Improper input validation in Nvidia Jetson_agx_xavier_16gb
CVE-2021-34374
Trusty contains a vulnerability in command handlers where the length of input buffers is not verified. This vulnerability can cause memory corruption, which may lead to information disclosure, escalation of privileges, and denial of servic…
Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)
EPSS: 0.002 (15.3th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 7.7 (High). Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H.
Affected products
- Nvidia Jetson_agx_xavier_16gb
- Nvidia Jetson_agx_xavier_32gb
- Nvidia Jetson_agx_xavier_8gb
- Nvidia Jetson_linux
- Nvidia Jetson_tx2
- Nvidia Jetson_tx2_4gb
- Nvidia Jetson_tx2i
- Nvidia Jetson_tx2_nx
- Nvidia Jetson_xavier_nx
- Nvidia Jetson Agx Xavier Series, Nx, Tx2 Nx — versions All Jetson Linux versions prior to r32.5.1
Weakness classification (CWE)
References
- psirt@nvidia.com (x_refsource_CONFIRM, Vendor Advisory)
Frequently asked questions
- What is CVE-2021-34374?
- CVE-2021-34374 is a high-severity vulnerability in Nvidia Jetson_agx_xavier_16gb, classified under Improper Input Validation. CVSS score: 7.7/10. Published 2021-06-30.
- How severe is CVE-2021-34374?
- High severity. CVSS v3 base score is 7.7 out of 10.