fkie_cve-2021-23217
Vulnerability from fkie_nvd
Published
2021-11-20 15:15
Modified
2024-11-21 05:51
Severity ?
7.5 (High) - CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
7.5 (High) - CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
7.5 (High) - CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
Summary
NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller, which may allow a user with elevated privileges to instantiate a DMA write operation only within a specific time window timed to corrupt code execution, which may impact confidentiality, integrity, or availability. The scope impact may extend to other components.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:h:nvidia:geforce_gt_605:-:*:*:*:*:*:*:*", matchCriteriaId: "6A6FE1DB-4930-46B5-868D-4445EF312A33", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_610:-:*:*:*:*:*:*:*", matchCriteriaId: "B600A94B-877D-42BA-B4F7-360198F3ECF6", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_620:-:*:*:*:*:*:*:*", matchCriteriaId: "36438CBB-37FB-455B-AE50-D68726E092BD", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_625:-:*:*:*:*:*:*:*", matchCriteriaId: "EC98A0F7-89B0-4BE0-A6EE-58EA39781E53", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_630:-:*:*:*:*:*:*:*", matchCriteriaId: "0B8C2CAC-B37E-47AD-AF02-C6BF5952DF87", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_635:-:*:*:*:*:*:*:*", matchCriteriaId: "635D27CF-65F3-4166-867E-7FD25EEE5303", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_640:-:*:*:*:*:*:*:*", matchCriteriaId: "95DB79D1-C580-4A62-B177-7E47737147F9", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_705:-:*:*:*:*:*:*:*", matchCriteriaId: "0225FE8D-16A7-4400-94F2-CE857D2255C7", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_710:-:*:*:*:*:*:*:*", matchCriteriaId: "1B72BBAC-CEBD-4405-B1EC-7535794FF5EB", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_720:-:*:*:*:*:*:*:*", matchCriteriaId: "BCC9048C-F848-48AD-BD5D-59D36E684949", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_730:-:*:*:*:*:*:*:*", matchCriteriaId: "A2C9365F-B4A5-4EA2-917B-2F07457017EB", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gt_740:-:*:*:*:*:*:*:*", matchCriteriaId: "21FE9995-2F38-4257-9FE1-2495D05D1993", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_645:-:*:*:*:*:*:*:*", matchCriteriaId: "C519FF2F-0AE9-4290-8115-F60EB9B830C3", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_650:-:*:*:*:*:*:*:*", matchCriteriaId: "0D0E7C6F-C42F-40E1-9DF1-2ED17938DCC1", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_650_ti:-:*:*:*:*:*:*:*", matchCriteriaId: "3A978D1E-BD96-4534-83FE-434F0157AB54", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_650_ti_boost:-:*:*:*:*:*:*:*", matchCriteriaId: "0FCD9648-DA33-4F4F-9AC7-7FB826205729", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_660:-:*:*:*:*:*:*:*", matchCriteriaId: "89B38FD5-B548-4BF7-8E35-37701320569C", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_660_ti:-:*:*:*:*:*:*:*", matchCriteriaId: "7AD0960F-EBEF-4876-8DC6-7B42B799105F", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_670:-:*:*:*:*:*:*:*", matchCriteriaId: "4A4F5E65-0E6F-47FD-8E5B-D00D5F82D467", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_680:-:*:*:*:*:*:*:*", matchCriteriaId: "07F9F2F5-AE1B-4BE5-8D6B-D16967A208F2", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_690:-:*:*:*:*:*:*:*", matchCriteriaId: "8416729C-0339-4B1C-99AC-C132D45744C7", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_745:-:*:*:*:*:*:*:*", matchCriteriaId: "8E733A3A-347E-4147-89AE-9EEC9B4DB787", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_750:-:*:*:*:*:*:*:*", matchCriteriaId: "EDC42D37-5DDE-4545-A4B9-7701749C0982", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_750_ti:-:*:*:*:*:*:*:*", matchCriteriaId: "7F2F1B32-CFEE-4417-843D-880302E4D6FF", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_760:-:*:*:*:*:*:*:*", matchCriteriaId: "B5176FD7-C3F6-4642-831C-1FE33D3E3B35", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_760_ti:-:*:*:*:*:*:*:*", matchCriteriaId: "F61534DC-EA6D-42E8-9AE5-AE6420906318", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_770:-:*:*:*:*:*:*:*", matchCriteriaId: "530C2C04-A37D-442C-BB0E-BEA01864D73C", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_780:-:*:*:*:*:*:*:*", matchCriteriaId: "22A5378C-2395-4D23-BD06-0995C5637857", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_780_ti:-:*:*:*:*:*:*:*", matchCriteriaId: "D651C50E-63D1-4FC6-8EEA-095E17A1342A", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_950:-:*:*:*:*:*:*:*", matchCriteriaId: "52379F40-A0B8-404F-8187-26D085F3568A", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_960:-:*:*:*:*:*:*:*", matchCriteriaId: "29D0D308-1A59-4D8C-930C-2B480E718FB2", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_970:-:*:*:*:*:*:*:*", matchCriteriaId: "B957ED4F-2A0E-4E6E-AF06-CC09722A4008", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_980:-:*:*:*:*:*:*:*", matchCriteriaId: "280BE7CC-3E8C-4630-BDA3-CFC409C2E5A2", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:geforce_gtx_titan_x:-:*:*:*:*:*:*:*", matchCriteriaId: "5A7ED258-77DC-45FA-B6AE-B9310049ECDE", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:gtx_titan:-:*:*:*:*:*:*:*", matchCriteriaId: "114895F2-AE45-4A46-BCFF-FD7C2573D88B", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:gtx_titan_black:-:*:*:*:*:*:*:*", matchCriteriaId: "E4A83155-9EA1-4F67-803F-3F8F692C6729", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:gtx_titan_z:-:*:*:*:*:*:*:*", matchCriteriaId: "FED1874A-9E4B-4725-A130-6CA872D491CA", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:jetson_nano:-:*:*:*:*:*:*:*", matchCriteriaId: "2B2B041F-21A8-4F0B-BBAF-7CDD8B911547", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:jetson_nano:-:*:-:*:*:*:*:*", matchCriteriaId: "9244F123-8518-4D81-AD26-5695F27F413B", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:jetson_nano:-:*:developer_kit:*:*:*:*:*", matchCriteriaId: "80BF53A0-8FDF-4827-9C00-ED082C4A68C7", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:jetson_tx1:-:*:*:*:*:*:*:*", matchCriteriaId: "86D1FDAD-C594-43D9-9BF6-F7461177AB91", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m1000m:-:*:*:*:*:*:*:*", matchCriteriaId: "3896B47E-8787-45D2-96B3-BF4892780F35", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m1200:-:*:*:*:*:*:*:*", matchCriteriaId: "A1E9293F-C51A-40B0-9461-83A31366C8C5", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m2000:-:*:*:*:*:*:*:*", matchCriteriaId: "316C9573-7C7D-4429-8563-B74FD752AC51", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m2000m:-:*:*:*:*:*:*:*", matchCriteriaId: "6FEC13EF-BB2F-4ED2-BC8B-8234ABAEEE02", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m2200:-:*:*:*:*:*:*:*", matchCriteriaId: "E607C924-1682-4348-B6BF-31912E3A3D13", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m3000m:-:*:*:*:*:*:*:*", matchCriteriaId: "B5E13B65-F61B-44D4-B1D7-1E96D9CB45BD", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m4000:-:*:*:*:*:*:*:*", matchCriteriaId: "76ABA317-6621-4D57-874F-307451EC9C2E", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m4000m:-:*:*:*:*:*:*:*", matchCriteriaId: "477D72B5-A3EA-440A-B495-8A09E8564E8D", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m5000:-:*:*:*:*:*:*:*", matchCriteriaId: "F2B507EE-F005-4806-A8FC-8C8D9A31B0DB", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m5000m:-:*:*:*:*:*:*:*", matchCriteriaId: "DAD67DC6-AA36-4F93-B8DB-77EB8C153BCA", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m500m:-:*:*:*:*:*:*:*", matchCriteriaId: "E707A80B-6482-47DD-8BF3-6E58BC2C697A", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m520:-:*:*:*:*:*:*:*", matchCriteriaId: "2F5E94B4-0DF1-4F79-87A0-C90A6131091B", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m5500:-:*:*:*:*:*:*:*", matchCriteriaId: "0E8D2AC7-DC75-4BBA-BF4E-58BF88B49B11", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m6000:-:*:*:*:*:*:*:*", matchCriteriaId: "ED233BC3-6982-41E1-9205-5159C17A4A56", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m600m:-:*:*:*:*:*:*:*", matchCriteriaId: "7C186F38-89C7-4616-A424-201804F842C9", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:quadro_m620:-:*:*:*:*:*:*:*", matchCriteriaId: "DB2D3A4D-0C03-402F-BB8A-2DE5AE14FDA5", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:shield_tv:-:*:*:*:*:*:*:*", matchCriteriaId: "49F85C44-6B7E-4B7C-AC8D-9D5727DFA0B8", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:shield_tv_pro:-:*:*:*:*:*:*:*", matchCriteriaId: "76300BC2-B496-4B4D-979B-6C56F590449A", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:tesla_m10:-:*:*:*:*:*:*:*", matchCriteriaId: "343850DA-E975-467A-99A2-852E24135DD2", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:tesla_m4:-:*:*:*:*:*:*:*", matchCriteriaId: "B8C459A6-EE1D-482F-BC23-866836870512", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:tesla_m40:-:*:*:*:*:*:*:*", matchCriteriaId: "A6DDBF7C-C346-4515-AD0D-922E7E2F09E8", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:tesla_m6:-:*:*:*:*:*:*:*", matchCriteriaId: "2E92C2C2-1CF7-4531-B431-D67BF6049635", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:tesla_m60:-:*:*:*:*:*:*:*", matchCriteriaId: "44B63168-6671-4D31-A984-B0A0F71CB799", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:tesla_p100:-:*:*:*:*:*:*:*", matchCriteriaId: "6299665D-182A-4F2C-B451-1103B943CAE2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", matchCriteriaId: "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", vulnerable: false, }, { criteria: "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", matchCriteriaId: "A2572D17-1DE6-457B-99CC-64AFD54487EA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller, which may allow a user with elevated privileges to instantiate a DMA write operation only within a specific time window timed to corrupt code execution, which may impact confidentiality, integrity, or availability. The scope impact may extend to other components.", }, { lang: "es", value: "La GPU NVIDIA y el hardware Tegra contienen una vulnerabilidad en el microcontrolador interno, que puede permitir a un usuario con privilegios elevados instanciar una operación de escritura DMA sólo dentro de una ventana de tiempo específica programada para corromper la ejecución del código, lo que puede afectar a la confidencialidad, la integridad o la disponibilidad. El impacto del alcance puede extenderse a otros componentes", }, ], id: "CVE-2021-23217", lastModified: "2024-11-21T05:51:23.477", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 6.9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:M/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.4, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 6, source: "psirt@nvidia.com", type: "Secondary", }, { cvssData: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-11-20T15:15:07.890", references: [ { source: "psirt@nvidia.com", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5263", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/5263", }, ], sourceIdentifier: "psirt@nvidia.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
Title of the comment
Description of the comment
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.