CVE-2021-34394

Trusty contains a vulnerability in the NVIDIA OTE protocol that is present in all TAs. An incorrect message stream deserialization allows an attacker to use the malicious CA that is run by the user to cause the buffer overflow, which may lead to information disclosure and data modification.
References
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:nvidia:jetson_linux:*:*:*:*:*:*:*:*
OR cpe:2.3:h:nvidia:jetson_agx_xavier_16gb:-:*:*:*:*:*:*:*
cpe:2.3:h:nvidia:jetson_agx_xavier_32gb:-:*:*:*:*:*:*:*
cpe:2.3:h:nvidia:jetson_agx_xavier_8gb:-:*:*:*:*:*:*:*
cpe:2.3:h:nvidia:jetson_tx2:-:*:*:*:*:*:*:*
cpe:2.3:h:nvidia:jetson_tx2_4gb:-:*:*:*:*:*:*:*
cpe:2.3:h:nvidia:jetson_tx2_nx:-:*:*:*:*:*:*:*
cpe:2.3:h:nvidia:jetson_tx2i:-:*:*:*:*:*:*:*
cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:developer_kit:*:*:*:*:*
cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:production:*:*:*:*:*

History

No history.

Information

Published : 2021-06-22 22:15

Updated : 2024-02-28 18:28


NVD link : CVE-2021-34394

Mitre link : CVE-2021-34394

CVE.ORG link : CVE-2021-34394


JSON object : View

Products Affected

nvidia

  • jetson_agx_xavier_32gb
  • jetson_tx2_4gb
  • jetson_tx2i
  • jetson_agx_xavier_8gb
  • jetson_tx2_nx
  • jetson_tx2
  • jetson_agx_xavier_16gb
  • jetson_linux
  • jetson_xavier_nx
CWE
CWE-502

Deserialization of Untrusted Data