First published: Tue Jan 18 2022(Updated: )
NVIDIA Linux distributions contain a vulnerability in nvmap ioctl, which allows any user with a local account to exploit a use-after-free condition, leading to code privilege escalation, loss of confidentiality and integrity, or denial of service.
Credit: psirt@nvidia.com
Affected Software | Affected Version | How to fix |
---|---|---|
Nvidia Shield Experience | <9.0 | |
Google Android |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2021-34403 is a vulnerability in NVIDIA Linux distributions that allows any user with a local account to exploit a use-after-free condition, leading to code privilege escalation, loss of confidentiality and integrity, or denial of service.
The severity of CVE-2021-34403 is rated as high with a CVSS score of 7.8.
NVIDIA Linux distributions, specifically Nvidia Shield Experience up to version 9.0, are affected by CVE-2021-34403.
An attacker with a local account can exploit CVE-2021-34403 by leveraging the nvmap ioctl vulnerability to execute arbitrary code and escalate privileges.
To fix the vulnerability CVE-2021-34403, users should apply the necessary security updates provided by NVIDIA.