Internal Microcontroller Vulnerability in NVIDIA GPU and Tegra Hardware
CVE-2021-1088

4.1MEDIUM

Key Information:

Vendor: Nvidia
Status: Nvidia Gpu And Tegra Hardware
Vendor: CVE Published:; 20 November 2021

Summary

NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller that allows users with elevated privileges to exploit debug mechanisms. This exists due to insufficient access controls, potentially leading to unauthorized information disclosure. To mitigate this issue, users are encouraged to apply the latest security updates and monitor for unusual activity within their systems.

Affected Version(s)

NVIDIA GPU and Tegra hardware Turing, Volta, Pascal, Maxwell, Tegra X1, Tegra X1+, Tegra TX2, Xavier

References

https://nvidia.custhelp.com/app/answers/detail/a_id/5263

x_refsource_CONFIRM

CVSS V3.1

Score:

4.1

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Nov 20, 2021
Vulnerability Reserved
Nov 12, 2020