First published: Tue Jan 26 2021(Updated: )
NVIDIA Jetson AGX Xavier Series, Jetson Xavier NX, TX1, TX2, Nano and Nano 2GB, L4T versions prior to 32.5, contains a vulnerability in the apply_binaries.sh script used to install NVIDIA components into the root file system image, in which improper access control is applied, which may lead to an unprivileged user being able to modify system device tree files, leading to denial of service.
Credit: psirt@nvidia.com
Affected Software | Affected Version | How to fix |
---|---|---|
Nvidia Linux For Tegra | <r32.5 | |
NVIDIA Jetson AGX Xavier | ||
Nvidia Jetson Nano | ||
Nvidia Jetson Nano 2gb | ||
NVIDIA Jetson TX1 | ||
NVIDIA Jetson TX2 | ||
Nvidia Jetson Xavier Nx |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2021-1070 is a vulnerability found in NVIDIA Jetson AGX Xavier Series, Jetson Xavier NX, TX1, TX2, Nano and Nano 2GB, L4T versions prior to 32.5.
The severity of CVE-2021-1070 is high, with a severity value of 7.1.
NVIDIA Jetson AGX Xavier Series, Jetson Xavier NX, TX1, TX2, Nano, and Nano 2GB L4T versions prior to 32.5 are affected by CVE-2021-1070.
CVE-2021-1070 is a vulnerability in the apply_binaries.sh script used to install NVIDIA components into the root file system image, which allows improper access control.
To fix CVE-2021-1070, update your NVIDIA Jetson AGX Xavier Series, Jetson Xavier NX, TX1, TX2, Nano, and Nano 2GB to L4T version 32.5 or later.