CVE-2021-34405: Null Pointer Dereference
First published: Tue Jan 18 2022(Updated: )
NVIDIA Linux distributions contain a vulnerability in TrustZone’s TEE_Malloc function, where an unchecked return value causing a null pointer dereference may lead to denial of service.
Credit: psirt@nvidia.com psirt@nvidia.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Nvidia Shield Experience | <9.0 | |
| Google Android |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this NVIDIA Linux vulnerability?
The vulnerability ID for this NVIDIA Linux vulnerability is CVE-2021-34405.
What is the severity of CVE-2021-34405?
The severity of CVE-2021-34405 is medium, with a severity value of 5.5.
What is the affected software for CVE-2021-34405?
The affected software for CVE-2021-34405 is Nvidia Shield Experience 9.0.
How does this vulnerability impact the affected software?
This vulnerability in TrustZone's TEE_Malloc function may lead to denial of service.
Is Google Android affected by CVE-2021-34405?
No, Google Android is not vulnerable to CVE-2021-34405.
How can I fix CVE-2021-34405?
Please refer to the official NVIDIA advisory at <a href="https://nvidia.custhelp.com/app/answers/detail/a_id/5259">https://nvidia.custhelp.com/app/answers/detail/a_id/5259</a> for guidance on how to address this vulnerability.
- agent/event
- agent/severity
- agent/weakness
- agent/references
- agent/author
- agent/type
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-api
- collector/mitre-cve
- source/MITRE
- vendor/nvidia
- canonical/nvidia shield experience
- vendor/google
- canonical/google android