What is CVE-2021-34372?

CVE-2021-34372 is a vulnerability in the Trusty driver produced by NVIDIA for Jetson devices.

What is the severity of CVE-2021-34372?

CVE-2021-34372 has a severity score of 7.8 (high).

Which software is affected by CVE-2021-34372?

The NVIDIA Jetson Linux up to version 32.5.1 is affected by CVE-2021-34372.

How does CVE-2021-34372 affect the system?

CVE-2021-34372 can result in information disclosure and escalation of privilege.

How can I fix CVE-2021-34372?

To fix CVE-2021-34372, update to a version of NVIDIA Jetson Linux that is higher than 32.5.1.

Vulnerability/
CVE-2021-34372

high

8.2

CWE

190 119

22/6/2021

4/8/2024

CVE-2021-34372: Integer Overflow

First published: Tue Jun 22 2021(Updated: )

Trusty (the trusted OS produced by NVIDIA for Jetson devices) driver contains a vulnerability in the NVIDIA OTE protocol message parsing code where an integer overflow in a malloc() size calculation leads to a buffer overflow on the heap, which might result in information disclosure, escalation of privileges, and denial of service.

Credit: psirt@nvidia.com

Affected Software	Affected Version	How to fix
NVIDIA Jetson Linux	<32.5.1
Nvidia Jetson Agx Xavier 16gb
Nvidia Jetson Agx Xavier 32gb
Nvidia Jetson Agx Xavier 8gb
Nvidia Jetson Nano
Nvidia Jetson Nano
Nvidia Jetson Nano 2gb
NVIDIA Jetson TX1
NVIDIA Jetson TX2
Nvidia Jetson Tx2 4gb
Nvidia Jetson Tx2 Nx
Nvidia Jetson Tx2i
Nvidia Jetson Xavier Nx
Nvidia Jetson Xavier Nx

Never miss a vulnerability like this again

Reference Links

https://nvidia.custhelp.com/app/answers/detail/a_id/5205

Frequently Asked Questions

What is CVE-2021-34372?
CVE-2021-34372 is a vulnerability in the Trusty driver produced by NVIDIA for Jetson devices.
What is the severity of CVE-2021-34372?
CVE-2021-34372 has a severity score of 7.8 (high).
Which software is affected by CVE-2021-34372?
The NVIDIA Jetson Linux up to version 32.5.1 is affected by CVE-2021-34372.
How does CVE-2021-34372 affect the system?
CVE-2021-34372 can result in information disclosure and escalation of privilege.
How can I fix CVE-2021-34372?
To fix CVE-2021-34372, update to a version of NVIDIA Jetson Linux that is higher than 32.5.1.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.