Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Jetson_linux
(Nvidia)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 46 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2021-06-30 | CVE-2021-34381 | Trusty TLK contains a vulnerability in the NVIDIA TLK kernel function where a lack of checks allows the exploitation of an integer overflow on the size parameter of the tz_map_shared_mem function, which might lead to denial of service, information disclosure, or data tampering. | Jetson_linux | 7.8 | ||
| 2021-06-30 | CVE-2021-34384 | Bootloader contains a vulnerability in NVIDIA MB2 where a potential heap overflow could cause memory corruption, which might lead to denial of service or code execution. | Jetson_linux | 7.8 | ||
| 2021-06-30 | CVE-2021-34383 | Bootloader contains a vulnerability in NVIDIA MB2 where a potential heap overflow might lead to denial of service or escalation of privileges. | Jetson_linux | 6.7 | ||
| 2021-06-30 | CVE-2021-34385 | Trusty TLK contains a vulnerability in the NVIDIA TLK kernel where an integer overflow in the calculation of a length could lead to a heap overflow. | Jetson_linux | 6.7 | ||
| 2021-06-21 | CVE-2021-34386 | Trusty TLK contains a vulnerability in the NVIDIA TLK kernel where an integer overflow in the calloc size calculation can cause the multiplication of count and size can overflow, which might lead to heap overflows. | Jetson_linux | 6.7 | ||
| 2021-06-21 | CVE-2021-34387 | The ARM TrustZone Technology on which Trusty is based on contains a vulnerability in access permission settings where the portion of the DRAM reserved for TrustZone is identity-mapped by TLK with read, write, and execute permissions, which gives write access to kernel code and data that is otherwise mapped read only. | Jetson_linux | 6.7 | ||
| 2021-06-22 | CVE-2021-34372 | Trusty (the trusted OS produced by NVIDIA for Jetson devices) driver contains a vulnerability in the NVIDIA OTE protocol message parsing code where an integer overflow in a malloc() size calculation leads to a buffer overflow on the heap, which might result in information disclosure, escalation of privileges, and denial of service. | Jetson_linux | 7.8 | ||
| 2021-06-22 | CVE-2021-34397 | Bootloader contains a vulnerability in NVIDIA MB2, which may cause free-the-wrong-heap, which may lead to limited denial of service. | Jetson_linux | 2.3 | ||
| 2021-06-22 | CVE-2021-34392 | Trusty TLK contains a vulnerability in the NVIDIA TLK kernel where an integer overflow in the tz_map_shared_mem function can bypass boundary checks, which might lead to denial of service. | Jetson_linux | 5.5 | ||
| 2021-06-22 | CVE-2021-34393 | Trusty contains a vulnerability in TSEC TA which deserializes the incoming messages even though the TSEC TA does not expose any command. This vulnerability might allow an attacker to exploit the deserializer to impact code execution, causing information disclosure. | Jetson_linux | 4.4 |