CVE-2021-34396
First published: Tue Jun 22 2021(Updated: )
Bootloader contains a vulnerability in access permission settings where unauthorized software may be able to overwrite NVIDIA MB2 code, which would result in limited denial of service.
Credit: psirt@nvidia.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| NVIDIA Linux for Tegra | <32.5.1 | |
| NVIDIA Jetson TX2 4GB | ||
| NVIDIA Jetson TX2 4GB | ||
| NVIDIA Jetson TX2 NX | ||
| NVIDIA Jetson TX2i |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2021-34396?
CVE-2021-34396 is a vulnerability in the bootloader access permission settings that allows unauthorized software to overwrite NVIDIA MB2 code, resulting in limited denial of service.
Which software is affected by CVE-2021-34396?
This vulnerability affects NVIDIA Jetson Linux versions up to and excluding 32.5.1.
Is NVIDIA Jetson TX2 affected by CVE-2021-34396?
No, NVIDIA Jetson TX2 is not affected by this vulnerability.
How severe is CVE-2021-34396?
CVE-2021-34396 has a severity rating of 2.3, which is considered low.
How can I fix CVE-2021-34396?
To mitigate CVE-2021-34396, update your NVIDIA Jetson Linux to version 32.5.1 or higher.
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/author
- agent/severity
- agent/last-modified-date
- agent/first-publish-date
- agent/description
- agent/event
- agent/source
- agent/tags
- agent/softwarecombine
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/nvidia
- canonical/nvidia linux for tegra
- canonical/nvidia jetson tx2 4gb
- canonical/nvidia jetson tx2 nx
- canonical/nvidia jetson tx2i