CVE-2021-34373

CWE-787 — Out-of-bounds Write3 documents3 sources

Severity

6.0MEDIUM

EPSS

0.1%

top 77.95%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Nvidia Jetson Linux Nvidia Nvidia Jetson TX1

Timeline

PublishedJun 30

Latest updateMay 24

Description

Trusty trusted Linux kernel (TLK) contains a vulnerability in the NVIDIA TLK kernel where a lack of heap hardening could cause heap overflows, which might lead to information disclosure and denial of service.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:HExploitability: 1.5 | Impact: 5.8

Affected Packages2 packages

▶NVDnvidia/jetson_linux< 32.5.1

▶CVEListV5nvidia/nvidia_jetson_tx1All Jetson Linux versions prior to r32.5.1

🔴Vulnerability Details

GHSA

GHSA-mh32-w5r7-jx6m: Trusty trusted Linux kernel (TLK) contains a vulnerability in the NVIDIA TLK kernel where a lack of heap hardening could cause heap overflows, which m↗2022-05-24

▶

CVEList

CVE-2021-34373: Trusty trusted Linux kernel (TLK) contains a vulnerability in the NVIDIA TLK kernel where a lack of heap hardening could cause heap overflows, which m↗2021-06-30

▶