CVE-2021-23217

3 documents3 sources
Severity
7.5HIGH
EPSS
0.0%
top 87.22%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Nvidia Nvidia GPU AND Tegra Hardware
Timeline
PublishedNov 20
Latest updateMay 24

Description

NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller, which may allow a user with elevated privileges to instantiate a DMA write operation only within a specific time window timed to corrupt code execution, which may impact confidentiality, integrity, or availability. The scope impact may extend to other components.

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:HExploitability: 0.8 | Impact: 6.0

Affected Packages1 packages

â–¶CVEListV5nvidia/nvidia_gpu_and_tegra_hardwareMaxwell, GP100, Tegra X1, Tegra X1+, Tegra TX2

🔴Vulnerability Details

2
GHSA
GHSA-mjvf-fv64-9xrq: NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to instantiate a↗2022-05-24
â–¶
CVEList
CVE-2021-23217: NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller, which may allow a user with elevated privileges to instantiate↗2021-11-20
â–¶
CVE-2021-23217 (HIGH CVSS 7.5) | NVIDIA GPU and Tegra hardware conta | cvebase.io