail/a_id/5263 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| NVIDIA | NVIDIA GPU and Tegra hardware |
Version: Turing, Volta, Pascal, Maxwell, Tegra X1, Tegra X1+, Tegra TX2, Xavier |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T00:12:49.877Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5263", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "NVIDIA GPU and Tegra hardware", vendor: "NVIDIA", versions: [ { status: "affected", version: "Turing, Volta, Pascal, Maxwell, Tegra X1, Tegra X1+, Tegra TX2, Xavier", }, ], }, ], descriptions: [ { lang: "en", value: "NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to gain access to information from unscrubbed registers, which may lead to information disclosure.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 4.1, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "CWE 226: Sensitive Information in Resource Not Removed Before Reuse", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-11-20T14:55:25", orgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", shortName: "nvidia", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5263", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@nvidia.com", ID: "CVE-2021-34399", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "NVIDIA GPU and Tegra hardware", version: { version_data: [ { version_value: "Turing, Volta, Pascal, Maxwell, Tegra X1, Tegra X1+, Tegra TX2, Xavier", }, ], }, }, ], }, vendor_name: "NVIDIA", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to gain access to information from unscrubbed registers, which may lead to information disclosure.", }, ], }, impact: { cvss: { baseScore: 4.1, baseSeverity: "Medium", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE 226: Sensitive Information in Resource Not Removed Before Reuse", }, ], }, ], }, references: { reference_data: [ { name: "https://nvidia.custhelp.com/app/answers/detail/a_id/5263", refsource: "CONFIRM", url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5263", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", assignerShortName: "nvidia", cveId: "CVE-2021-34399", datePublished: "2021-11-20T14:55:25", dateReserved: "2021-06-09T00:00:00", dateUpdated: "2024-08-04T00:12:49.877Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-34384
Vulnerability from cvelistv5
Published
2021-06-30 10:24
Modified
2024-08-04 00:12
Severity ?
EPSS score ?
Summary
Bootloader contains a vulnerability in NVIDIA MB2 where a potential heap overflow could cause memory corruption, which might lead to denial of service or code execution.
References
| ▼ | URL | Tags |
|---|---|---|
| https://nvidia.custhelp.com/app/answers/detail/a_id/5205 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| NVIDIA | NVIDIA Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX |
Version: All Jetson Linux versions prior to r32.5.1 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T00:12:49.913Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5205", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "NVIDIA Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX", vendor: "NVIDIA", versions: [ { status: "affected", version: "All Jetson Linux versions prior to r32.5.1", }, ], }, ], descriptions: [ { lang: "en", value: "Bootloader contains a vulnerability in NVIDIA MB2 where a potential heap overflow could cause memory corruption, which might lead to denial of service or code execution.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "information disclosure, escalation of privileges, denial of service", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-06-30T10:24:37", orgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", shortName: "nvidia", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5205", }, ], source: { discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.0.9", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@nvidia.com", ID: "CVE-2021-34384", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "NVIDIA Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX", version: { version_data: [ { version_value: "All Jetson Linux versions prior to r32.5.1", }, ], }, }, ], }, vendor_name: "NVIDIA", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Bootloader contains a vulnerability in NVIDIA MB2 where a potential heap overflow could cause memory corruption, which might lead to denial of service or code execution.", }, ], }, generator: { engine: "Vulnogram 0.0.9", }, impact: { cvss: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "information disclosure, escalation of privileges, denial of service", }, ], }, ], }, references: { reference_data: [ { name: "https://nvidia.custhelp.com/app/answers/detail/a_id/5205", refsource: "CONFIRM", url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5205", }, ], }, source: { discovery: "UNKNOWN", }, }, }, }, cveMetadata: { assignerOrgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", assignerShortName: "nvidia", cveId: "CVE-2021-34384", datePublished: "2021-06-30T10:24:37", dateReserved: "2021-06-09T00:00:00", dateUpdated: "2024-08-04T00:12:49.913Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-34378
Vulnerability from cvelistv5
Published
2021-06-30 10:24
Modified
2024-08-04 00:12
Severity ?
EPSS score ?
Summary
Trusty contains a vulnerability in the HDCP service TA where bounds checking in command 11 is missing. Improper restriction of operations within the bounds of a memory buffer might lead to information disclosure, denial of service, or escalation of privileges.
References
| ▼ | URL | Tags |
|---|---|---|
| https://nvidia.custhelp.com/app/answers/detail/a_id/5205 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| NVIDIA | NVIDIA Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX |
Version: All Jetson Linux versions prior to r32.5.1 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T00:12:50.370Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5205", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "NVIDIA Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX", vendor: "NVIDIA", versions: [ { status: "affected", version: "All Jetson Linux versions prior to r32.5.1", }, ], }, ], descriptions: [ { lang: "en", value: "Trusty contains a vulnerability in the HDCP service TA where bounds checking in command 11 is missing. Improper restriction of operations within the bounds of a memory buffer might lead to information disclosure, denial of service, or escalation of privileges.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.7, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "information disclosure, escalation of privileges, denial of service", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-06-30T10:24:32", orgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", shortName: "nvidia", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5205", }, ], source: { discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.0.9", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@nvidia.com", ID: "CVE-2021-34378", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "NVIDIA Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX", version: { version_data: [ { version_value: "All Jetson Linux versions prior to r32.5.1", }, ], }, }, ], }, vendor_name: "NVIDIA", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Trusty contains a vulnerability in the HDCP service TA where bounds checking in command 11 is missing. Improper restriction of operations within the bounds of a memory buffer might lead to information disclosure, denial of service, or escalation of privileges.", }, ], }, generator: { engine: "Vulnogram 0.0.9", }, impact: { cvss: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.7, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "information disclosure, escalation of privileges, denial of service", }, ], }, ], }, references: { reference_data: [ { name: "https://nvidia.custhelp.com/app/answers/detail/a_id/5205", refsource: "CONFIRM", url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5205", }, ], }, source: { discovery: "UNKNOWN", }, }, }, }, cveMetadata: { assignerOrgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", assignerShortName: "nvidia", cveId: "CVE-2021-34378", datePublished: "2021-06-30T10:24:32", dateReserved: "2021-06-09T00:00:00", dateUpdated: "2024-08-04T00:12:50.370Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-25520
Vulnerability from cvelistv5
Published
2023-06-23 17:23
Modified
2024-11-07 19:07
Severity ?
