Integer Overflow Vulnerability in NVIDIA Trusty TLK Kernel
CVE-2021-34392

4.4MEDIUM

Key Information:

Vendor: Nvidia
Status: Nvidia Jetson Tx1
Vendor: CVE Published:; 22 June 2021

Summary

The NVIDIA Trusty TLK kernel is vulnerable to an integer overflow in the tz_map_shared_mem function, which can allow attackers to bypass important boundary checks. This exploitation could potentially result in a denial of service, affecting the stability of systems utilizing the Trusty TLK. Users are encouraged to check for updates and apply necessary patches to mitigate this risk.

Affected Version(s)

NVIDIA Jetson TX1 All Jetson Linux versions prior to r32.5.1

References

https://nvidia.custhelp.com/app/answers/detail/a_id/5205

x_refsource_CONFIRM

CVSS V3.1

Score:

4.4

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Jun 22, 2021
Vulnerability Reserved
Jun 9, 2021