What is CVE-2021-34372?

CVE-2021-34372 is a vulnerability in the Trusty driver produced by NVIDIA for Jetson devices.

What is the severity of CVE-2021-34372?

CVE-2021-34372 has a severity score of 7.8 (high).

Which software is affected by CVE-2021-34372?

The NVIDIA Jetson Linux up to version 32.5.1 is affected by CVE-2021-34372.

How does CVE-2021-34372 affect the system?

CVE-2021-34372 can result in information disclosure and escalation of privilege.

How can I fix CVE-2021-34372?

To fix CVE-2021-34372, update to a version of NVIDIA Jetson Linux that is higher than 32.5.1.

Vulnerability/
CVE-2021-34372

high

8.2

CWE

119 190

22/6/2021

4/8/2024

CVE-2021-34372: Buffer Overflow

First published: Tue Jun 22 2021(Updated: )

Trusty (the trusted OS produced by NVIDIA for Jetson devices) driver contains a vulnerability in the NVIDIA OTE protocol message parsing code where an integer overflow in a malloc() size calculation leads to a buffer overflow on the heap, which might result in information disclosure, escalation of privileges, and denial of service.

Credit: psirt@nvidia.com

Affected Software	Affected Version	How to fix
NVIDIA Linux for Tegra	<32.5.1
NVIDIA Jetson AGX Xavier 16GB
NVIDIA Jetson AGX Xavier 32GB
NVIDIA Jetson AGX Xavier 8GB
NVIDIA Jetson Nano
NVIDIA Jetson Nano
NVIDIA Jetson Nano 2GB
NVIDIA Jetson TX1 L4T
NVIDIA Jetson TX2 4GB
NVIDIA Jetson TX2 4GB
NVIDIA Jetson TX2 NX
NVIDIA Jetson TX2i
NVIDIA Jetson Xavier NX
NVIDIA Jetson Xavier NX

Never miss a vulnerability like this again

Reference Links

https://nvidia.custhelp.com/app/answers/detail/a_id/5205

Frequently Asked Questions

What is CVE-2021-34372?
CVE-2021-34372 is a vulnerability in the Trusty driver produced by NVIDIA for Jetson devices.
What is the severity of CVE-2021-34372?
CVE-2021-34372 has a severity score of 7.8 (high).
Which software is affected by CVE-2021-34372?
The NVIDIA Jetson Linux up to version 32.5.1 is affected by CVE-2021-34372.
How does CVE-2021-34372 affect the system?
CVE-2021-34372 can result in information disclosure and escalation of privilege.
How can I fix CVE-2021-34372?
To fix CVE-2021-34372, update to a version of NVIDIA Jetson Linux that is higher than 32.5.1.

agent/type
collector/mitre-cve
source/MITRE
agent/references
agent/author
agent/severity
agent/last-modified-date
agent/first-publish-date
agent/description
agent/event
agent/source
agent/weakness
agent/tags
agent/softwarecombine
collector/nvd-index
agent/software-canonical-lookup-request
vendor/nvidia
canonical/nvidia linux for tegra
canonical/nvidia jetson agx xavier 16gb
canonical/nvidia jetson agx xavier 32gb
canonical/nvidia jetson agx xavier 8gb
canonical/nvidia jetson nano
canonical/nvidia jetson nano 2gb
canonical/nvidia jetson tx1 l4t
canonical/nvidia jetson tx2 4gb
canonical/nvidia jetson tx2 nx
canonical/nvidia jetson tx2i
canonical/nvidia jetson xavier nx

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.