EPSS score ?
Summary
NVIDIA Jetson Linux Driver Package contains a vulnerability in nvbootctrl, where a privileged local attacker can configure invalid settings, resulting in denial of service.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| NVIDIA | Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX |
Version: All versions prior to 32.7.4 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T11:25:18.628Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5466", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-25520", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-11-07T19:06:32.753683Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-07T19:07:37.748Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX", vendor: "NVIDIA", versions: [ { status: "affected", version: "All versions prior to 32.7.4", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "\n\n<span style=\"background-color: rgb(255, 255, 255);\">NVIDIA Jetson Linux Driver Package contains a vulnerability in </span><code>nvbootctrl</code><span style=\"background-color: rgb(255, 255, 255);\">, where a privileged local attacker can configure invalid settings, resulting in denial of service.</span>\n\n", }, ], value: "\nNVIDIA Jetson Linux Driver Package contains a vulnerability in nvbootctrl, where a privileged local attacker can configure invalid settings, resulting in denial of service.\n\n", }, ], impacts: [ { descriptions: [ { lang: "en", value: "Denial of service", }, ], }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20 Improper Input Validation", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-06-23T17:23:21.837Z", orgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", shortName: "nvidia", }, references: [ { url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5466", }, ], source: { discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", assignerShortName: "nvidia", cveId: "CVE-2023-25520", datePublished: "2023-06-23T17:23:21.837Z", dateReserved: "2023-02-07T02:57:17.086Z", dateUpdated: "2024-11-07T19:07:37.748Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-34389
Vulnerability from cvelistv5
Published
2021-06-21 21:35
Modified
2024-08-04 00:12
Severity ?
EPSS score ?
Summary
Trusty contains a vulnerability in NVIDIA OTE protocol message parsing code, which is present in all the TAs. An incorrect bounds check can allow a local user through a malicious client to access memory from the heap in the TrustZone, which may lead to information disclosure.
References
| ▼ | URL | Tags |
|---|---|---|
| https://nvidia.custhelp.com/app/answers/detail/a_id/5205 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| NVIDIA | NVIDIA Jetson, TX2 series, TX2 NX, AGX Xavier series, Xavier NX |
Version: All Jetson Linux versions prior to r32.5.1 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T00:12:50.025Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5205", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "NVIDIA Jetson, TX2 series, TX2 NX, AGX Xavier series, Xavier NX", vendor: "NVIDIA", versions: [ { status: "affected", version: "All Jetson Linux versions prior to r32.5.1", }, ], }, ], descriptions: [ { lang: "en", value: "Trusty contains a vulnerability in NVIDIA OTE protocol message parsing code, which is present in all the TAs. An incorrect bounds check can allow a local user through a malicious client to access memory from the heap in the TrustZone, which may lead to information disclosure.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "information disclosure", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-07-16T22:50:44", orgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", shortName: "nvidia", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5205", }, ], source: { discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.0.9", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@nvidia.com", ID: "CVE-2021-34389", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "NVIDIA Jetson, TX2 series, TX2 NX, AGX Xavier series, Xavier NX", version: { version_data: [ { version_value: "All Jetson Linux versions prior to r32.5.1", }, ], }, }, ], }, vendor_name: "NVIDIA", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Trusty contains a vulnerability in NVIDIA OTE protocol message parsing code, which is present in all the TAs. An incorrect bounds check can allow a local user through a malicious client to access memory from the heap in the TrustZone, which may lead to information disclosure.", }, ], }, generator: { engine: "Vulnogram 0.0.9", }, impact: { cvss: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "information disclosure", }, ], }, ], }, references: { reference_data: [ { name: "https://nvidia.custhelp.com/app/answers/detail/a_id/5205", refsource: "CONFIRM", url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5205", }, ], }, source: { discovery: "UNKNOWN", }, }, }, }, cveMetadata: { assignerOrgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", assignerShortName: "nvidia", cveId: "CVE-2021-34389", datePublished: "2021-06-21T21:35:19", dateReserved: "2021-06-09T00:00:00", dateUpdated: "2024-08-04T00:12:50.025Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-34372
Vulnerability from cvelistv5
Published
2021-06-22 21:25
Modified
2024-08-04 00:12
Severity ?
EPSS score ?
Summary
Trusty (the trusted OS produced by NVIDIA for Jetson devices) driver contains a vulnerability in the NVIDIA OTE protocol message parsing code where an integer overflow in a malloc() size calculation leads to a buffer overflow on the heap, which might result in information disclosure, escalation of privileges, and denial of service.
