Heap Overflow Vulnerability in NVIDIA Bootloader Software
CVE-2021-34384

6.3MEDIUM

Key Information:

Vendor: Nvidia
Status: Nvidia Jetson Agx Xavier Series, Jetson Xavier Nx, Jetson Tx2 Series, Jetson Tx2 Nx
Vendor: CVE Published:; 30 June 2021

Summary

The NVIDIA bootloader software contains a vulnerability that can lead to a potential heap overflow, resulting in memory corruption. This issue poses risks, as it could be exploited to cause denial of service, allowing an attacker to disrupt normal operations or possibly execute arbitrary code, which could compromise system integrity. For more detailed information, refer to the official NVIDIA support documentation.

Affected Version(s)

NVIDIA Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX All Jetson Linux versions prior to r32.5.1

References

https://nvidia.custhelp.com/app/answers/detail/a_id/5205

x_refsource_CONFIRM

CVSS V3.1

Score:

6.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jun 30, 2021
Vulnerability Reserved
Jun 9, 2021