Bootloader contains a vulnerability in NVIDIA MB2 where potential heap overflow might cause corruption of the heap metadata, which might lead to arbitrary code execution, denial of service, and information disclosure during secure boot.
References
| Link | Resource |
|---|---|
| https://nvidia.custhelp.com/app/answers/detail/a_id/5205 | Vendor Advisory |
Configurations
Configuration 1 (hide)
| AND |
|
History
06 Jul 2021, 15:23
| Type | Values Removed | Values Added |
|---|---|---|
| CPE | cpe:2.3:h:nvidia:jetson_tx2:-:*:*:*:*:*:*:* cpe:2.3:h:nvidia:jetson_agx_xavier_8gb:-:*:*:*:*:*:*:* cpe:2.3:h:nvidia:jetson_tx2_4gb:-:*:*:*:*:*:*:* cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:*:*:*:*:*:* cpe:2.3:o:nvidia:jetson_linux:*:*:*:*:*:*:*:* cpe:2.3:h:nvidia:jetson_tx2_nx:-:*:*:*:*:*:*:* cpe:2.3:h:nvidia:jetson_agx_xavier_16gb:-:*:*:*:*:*:*:* cpe:2.3:h:nvidia:jetson_tx2i:-:*:*:*:*:*:*:* cpe:2.3:h:nvidia:jetson_agx_xavier_32gb:-:*:*:*:*:*:*:* |
|
| CVSS |
v2 : v3 : |
v2 : 4.6
v3 : 7.8 |
| CWE | CWE-787 | |
| References | (CONFIRM) https://nvidia.custhelp.com/app/answers/detail/a_id/5205 - Vendor Advisory |
30 Jun 2021, 11:55
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2021-06-30 11:15
Updated : 2023-12-10 13:55
NVD link : CVE-2021-34380
Mitre link : CVE-2021-34380
CVE.ORG link : CVE-2021-34380
JSON object : View
Products Affected
nvidia
- jetson_tx2_4gb
- jetson_agx_xavier_32gb
- jetson_agx_xavier_16gb
- jetson_agx_xavier_8gb
- jetson_tx2
- jetson_linux
- jetson_tx2i
- jetson_xavier_nx
- jetson_tx2_nx
CWE
CWE-787
Out-of-bounds Write