CVE-2021-1105Sensitive Information Exposure in Nvidia GPU AND Tegra Hardware

3 documents3 sources
Severity
4.4MEDIUMNVD
CNA4.1
EPSS
0.1%
top 83.57%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Nvidia GPU AND Tegra Hardware
Timeline
PublishedNov 20
Latest updateNov 21

Description

NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to access debug registers during runtime, which may lead to information disclosure.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:NExploitability: 0.8 | Impact: 3.6

Affected Packages1 packages

CVEListV5nvidia/nvidia_gpu_and_tegra_hardwareTuring, Volta, Pascal, Maxwell, Tegra X1, Tegra X1+, Tegra TX2, Xavier

🔴Vulnerability Details

2
GHSA
GHSA-58rx-v5qf-fh3p: NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to access debug2021-11-21
CVEList
CVE-2021-1105: NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to access debug2021-11-20
CVE-2021-1105 — Sensitive Information Exposure | cvebase