Information Disclosure Vulnerability in NVIDIA GPU and Tegra Hardware
CVE-2021-34399

4.1MEDIUM

Key Information:

Vendor: Nvidia
Status: Nvidia Gpu And Tegra Hardware
Vendor: CVE Published:; 20 November 2021

Summary

NVIDIA GPU and Tegra hardware have a vulnerability in their internal microcontroller that could allow an attacker with elevated privileges to access sensitive information from unsecured registers. This flaw poses a significant risk of information disclosure, potentially compromising the confidentiality of user data. Ensuring patches and updates are applied promptly is essential to mitigate the risks presented by this vulnerability.

Affected Version(s)

NVIDIA GPU and Tegra hardware Turing, Volta, Pascal, Maxwell, Tegra X1, Tegra X1+, Tegra TX2, Xavier

References

https://nvidia.custhelp.com/app/answers/detail/a_id/5263

x_refsource_CONFIRM

CVSS V3.1

Score:

4.1

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Nov 20, 2021
Vulnerability Reserved
Jun 9, 2021