References
| ▼ | URL | Tags |
|---|---|---|
| https://nvidia.custhelp.com/app/answers/detail/a_id/5205 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| NVIDIA | NVIDIA Jetson TX2 series, TX2 NX, AGX Xavier series, Xavier NX |
Version: All Jetson Linux versions prior to r32.5.1 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T00:12:49.639Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5205", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "NVIDIA Jetson TX2 series, TX2 NX, AGX Xavier series, Xavier NX", vendor: "NVIDIA", versions: [ { status: "affected", version: "All Jetson Linux versions prior to r32.5.1", }, ], }, ], descriptions: [ { lang: "en", value: "Trusty (the trusted OS produced by NVIDIA for Jetson devices) driver contains a vulnerability in the NVIDIA OTE protocol message parsing code where an integer overflow in a malloc() size calculation leads to a buffer overflow on the heap, which might result in information disclosure, escalation of privileges, and denial of service.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 8.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "information disclosure, escalation of privileges, denial of service", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-06-22T21:25:21", orgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", shortName: "nvidia", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5205", }, ], source: { discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.0.9", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@nvidia.com", ID: "CVE-2021-34372", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "NVIDIA Jetson TX2 series, TX2 NX, AGX Xavier series, Xavier NX", version: { version_data: [ { version_value: "All Jetson Linux versions prior to r32.5.1", }, ], }, }, ], }, vendor_name: "NVIDIA", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Trusty (the trusted OS produced by NVIDIA for Jetson devices) driver contains a vulnerability in the NVIDIA OTE protocol message parsing code where an integer overflow in a malloc() size calculation leads to a buffer overflow on the heap, which might result in information disclosure, escalation of privileges, and denial of service.", }, ], }, generator: { engine: "Vulnogram 0.0.9", }, impact: { cvss: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 8.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "information disclosure, escalation of privileges, denial of service", }, ], }, ], }, references: { reference_data: [ { name: "https://nvidia.custhelp.com/app/answers/detail/a_id/5205", refsource: "CONFIRM", url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5205", }, ], }, source: { discovery: "UNKNOWN", }, }, }, }, cveMetadata: { assignerOrgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", assignerShortName: "nvidia", cveId: "CVE-2021-34372", datePublished: "2021-06-22T21:25:21", dateReserved: "2021-06-09T00:00:00", dateUpdated: "2024-08-04T00:12:49.639Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-1125
Vulnerability from cvelistv5
Published
2021-11-20 14:55
Modified
2024-08-03 15:55
Severity ?
EPSS score ?
Summary
NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to corrupt program data.
References
| ▼ | URL | Tags |
|---|---|---|
| https://nvidia.custhelp.com/app/answers/detail/a_id/5263 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| NVIDIA | NVIDIA GPU and Tegra hardware |
Version: Maxwell, Pascal, Volta, Tegra X1, Tegra X1+, Tegra TX2, Xavier |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T15:55:18.660Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5263", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "NVIDIA GPU and Tegra hardware", vendor: "NVIDIA", versions: [ { status: "affected", version: "Maxwell, Pascal, Volta, Tegra X1, Tegra X1+, Tegra TX2, Xavier", }, ], }, ], descriptions: [ { lang: "en", value: "NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to corrupt program data.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 4.1, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "CWE 325: Missing Cryptographic Step", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-11-20T14:55:20", orgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", shortName: "nvidia", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5263", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@nvidia.com", ID: "CVE-2021-1125", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "NVIDIA GPU and Tegra hardware", version: { version_data: [ { version_value: "Maxwell, Pascal, Volta, Tegra X1, Tegra X1+, Tegra TX2, Xavier", }, ], }, }, ], }, vendor_name: "NVIDIA", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to corrupt program data.", }, ], }, impact: { cvss: { baseScore: 4.1, baseSeverity: "Medium", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE 325: Missing Cryptographic Step", }, ], }, ], }, references: { reference_data: [ { name: "https://nvidia.custhelp.com/app/answers/detail/a_id/5263", refsource: "CONFIRM", url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5263", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", assignerShortName: "nvidia", cveId: "CVE-2021-1125", datePublished: "2021-11-20T14:55:20", dateReserved: "2020-11-12T00:00:00", dateUpdated: "2024-08-03T15:55:18.660Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-34374
Vulnerability from cvelistv5
Published
2021-06-30 10:24
Modified
2024-08-04 00:12
Severity ?
EPSS score ?
Summary
Trusty contains a vulnerability in command handlers where the length of input buffers is not verified. This vulnerability can cause memory corruption, which may lead to information disclosure, escalation of privileges, and denial of service.
