Use-After-Free Vulnerability in NVIDIA Linux Distributions
CVE-2021-34403

7.8HIGH

Key Information:

Vendor: Nvidia
Status: Shield Tv
Vendor: CVE Published:; 18 January 2022

Summary

NVIDIA Linux distributions are susceptible to a use-after-free vulnerability in the nvmap ioctl interface. This vulnerability allows any local user with an account to exploit the flaw, potentially resulting in unauthorized code execution and escalation of privileges. Additionally, it poses risks related to the confidentiality and integrity of user data, and it may lead to a denial of service situation. Users are urged to apply necessary patches to mitigate these risks.

Affected Version(s)

SHIELD TV All versions prior to SE 9.0

References

https://nvidia.custhelp.com/app/answers/detail/a_id/5259

x_refsource_CONFIRM

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jan 18, 2022
Vulnerability Reserved
Jun 9, 2021