First published: Tue Jun 22 2021(Updated: )
Trusty contains a vulnerability in TSEC TA which deserializes the incoming messages even though the TSEC TA does not expose any command. This vulnerability might allow an attacker to exploit the deserializer to impact code execution, causing information disclosure.
Credit: psirt@nvidia.com
Affected Software | Affected Version | How to fix |
---|---|---|
NVIDIA Jetson Linux | <32.5.1 | |
Nvidia Jetson Agx Xavier 16gb | ||
Nvidia Jetson Agx Xavier 32gb | ||
Nvidia Jetson Agx Xavier 8gb | ||
NVIDIA Jetson TX1 | ||
NVIDIA Jetson TX2 | ||
Nvidia Jetson Tx2 4gb | ||
Nvidia Jetson Tx2 Nx | ||
Nvidia Jetson Tx2i | ||
Nvidia Jetson Xavier Nx | ||
Nvidia Jetson Xavier Nx |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of CVE-2021-34393 is medium with a CVSS score of 4.4.
The NVIDIA Jetson Linux version up to exclusive 32.5.1 is affected by CVE-2021-34393.
CVE-2021-34393 allows an attacker to exploit the deserializer in TSEC TA to impact code execution, potentially causing information disclosure.
To fix CVE-2021-34393, update to a version of NVIDIA Jetson Linux that is higher than 32.5.1.
More information about CVE-2021-34393 can be found at the following link: https://nvidia.custhelp.com/app/answers/detail/a_id/5205