First published: Mon Jun 21 2021(Updated: )
Bootloader contains a vulnerability in NVIDIA TegraBoot where a potential heap overflow might allow an attacker to control all the RAM after the heap block, leading to denial of service or code execution.
Credit: psirt@nvidia.com
Affected Software | Affected Version | How to fix |
---|---|---|
NVIDIA Jetson Linux | <32.5.1 | |
Nvidia Jetson Agx Xavier 16gb | ||
Nvidia Jetson Agx Xavier 32gb | ||
Nvidia Jetson Agx Xavier 8gb | ||
Nvidia Jetson Nano | ||
Nvidia Jetson Nano | ||
Nvidia Jetson Nano 2gb | ||
NVIDIA Jetson TX1 | ||
NVIDIA Jetson TX2 | ||
Nvidia Jetson Tx2 4gb | ||
Nvidia Jetson Tx2 Nx | ||
Nvidia Jetson Tx2i | ||
Nvidia Jetson Xavier Nx | ||
Nvidia Jetson Xavier Nx |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2021-34388 is a vulnerability in NVIDIA TegraBoot where a potential heap overflow might allow an attacker to control all the RAM after the heap block, leading to denial of service or code execution.
The affected software is NVIDIA Jetson Linux up to version 32.5.1.
CVE-2021-34388 has a severity rating of 7.8 (high).
To fix CVE-2021-34388, users should update to a version of NVIDIA TegraBoot that addresses the heap overflow vulnerability.
More information about CVE-2021-34388 can be found at the following link: [https://nvidia.custhelp.com/app/answers/detail/a_id/5205](https://nvidia.custhelp.com/app/answers/detail/a_id/5205)