CVE-2021-34404

3 documents3 sources

Severity

7.6HIGH

EPSS

0.0%

top 84.83%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Nvidia Shield Experience Nvidia Shield TV

Timeline

PublishedJan 18

Latest updateJan 19

Description

Android images for T210 provided by NVIDIA contain a vulnerability in BROM, where failure to limit access to AHB-DMA when BROM fails may allow an unprivileged attacker with physical access to cause denial of service or impact integrity and confidentiality beyond the security scope of BROM.

CVSS vector

CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:HExploitability: 0.5 | Impact: 6.0

Affected Packages2 packages

▶NVDnvidia/shield_experience< 9.0

▶CVEListV5nvidia/shield_tvAll versions prior to SE 9.0

🔴Vulnerability Details

GHSA

GHSA-3ghw-4xg5-hgw2: Android images for T210 provided by NVIDIA contain a vulnerability in BROM, where failure to limit access to AHB-DMA when BROM fails may allow an unpr↗2022-01-19

▶

CVEList

CVE-2021-34404: Android images for T210 provided by NVIDIA contain a vulnerability in BROM, where failure to limit access to AHB-DMA when BROM fails may allow an unpr↗2022-01-18

▶