CVE-2021-34386: Integer Overflow
First published: Mon Jun 21 2021(Updated: )
Trusty TLK contains a vulnerability in the NVIDIA TLK kernel where an integer overflow in the calloc size calculation can cause the multiplication of count and size can overflow, which might lead to heap overflows.
Credit: psirt@nvidia.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| NVIDIA Jetson Linux | <32.5.1 | |
| NVIDIA Jetson TX1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2021-34386?
CVE-2021-34386 is a vulnerability in the NVIDIA TLK kernel where an integer overflow in the calloc size calculation can cause heap overflows.
How severe is CVE-2021-34386?
CVE-2021-34386 has a severity rating of 6.7 (Medium).
Which software is affected by CVE-2021-34386?
The NVIDIA Jetson Linux with a version up to 32.5.1 is affected by CVE-2021-34386.
How can CVE-2021-34386 be exploited?
CVE-2021-34386 can be exploited by triggering an integer overflow in the calloc size calculation.
Is NVIDIA Jetson TX1 vulnerable to CVE-2021-34386?
No, NVIDIA Jetson TX1 is not vulnerable to CVE-2021-34386.
- collector/nvd-index
- agent/severity
- agent/weakness
- agent/references
- agent/author
- agent/type
- agent/event
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/nvidia
- canonical/nvidia jetson linux
- canonical/nvidia jetson tx1