References
| ▼ | URL | Tags |
|---|---|---|
| https://nvidia.custhelp.com/app/answers/detail/a_id/5205 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| NVIDIA | NVIDIA Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX |
Version: All Jetson Linux versions prior to r32.5.1 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T00:12:48.697Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5205", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "NVIDIA Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX", vendor: "NVIDIA", versions: [ { status: "affected", version: "All Jetson Linux versions prior to r32.5.1", }, ], }, ], descriptions: [ { lang: "en", value: "Trusty contains a vulnerability in command handlers where the length of input buffers is not verified. This vulnerability can cause memory corruption, which may lead to information disclosure, escalation of privileges, and denial of service.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.7, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "information disclosure, escalation of privileges, denial of service", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-06-30T10:24:28", orgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", shortName: "nvidia", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5205", }, ], source: { discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.0.9", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@nvidia.com", ID: "CVE-2021-34374", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "NVIDIA Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX", version: { version_data: [ { version_value: "All Jetson Linux versions prior to r32.5.1", }, ], }, }, ], }, vendor_name: "NVIDIA", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Trusty contains a vulnerability in command handlers where the length of input buffers is not verified. This vulnerability can cause memory corruption, which may lead to information disclosure, escalation of privileges, and denial of service.", }, ], }, generator: { engine: "Vulnogram 0.0.9", }, impact: { cvss: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.7, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "information disclosure, escalation of privileges, denial of service", }, ], }, ], }, references: { reference_data: [ { name: "https://nvidia.custhelp.com/app/answers/detail/a_id/5205", refsource: "CONFIRM", url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5205", }, ], }, source: { discovery: "UNKNOWN", }, }, }, }, cveMetadata: { assignerOrgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", assignerShortName: "nvidia", cveId: "CVE-2021-34374", datePublished: "2021-06-30T10:24:28", dateReserved: "2021-06-09T00:00:00", dateUpdated: "2024-08-04T00:12:48.697Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-34393
Vulnerability from cvelistv5
Published
2021-06-22 21:25
Modified
2024-08-04 00:12
Severity ?
EPSS score ?
Summary
Trusty contains a vulnerability in TSEC TA which deserializes the incoming messages even though the TSEC TA does not expose any command. This vulnerability might allow an attacker to exploit the deserializer to impact code execution, causing information disclosure.
References
| ▼ | URL | Tags |
|---|---|---|
| https://nvidia.custhelp.com/app/answers/detail/a_id/5205 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| NVIDIA | NVIDIA Jetson TX2 series, TX2 NX, AGX Xavier series, Xavier NX |
Version: All Jetson Linux versions prior to r32.5.1 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T00:12:50.021Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5205", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "NVIDIA Jetson TX2 series, TX2 NX, AGX Xavier series, Xavier NX", vendor: "NVIDIA", versions: [ { status: "affected", version: "All Jetson Linux versions prior to r32.5.1", }, ], }, ], descriptions: [ { lang: "en", value: "Trusty contains a vulnerability in TSEC TA which deserializes the incoming messages even though the TSEC TA does not expose any command. This vulnerability might allow an attacker to exploit the deserializer to impact code execution, causing information disclosure.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 4.2, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "information disclosure", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-06-22T21:25:27", orgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", shortName: "nvidia", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5205", }, ], source: { discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.0.9", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@nvidia.com", ID: "CVE-2021-34393", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "NVIDIA Jetson TX2 series, TX2 NX, AGX Xavier series, Xavier NX", version: { version_data: [ { version_value: "All Jetson Linux versions prior to r32.5.1", }, ], }, }, ], }, vendor_name: "NVIDIA", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Trusty contains a vulnerability in TSEC TA which deserializes the incoming messages even though the TSEC TA does not expose any command. This vulnerability might allow an attacker to exploit the deserializer to impact code execution, causing information disclosure.", }, ], }, generator: { engine: "Vulnogram 0.0.9", }, impact: { cvss: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 4.2, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "information disclosure", }, ], }, ], }, references: { reference_data: [ { name: "https://nvidia.custhelp.com/app/answers/detail/a_id/5205", refsource: "CONFIRM", url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5205", }, ], }, source: { discovery: "UNKNOWN", }, }, }, }, cveMetadata: { assignerOrgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", assignerShortName: "nvidia", cveId: "CVE-2021-34393", datePublished: "2021-06-22T21:25:27", dateReserved: "2021-06-09T00:00:00", dateUpdated: "2024-08-04T00:12:50.021Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-0108
Vulnerability from cvelistv5
Published
2024-08-08 16:18
Modified
2024-08-09 15:48
Severity ?
EPSS score ?
