First published: Wed Jun 30 2021(Updated: )
Trusty contains a vulnerability in the HDCP service TA where bounds checking in command 5 is missing. Improper restriction of operations within the bounds of a memory buffer might lead to denial of service, escalation of privileges, and information disclosure.
Credit: psirt@nvidia.com
Affected Software | Affected Version | How to fix |
---|---|---|
NVIDIA Jetson Linux | <32.5.1 | |
Nvidia Jetson Agx Xavier 16gb | ||
Nvidia Jetson Agx Xavier 32gb | ||
Nvidia Jetson Agx Xavier 8gb | ||
NVIDIA Jetson TX2 | ||
Nvidia Jetson Tx2 4gb | ||
Nvidia Jetson Tx2 Nx | ||
Nvidia Jetson Tx2i | ||
Nvidia Jetson Xavier Nx |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2021-34376 is a vulnerability in the HDCP service TA in Trusty, which is an operating system used in NVIDIA Jetson devices.
The severity of CVE-2021-34376 is considered high with a severity score of 6.7.
The affected software includes NVIDIA Jetson Linux versions up to and excluding 32.5.1.
The vulnerability may lead to denial of service, escalation of privileges, and information disclosure.
To fix CVE-2021-34376, it is recommended to update to the latest version of NVIDIA Jetson Linux.