Heap Overflow Vulnerability in NVIDIA Bootloader MB2
CVE-2021-34383

6.4MEDIUM

Key Information:

Vendor

Nvidia
Status
Nvidia Jetson Agx Xavier Series, Jetson Xavier Nx, Jetson Tx2 Series, Jetson Tx2 Nx
Vendor
CVE Published:
30 June 2021

What is CVE-2021-34383?

NVIDIA MB2 Bootloader has a vulnerability that allows for a potential heap overflow. This could enable an attacker to exploit the system, resulting in a denial of service or the possibility to escalate privileges. It is essential for users of this bootloader to assess their systems and consider applying any available mitigations.

Affected Version(s)

NVIDIA Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX All Jetson Linux versions prior to r32.5.1

References

https://nvidia.custhelp.com/app/answers/detail/a_id/5205
x_refsource_CONFIRM

CVSS V3.1

Score:
6.4
Severity:
MEDIUM
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.