Summary
NVIDIA Jetson Linux contains a vulnerability in NvGPU where error handling paths in GPU MMU mapping code fail to clean up a failed mapping attempt. A successful exploit of this vulnerability may lead to denial of service, code execution, and escalation of privileges.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| NVIDIA | NVIDIA Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX, Jetson TX1, Jetson Nano series |
Version: All versions prior to and including 32.7.4 |
{ containers: { adp: [ { affected: [ { cpes: [ "cpe:2.3:a:nvidia:jetson_agx_xavier:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "jetson_agx_xavier", vendor: "nvidia", versions: [ { lessThanOrEqual: "32.7.4", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "jetson_xavier_nx", vendor: "nvidia", versions: [ { lessThanOrEqual: "32.7.4", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:nvidia:jetson_tx2:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "jetson_tx2", vendor: "nvidia", versions: [ { lessThanOrEqual: "32.7.4", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:nvidia:jetson_tx2_nx:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "jetson_tx2_nx", vendor: "nvidia", versions: [ { lessThanOrEqual: "32.7.4", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:nvidia:jetson_tx1:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "jetson_tx1", vendor: "nvidia", versions: [ { lessThanOrEqual: "32.7.4", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:h:nvidia:jetson_nano:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "jetson_nano", vendor: "nvidia", versions: [ { lessThanOrEqual: "32.7.4", status: "affected", version: "0", versionType: "custom", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2024-0108", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-08-09T15:37:53.668854Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-08-09T15:48:50.071Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", platforms: [ "Jetson Linux", ], product: "NVIDIA Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX, Jetson TX1, Jetson Nano series", vendor: "NVIDIA", versions: [ { status: "affected", version: "All versions prior to and including 32.7.4", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<span style=\"background-color: rgb(255, 255, 255);\">NVIDIA Jetson Linux contains a vulnerability in NvGPU where error handling paths in GPU MMU mapping code fail to clean up a failed mapping attempt. A successful exploit of this vulnerability may lead to denial of service, code execution, and escalation of privileges.</span>", }, ], value: "NVIDIA Jetson Linux contains a vulnerability in NvGPU where error handling paths in GPU MMU mapping code fail to clean up a failed mapping attempt. A successful exploit of this vulnerability may lead to denial of service, code execution, and escalation of privileges.", }, ], impacts: [ { descriptions: [ { lang: "en", value: "Denial of service, code execution, escalation of privileges", }, ], }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 8.7, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-755", description: "CWE-755 Improper Handling of Exceptional Conditions", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-08-08T16:18:27.914Z", orgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", shortName: "nvidia", }, references: [ { url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5555", }, ], source: { discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.2.0", }, }, }, cveMetadata: { assignerOrgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", assignerShortName: "nvidia", cveId: "CVE-2024-0108", datePublished: "2024-08-08T16:18:27.914Z", dateReserved: "2023-12-02T00:42:18.437Z", dateUpdated: "2024-08-09T15:48:50.071Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-34379
Vulnerability from cvelistv5
Published
2021-06-30 10:24
Modified
2024-08-04 00:12
Severity ?
EPSS score ?
Summary
Trusty contains a vulnerability in the HDCP service TA where bounds checking in command 10 is missing. The length of an I/O buffer parameter is not checked, which might lead to memory corruption.
References
| ▼ | URL | Tags |
|---|---|---|
| https://nvidia.custhelp.com/app/answers/detail/a_id/5205 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| NVIDIA | NVIDIA Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX |
Version: All Jetson Linux versions prior to r32.5.1 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T00:12:50.243Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5205", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "NVIDIA Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX", vendor: "NVIDIA", versions: [ { status: "affected", version: "All Jetson Linux versions prior to r32.5.1", }, ], }, ], descriptions: [ { lang: "en", value: "Trusty contains a vulnerability in the HDCP service TA where bounds checking in command 10 is missing. The length of an I/O buffer parameter is not checked, which might lead to memory corruption.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.7, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "information disclosure, escalation of privileges, denial of service", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-06-30T10:24:33", orgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", shortName: "nvidia", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5205", }, ], source: { discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.0.9", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@nvidia.com", ID: "CVE-2021-34379", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "NVIDIA Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX", version: { version_data: [ { version_value: "All Jetson Linux versions prior to r32.5.1", }, ], }, }, ], }, vendor_name: "NVIDIA", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Trusty contains a vulnerability in the HDCP service TA where bounds checking in command 10 is missing. The length of an I/O buffer parameter is not checked, which might lead to memory corruption.", }, ], }, generator: { engine: "Vulnogram 0.0.9", }, impact: { cvss: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.7, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "information disclosure, escalation of privileges, denial of service", }, ], }, ], }, references: { reference_data: [ { name: "https://nvidia.custhelp.com/app/answers/detail/a_id/5205", refsource: "CONFIRM", url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5205", }, ], }, source: { discovery: "UNKNOWN", }, }, }, }, cveMetadata: { assignerOrgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", assignerShortName: "nvidia", cveId: "CVE-2021-34379", datePublished: "2021-06-30T10:24:33", dateReserved: "2021-06-09T00:00:00", dateUpdated: "2024-08-04T00:12:50.243Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-42269
Vulnerability from cvelistv5
Published
2022-12-30 00:00
Modified
2024-08-03 13:03
Severity ?
EPSS score ?
Summary
NVIDIA Trusted OS contains a vulnerability in an SMC call handler, where failure to validate untrusted input may allow a highly privileged local attacker to cause information disclosure and compromise integrity. The scope of the impact can extend to other components.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| NVIDIA | Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX1, Jetson TX2 series, Jetson TX2 NX |
Version: All versions prior to 32.7.2 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T13:03:45.939Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5417", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX1, Jetson TX2 series, Jetson TX2 NX", vendor: "NVIDIA", versions: [ { status: "affected", version: "All versions prior to 32.7.2", }, ], }, ], descriptions: [ { lang: "en", value: "NVIDIA Trusted OS contains a vulnerability in an SMC call handler, where failure to validate untrusted input may allow a highly privileged local attacker to cause information disclosure and compromise integrity. The scope of the impact can extend to other components.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 7.9, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-12-30T00:00:00", orgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", shortName: "nvidia", }, references: [ { url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5417", }, ], }, }, cveMetadata: { assignerOrgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", assignerShortName: "nvidia", cveId: "CVE-2022-42269", datePublished: "2022-12-30T00:00:00", dateReserved: "2022-10-03T00:00:00", dateUpdated: "2024-08-03T13:03:45.939Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-34400
Vulnerability from cvelistv5
Published
2021-11-20 14:55
Modified
2024-08-04 00:12
Severity ?
EPSS score ?
Summary
NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to gain access to information from unscrubbed memory, which may lead to information disclosure.
