First published: Tue Jun 22 2021(Updated: )
Trusty contains a vulnerability in the NVIDIA OTE protocol that is present in all TAs. An incorrect message stream deserialization allows an attacker to use the malicious CA that is run by the user to cause the buffer overflow, which may lead to information disclosure and data modification.
Credit: psirt@nvidia.com
Affected Software | Affected Version | How to fix |
---|---|---|
NVIDIA Jetson Linux | <32.5.1 | |
Nvidia Jetson Agx Xavier 16gb | ||
Nvidia Jetson Agx Xavier 32gb | ||
Nvidia Jetson Agx Xavier 8gb | ||
NVIDIA Jetson TX2 | ||
Nvidia Jetson Tx2 4gb | ||
Nvidia Jetson Tx2 Nx | ||
Nvidia Jetson Tx2i | ||
Nvidia Jetson Xavier Nx | ||
Nvidia Jetson Xavier Nx |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2021-34394 is a vulnerability in Trusty's NVIDIA OTE protocol that allows an attacker to cause a buffer overflow, leading to information disclosure and data modification.
The vulnerability affects NVIDIA Jetson Linux up to version 32.5.1.
CVE-2021-34394 has a severity rating of 6.7 (medium).
The vulnerability can be exploited by sending an incorrect message stream to the Trusty NVIDIA OTE protocol, causing a buffer overflow.
No, Nvidia Jetson Agx Xavier 16gb is not vulnerable to CVE-2021-34394.