CVE-2021-34382

CWE-190Integer Overflow3 documents3 sources
Severity
7.8HIGH
EPSS
0.1%
top 81.99%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Nvidia Jetson LinuxNvidia Nvidia Jetson TX1
Timeline
PublishedJun 30
Latest updateMay 24

Description

Trusty TLK contains a vulnerability in the NVIDIA TLK kernel’s tz_map_shared_mem function where an integer overflow on the size parameter causes the request buffer and the logging buffer to overflow, allowing writes to arbitrary addresses within the kernel.

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:HExploitability: 0.8 | Impact: 5.9

Affected Packages2 packages

NVDnvidia/jetson_linux< 32.5.1
CVEListV5nvidia/nvidia_jetson_tx1All Jetson Linux versions prior to r32.5.1

🔴Vulnerability Details

2
GHSA
GHSA-px4c-gw6m-mq7v: Trusty TLK contains a vulnerability in the NVIDIA TLK kernel’s tz_map_shared_mem function where an integer overflow on the size parameter causes the2022-05-24
CVEList
CVE-2021-34382: Trusty TLK contains a vulnerability in the NVIDIA TLK kernel’s tz_map_shared_mem function where an integer overflow on the size parameter causes the r2021-06-30
CVE-2021-34382 (HIGH CVSS 7.8) | Trusty TLK contains a vulnerability | cvebase.io