First published: Mon Jun 21 2021(Updated: )
Trusty contains a vulnerability in NVIDIA OTE protocol message parsing code, which is present in all the TAs. An incorrect bounds check can allow a local user through a malicious client to access memory from the heap in the TrustZone, which may lead to information disclosure.
Credit: psirt@nvidia.com
Affected Software | Affected Version | How to fix |
---|---|---|
NVIDIA Jetson Linux | <32.5.1 | |
Nvidia Jetson Agx Xavier 16gb | ||
Nvidia Jetson Agx Xavier 32gb | ||
Nvidia Jetson Agx Xavier 8gb | ||
NVIDIA Jetson TX2 | ||
Nvidia Jetson Tx2 4gb | ||
Nvidia Jetson Tx2 Nx | ||
Nvidia Jetson Tx2i | ||
Nvidia Jetson Xavier Nx | ||
Nvidia Jetson Xavier Nx |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID of this vulnerability is CVE-2021-34389.
CVE-2021-34389 is a vulnerability in Trusty that allows a local user to access memory from the heap in the TrustZone, leading to potential information disclosure.
The affected software includes NVIDIA Jetson Linux versions up to 32.5.1.
The severity level of CVE-2021-34389 is medium.
To fix CVE-2021-34389, it is recommended to update to the latest version of NVIDIA Jetson Linux.