Trusty contains a vulnerability in the NVIDIA OTE protocol that is present in all TAs. An incorrect message stream deserialization allows an attacker to use the malicious CA that is run by the user to cause the buffer overflow, which may lead to information disclosure and data modification.
References
Link | Resource |
---|---|
https://nvidia.custhelp.com/app/answers/detail/a_id/5205 | Vendor Advisory |
https://nvidia.custhelp.com/app/answers/detail/a_id/5205 | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
21 Nov 2024, 06:10
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : 4.6
v3 : 4.2 |
References | () https://nvidia.custhelp.com/app/answers/detail/a_id/5205 - Vendor Advisory |
Information
Published : 2021-06-22 22:15
Updated : 2024-11-21 06:10
NVD link : CVE-2021-34394
Mitre link : CVE-2021-34394
CVE.ORG link : CVE-2021-34394
JSON object : View
Products Affected
nvidia
- jetson_agx_xavier_32gb
- jetson_tx2
- jetson_xavier_nx
- jetson_agx_xavier_8gb
- jetson_agx_xavier_16gb
- jetson_tx2i
- jetson_tx2_nx
- jetson_linux
- jetson_tx2_4gb
CWE
CWE-502
Deserialization of Untrusted Data