Deserialization in Nvidia Jetson_agx_xavier_16gb

CVE-2021-34394

Trusty contains a vulnerability in the NVIDIA OTE protocol that is present in all TAs. An incorrect message stream deserialization allows an attacker to use the malicious CA that is run by the user to cause the buffer overflow, which may l…

Vulnerability class: Insecure Deserialization

EPSS: 0.003 (17.7th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 4.2 (Medium). Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H.

Affected products

Weakness classification (CWE)

References

Frequently asked questions

What is CVE-2021-34394?
CVE-2021-34394 is a medium-severity vulnerability in Nvidia Jetson_agx_xavier_16gb, classified under Deserialization of Untrusted Data. CVSS score: 4.2/10. Published 2021-06-22.
How severe is CVE-2021-34394?
Medium severity. CVSS v3 base score is 4.2 out of 10.