Timing-Related Vulnerability in NVIDIA Camera Firmware
CVE-2021-1109

7.2HIGH

Key Information:

Vendor: Nvidia
Status: Jetson Agx Xavier Series, Jetson Xavier Nx, Jetson Tx2 Series, Jetson Tx2 Nx, Jetson Nano, Jetson Nano 2gb, Jetson Tx1.
Vendor: CVE Published:; 11 August 2021

Summary

NVIDIA camera firmware has a multistep vulnerability that arises during specific timing operations. This flaw allows unauthorized modifications to camera resources, potentially leading to data integrity loss and interruptions in service across multiple streams. Addressing this vulnerability is crucial to ensure the reliable performance of systems reliant on NVIDIA camera technology.

Affected Version(s)

Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX, Jetson Nano, Jetson Nano 2GB, Jetson TX1. All Jetson Linux versions prior to r32.6.1

References

https://nvidia.custhelp.com/app/answers/detail/a_id/5216

x_refsource_MISC

CVSS V3.1

Score:

7.2

Severity:

HIGH

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

High

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published
Aug 11, 2021
Vulnerability Reserved
Nov 12, 2020