References
| ▼ | URL | Tags |
|---|---|---|
| https://nvidia.custhelp.com/app/answers/detail/a_id/5263 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| NVIDIA | NVIDIA GPU and Tegra hardware |
Version: Turing, Volta, Pascal, Maxwell, Tegra X1, Tegra X1+, Tegra TX2, Xavier |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T00:12:49.808Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5263", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "NVIDIA GPU and Tegra hardware", vendor: "NVIDIA", versions: [ { status: "affected", version: "Turing, Volta, Pascal, Maxwell, Tegra X1, Tegra X1+, Tegra TX2, Xavier", }, ], }, ], descriptions: [ { lang: "en", value: "NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to gain access to information from unscrubbed memory, which may lead to information disclosure.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 4.1, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "CWE 226: Sensitive Information in Resource Not Removed Before Reuse", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-11-20T14:55:27", orgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", shortName: "nvidia", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5263", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@nvidia.com", ID: "CVE-2021-34400", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "NVIDIA GPU and Tegra hardware", version: { version_data: [ { version_value: "Turing, Volta, Pascal, Maxwell, Tegra X1, Tegra X1+, Tegra TX2, Xavier", }, ], }, }, ], }, vendor_name: "NVIDIA", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to gain access to information from unscrubbed memory, which may lead to information disclosure.", }, ], }, impact: { cvss: { baseScore: 4.1, baseSeverity: "Medium", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE 226: Sensitive Information in Resource Not Removed Before Reuse", }, ], }, ], }, references: { reference_data: [ { name: "https://nvidia.custhelp.com/app/answers/detail/a_id/5263", refsource: "CONFIRM", url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5263", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", assignerShortName: "nvidia", cveId: "CVE-2021-34400", datePublished: "2021-11-20T14:55:27", dateReserved: "2021-06-09T00:00:00", dateUpdated: "2024-08-04T00:12:49.808Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-34383
Vulnerability from cvelistv5
Published
2021-06-30 10:24
Modified
2024-08-04 00:12
Severity ?
EPSS score ?
Summary
Bootloader contains a vulnerability in NVIDIA MB2 where a potential heap overflow might lead to denial of service or escalation of privileges.
References
| ▼ | URL | Tags |
|---|---|---|
| https://nvidia.custhelp.com/app/answers/detail/a_id/5205 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| NVIDIA | NVIDIA Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX |
Version: All Jetson Linux versions prior to r32.5.1 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T00:12:49.628Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5205", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "NVIDIA Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX", vendor: "NVIDIA", versions: [ { status: "affected", version: "All Jetson Linux versions prior to r32.5.1", }, ], }, ], descriptions: [ { lang: "en", value: "Bootloader contains a vulnerability in NVIDIA MB2 where a potential heap overflow might lead to denial of service or escalation of privileges.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.4, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "information disclosure, escalation of privileges, denial of service", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-06-30T10:24:36", orgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", shortName: "nvidia", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5205", }, ], source: { discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.0.9", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@nvidia.com", ID: "CVE-2021-34383", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "NVIDIA Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX", version: { version_data: [ { version_value: "All Jetson Linux versions prior to r32.5.1", }, ], }, }, ], }, vendor_name: "NVIDIA", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Bootloader contains a vulnerability in NVIDIA MB2 where a potential heap overflow might lead to denial of service or escalation of privileges.", }, ], }, generator: { engine: "Vulnogram 0.0.9", }, impact: { cvss: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.4, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "information disclosure, escalation of privileges, denial of service", }, ], }, ], }, references: { reference_data: [ { name: "https://nvidia.custhelp.com/app/answers/detail/a_id/5205", refsource: "CONFIRM", url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5205", }, ], }, source: { discovery: "UNKNOWN", }, }, }, }, cveMetadata: { assignerOrgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", assignerShortName: "nvidia", cveId: "CVE-2021-34383", datePublished: "2021-06-30T10:24:36", dateReserved: "2021-06-09T00:00:00", dateUpdated: "2024-08-04T00:12:49.628Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-34376
Vulnerability from cvelistv5
Published
2021-06-30 10:24
Modified
2024-08-04 00:12
Severity ?
EPSS score ?
Summary
Trusty contains a vulnerability in the HDCP service TA where bounds checking in command 5 is missing. Improper restriction of operations within the bounds of a memory buffer might lead to denial of service, escalation of privileges, and information disclosure.
References
| ▼ | URL | Tags |
|---|---|---|
| https://nvidia.custhelp.com/app/answers/detail/a_id/5205 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| NVIDIA | NVIDIA Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX |
Version: All Jetson Linux versions prior to r32.5.1 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T00:12:49.998Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5205", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "NVIDIA Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX", vendor: "NVIDIA", versions: [ { status: "affected", version: "All Jetson Linux versions prior to r32.5.1", }, ], }, ], descriptions: [ { lang: "en", value: "Trusty contains a vulnerability in the HDCP service TA where bounds checking in command 5 is missing. Improper restriction of operations within the bounds of a memory buffer might lead to denial of service, escalation of privileges, and information disclosure.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.7, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "information disclosure, escalation of privileges, denial of service", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-06-30T10:24:30", orgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", shortName: "nvidia", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5205", }, ], source: { discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.0.9", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@nvidia.com", ID: "CVE-2021-34376", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "NVIDIA Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX", version: { version_data: [ { version_value: "All Jetson Linux versions prior to r32.5.1", }, ], }, }, ], }, vendor_name: "NVIDIA", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Trusty contains a vulnerability in the HDCP service TA where bounds checking in command 5 is missing. Improper restriction of operations within the bounds of a memory buffer might lead to denial of service, escalation of privileges, and information disclosure.", }, ], }, generator: { engine: "Vulnogram 0.0.9", }, impact: { cvss: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.7, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "information disclosure, escalation of privileges, denial of service", }, ], }, ], }, references: { reference_data: [ { name: "https://nvidia.custhelp.com/app/answers/detail/a_id/5205", refsource: "CONFIRM", url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5205", }, ], }, source: { discovery: "UNKNOWN", }, }, }, }, cveMetadata: { assignerOrgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", assignerShortName: "nvidia", cveId: "CVE-2021-34376", datePublished: "2021-06-30T10:24:30", dateReserved: "2021-06-09T00:00:00", dateUpdated: "2024-08-04T00:12:49.998Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-23219
Vulnerability from cvelistv5
Published
2021-11-20 14:55
Modified
2024-08-03 19:05
Severity ?
