Integer Overflow Vulnerability in NVIDIA Trusty TLK
CVE-2021-34381

6.7MEDIUM

Key Information:

Vendor: Nvidia
Status: Nvidia Jetson Tx1
Vendor: CVE Published:; 30 June 2021

Summary

The NVIDIA Trusty TLK has a vulnerability in the kernel function due to insufficient checks in the tz_map_shared_mem function, which can lead to an integer overflow concerning the size parameter. This flaw enables potential attackers to exploit the system, resulting in denial of service, unauthorized information disclosure, or unauthorized data manipulation.

Affected Version(s)

NVIDIA Jetson TX1 All Jetson Linux versions prior to r32.5.1

References

https://nvidia.custhelp.com/app/answers/detail/a_id/5205

x_refsource_CONFIRM

CVSS V3.1

Score:

6.7

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Jun 30, 2021
Vulnerability Reserved
Jun 9, 2021