CVE-2021-34387
First published: Mon Jun 21 2021(Updated: )
The ARM TrustZone Technology on which Trusty is based on contains a vulnerability in access permission settings where the portion of the DRAM reserved for TrustZone is identity-mapped by TLK with read, write, and execute permissions, which gives write access to kernel code and data that is otherwise mapped read only.
Credit: psirt@nvidia.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| NVIDIA Jetson Linux | <32.5.1 | |
| NVIDIA Jetson TX1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this vulnerability?
The vulnerability ID is CVE-2021-34387.
What is the severity of CVE-2021-34387?
CVE-2021-34387 has a severity of high.
Which software is affected by CVE-2021-34387?
The NVIDIA Jetson Linux with versions up to and excluding 32.5.1 is affected by this vulnerability.
How does the vulnerability in ARM TrustZone Technology affect Trusty?
The vulnerability in ARM TrustZone Technology allows write access to kernel code and data in the portion of the DRAM reserved for TrustZone, compromising the security of Trusty-based systems.
Where can I find more information about CVE-2021-34387?
You can find more information about CVE-2021-34387 [here](https://nvidia.custhelp.com/app/answers/detail/a_id/5205).
- collector/nvd-index
- agent/severity
- agent/references
- agent/weakness
- agent/author
- agent/description
- agent/type
- agent/event
- agent/first-publish-date
- agent/softwarecombine
- agent/last-modified-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/nvidia
- canonical/nvidia jetson linux
- canonical/nvidia jetson tx1