EPSS score ?
Summary
NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller, which may allow a user with elevated privileges to access protected information by identifying, exploiting, and loading vulnerable microcode. Such an attack may lead to information disclosure.
References
| ▼ | URL | Tags |
|---|---|---|
| https://nvidia.custhelp.com/app/answers/detail/a_id/5263 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| NVIDIA | NVIDIA GPU and Tegra hardware |
Version: Maxwell (except GM206), Tegra X1, Tegra X1+ |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T19:05:55.355Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5263", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "NVIDIA GPU and Tegra hardware", vendor: "NVIDIA", versions: [ { status: "affected", version: "Maxwell (except GM206), Tegra X1, Tegra X1+", }, ], }, ], descriptions: [ { lang: "en", value: "NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller, which may allow a user with elevated privileges to access protected information by identifying, exploiting, and loading vulnerable microcode. Such an attack may lead to information disclosure.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 4.1, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "CWE 1190: DMA Device Enabled Too Early in Boot Phase", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-02-08T18:36:13", orgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", shortName: "nvidia", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5263", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@nvidia.com", ID: "CVE-2021-23219", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "NVIDIA GPU and Tegra hardware", version: { version_data: [ { version_value: "Maxwell (except GM206), Tegra X1, Tegra X1+", }, ], }, }, ], }, vendor_name: "NVIDIA", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller, which may allow a user with elevated privileges to access protected information by identifying, exploiting, and loading vulnerable microcode. Such an attack may lead to information disclosure.", }, ], }, impact: { cvss: { baseScore: 4.1, baseSeverity: "Medium", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE 1190: DMA Device Enabled Too Early in Boot Phase", }, ], }, ], }, references: { reference_data: [ { name: "https://nvidia.custhelp.com/app/answers/detail/a_id/5263", refsource: "CONFIRM", url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5263", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", assignerShortName: "nvidia", cveId: "CVE-2021-23219", datePublished: "2021-11-20T14:55:24", dateReserved: "2021-02-09T00:00:00", dateUpdated: "2024-08-03T19:05:55.355Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-1108
Vulnerability from cvelistv5
Published
2021-08-11 21:33
Modified
2024-08-03 15:55
Severity ?
EPSS score ?
Summary
NVIDIA Linux kernel distributions contain a vulnerability in FuSa Capture (VI/ISP), where integer underflow due to lack of input validation may lead to complete denial of service, partial integrity, and serious confidentiality loss for all processes in the system.
References
| ▼ | URL | Tags |
|---|---|---|
| https://nvidia.custhelp.com/app/answers/detail/a_id/5216 | x_refsource_MISC | |
| https://nvidia.custhelp.com/app/answers/detail/a_id/5259 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | NVIDIA | Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX, Jetson Nano, Jetson Nano 2GB, Jetson TX1 |
Version: All Jetson Linux versions prior to r32.6.1 |
||||||
|
|||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T15:55:18.642Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5216", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5259", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX, Jetson Nano, Jetson Nano 2GB, Jetson TX1", vendor: "NVIDIA", versions: [ { status: "affected", version: "All Jetson Linux versions prior to r32.6.1", }, ], }, { product: "Shield TV", vendor: "NVIDIA", versions: [ { status: "affected", version: "All Shield TV versions prior to SE 9.0", }, ], }, ], descriptions: [ { lang: "en", value: "NVIDIA Linux kernel distributions contain a vulnerability in FuSa Capture (VI/ISP), where integer underflow due to lack of input validation may lead to complete denial of service, partial integrity, and serious confidentiality loss for all processes in the system.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.3, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "denial of service, partial integrity, and confidentiality loss", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-01-19T16:56:12", orgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", shortName: "nvidia", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5216", }, { tags: [ "x_refsource_MISC", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5259", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@nvidia.com", ID: "CVE-2021-1108", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX, Jetson Nano, Jetson Nano 2GB, Jetson TX1", version: { version_data: [ { version_value: "All Jetson Linux versions prior to r32.6.1", }, ], }, }, { product_name: "Shield TV", version: { version_data: [ { version_value: "All Shield TV versions prior to SE 9.0", }, ], }, }, ], }, vendor_name: "NVIDIA", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "NVIDIA Linux kernel distributions contain a vulnerability in FuSa Capture (VI/ISP), where integer underflow due to lack of input validation may lead to complete denial of service, partial integrity, and serious confidentiality loss for all processes in the system.", }, ], }, impact: { cvss: { baseScore: 7.3, baseSeverity: "High", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "denial of service, partial integrity, and confidentiality loss", }, ], }, ], }, references: { reference_data: [ { name: "https://nvidia.custhelp.com/app/answers/detail/a_id/5216", refsource: "MISC", url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5216", }, { name: "https://nvidia.custhelp.com/app/answers/detail/a_id/5259", refsource: "MISC", url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5259", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", assignerShortName: "nvidia", cveId: "CVE-2021-1108", datePublished: "2021-08-11T21:33:01", dateReserved: "2020-11-12T00:00:00", dateUpdated: "2024-08-03T15:55:18.642Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-34380
Vulnerability from cvelistv5
Published
2021-06-30 10:24
Modified
2024-08-04 00:12
Severity ?
