Improper Access Control in NVIDIA Tegra Kernel Affects Jetson Devices
CVE-2021-1071

5.6MEDIUM

Key Information:

Vendor: Nvidia
Status: Nvidia Jetson Agx Xavier Series, Jetson Xavier Nx, Tx1, Tx2, Nano And Nano 2gb
Vendor: CVE Published:; 26 January 2021

Summary

The NVIDIA Tegra kernel in various Jetson devices has an improper access control vulnerability found in the INA3221 driver. This flaw may allow unauthorized users to access system power usage data, leading to potential information disclosure. This issue affects all L4T versions prior to r32.5, highlighting the need for users to update their systems promptly for security.

Affected Version(s)

NVIDIA Jetson AGX Xavier Series, Jetson Xavier NX, TX1, TX2, Nano and Nano 2GB All L4T versions prior to r32.5

References

https://nvidia.custhelp.com/app/answers/detail/a_id/5147

x_refsource_CONFIRM

CVSS V3.1

Score:

5.6

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published
Jan 26, 2021
Vulnerability Reserved
Nov 12, 2020