First published: Wed Jun 30 2021(Updated: )
Trusty contains a vulnerability in the HDCP service TA where bounds checking in command 10 is missing. The length of an I/O buffer parameter is not checked, which might lead to memory corruption.
Credit: psirt@nvidia.com
Affected Software | Affected Version | How to fix |
---|---|---|
NVIDIA Jetson Linux | <32.5.1 | |
Nvidia Jetson Agx Xavier 16gb | ||
Nvidia Jetson Agx Xavier 32gb | ||
Nvidia Jetson Agx Xavier 8gb | ||
NVIDIA Jetson TX2 | ||
Nvidia Jetson Tx2 4gb | ||
Nvidia Jetson Tx2 Nx | ||
Nvidia Jetson Tx2i | ||
Nvidia Jetson Xavier Nx |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID of this vulnerability is CVE-2021-34379.
The severity of CVE-2021-34379 is high with a CVSS score of 6.7.
The NVIDIA Jetson Linux software up to version 32.5.1 is affected by CVE-2021-34379.
CVE-2021-34379 occurs due to missing bounds checking in command 10 of the HDCP service TA in Trusty.
Yes, please refer to the following link for information on how to fix CVE-2021-34379: [https://nvidia.custhelp.com/app/answers/detail/a_id/5205](https://nvidia.custhelp.com/app/answers/detail/a_id/5205).