CVE-2021-34394 Vulnerability Details

  /     /     /  

CVE-2021-34394 Metadata Quick Info

CVE Published: 22/06/2021 | CVE Updated: 04/08/2024 | CVE Year: 2021
Source: nvidia | Vendor: NVIDIA | Product: NVIDIA Jetson TX2 series, TX2 NX, AGX Xavier series, Xavier NX
Status : PUBLISHED

---

CVE-2021-34394 Description

Trusty contains a vulnerability in the NVIDIA OTE protocol that is present in all TAs. An incorrect message stream deserialization allows an attacker to use the malicious CA that is run by the user to cause the buffer overflow, which may lead to information disclosure and data modification.

Metrics

CVSS Version: 3.1 | Base Score: 4.2 MEDIUM
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H

l➤ Exploitability Metrics:
    Attack Vector (AV)* LOCAL
    Attack Complexity (AC)* LOW
    Privileges Required (PR)* HIGH
    User Interaction (UI)* REQUIRED
    Scope (S)* UNCHANGED

l➤ Impact Metrics:
    Confidentiality Impact (C)* NONE
    Integrity Impact (I)* NONE
    Availability Impact (A)* HIGH

Weakness Enumeration (CWE)

CWE-ID:
CWE Name: denial of service
Source: NVIDIA

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).