EPSS score ?
Summary
Bootloader contains a vulnerability in NVIDIA MB2 where potential heap overflow might cause corruption of the heap metadata, which might lead to arbitrary code execution, denial of service, and information disclosure during secure boot.
References
| ▼ | URL | Tags |
|---|---|---|
| https://nvidia.custhelp.com/app/answers/detail/a_id/5205 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| NVIDIA | NVIDIA Jetson TX1, TX2 series, TX2 NX, AGX Xavier series, Xavier NX, Nano and Nano 2GB |
Version: All Jetson Linux versions prior to r32.5.1 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T00:12:50.375Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5205", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "NVIDIA Jetson TX1, TX2 series, TX2 NX, AGX Xavier series, Xavier NX, Nano and Nano 2GB", vendor: "NVIDIA", versions: [ { status: "affected", version: "All Jetson Linux versions prior to r32.5.1", }, ], }, ], descriptions: [ { lang: "en", value: "Bootloader contains a vulnerability in NVIDIA MB2 where potential heap overflow might cause corruption of the heap metadata, which might lead to arbitrary code execution, denial of service, and information disclosure during secure boot.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "information disclosure, escalation of privileges, denial of service", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-06-30T10:24:34", orgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", shortName: "nvidia", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5205", }, ], source: { discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.0.9", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@nvidia.com", ID: "CVE-2021-34380", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "NVIDIA Jetson TX1, TX2 series, TX2 NX, AGX Xavier series, Xavier NX, Nano and Nano 2GB", version: { version_data: [ { version_value: "All Jetson Linux versions prior to r32.5.1", }, ], }, }, ], }, vendor_name: "NVIDIA", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Bootloader contains a vulnerability in NVIDIA MB2 where potential heap overflow might cause corruption of the heap metadata, which might lead to arbitrary code execution, denial of service, and information disclosure during secure boot.", }, ], }, generator: { engine: "Vulnogram 0.0.9", }, impact: { cvss: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "information disclosure, escalation of privileges, denial of service", }, ], }, ], }, references: { reference_data: [ { name: "https://nvidia.custhelp.com/app/answers/detail/a_id/5205", refsource: "CONFIRM", url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5205", }, ], }, source: { discovery: "UNKNOWN", }, }, }, }, cveMetadata: { assignerOrgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", assignerShortName: "nvidia", cveId: "CVE-2021-34380", datePublished: "2021-06-30T10:24:34", dateReserved: "2021-06-09T00:00:00", dateUpdated: "2024-08-04T00:12:50.375Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-1088
Vulnerability from cvelistv5
Published
2021-11-20 14:55
Modified
2024-08-03 15:55
Severity ?
EPSS score ?
Summary
NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to utilize debug mechanisms with insufficient access control, which may lead to information disclosure.
References
| ▼ | URL | Tags |
|---|---|---|
| https://nvidia.custhelp.com/app/answers/detail/a_id/5263 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| NVIDIA | NVIDIA GPU and Tegra hardware |
Version: Turing, Volta, Pascal, Maxwell, Tegra X1, Tegra X1+, Tegra TX2, Xavier |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T15:55:18.682Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5263", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "NVIDIA GPU and Tegra hardware", vendor: "NVIDIA", versions: [ { status: "affected", version: "Turing, Volta, Pascal, Maxwell, Tegra X1, Tegra X1+, Tegra TX2, Xavier", }, ], }, ], descriptions: [ { lang: "en", value: "NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to utilize debug mechanisms with insufficient access control, which may lead to information disclosure.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 4.1, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "CWE 200: Exposure of Sensitive Information to an Unauthorized Actor", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-11-20T14:55:17", orgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", shortName: "nvidia", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5263", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@nvidia.com", ID: "CVE-2021-1088", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "NVIDIA GPU and Tegra hardware", version: { version_data: [ { version_value: "Turing, Volta, Pascal, Maxwell, Tegra X1, Tegra X1+, Tegra TX2, Xavier", }, ], }, }, ], }, vendor_name: "NVIDIA", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to utilize debug mechanisms with insufficient access control, which may lead to information disclosure.", }, ], }, impact: { cvss: { baseScore: 4.1, baseSeverity: "Medium", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE 200: Exposure of Sensitive Information to an Unauthorized Actor", }, ], }, ], }, references: { reference_data: [ { name: "https://nvidia.custhelp.com/app/answers/detail/a_id/5263", refsource: "CONFIRM", url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5263", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "9576f279-3576-44b5-a4af-b9a8644b2de6", assignerShortName: "nvidia", cveId: "CVE-2021-1088", datePublished: "2021-11-20T14:55:17", dateReserved: "2020-11-12T00:00:00", dateUpdated: "2024-08-03T15:55:18.682Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }