Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2021-34386

Trusty TLK contains a vulnerability in the NVIDIA TLK kernel where an integer overflow in the calloc size calculation can cause the multiplication of count and size can overflow, which might lead to heap overflows.

Published

2021-06-21T22:15:07.577

Last Modified

2024-11-21T06:10:17.367

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 6.3 (MEDIUM)

CVSSv2 Vector

AV:L/AC:L/Au:N/C:P/I:P/A:P

Access Vector: LOCAL
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: PARTIAL
Integrity Impact: PARTIAL
Availability Impact: PARTIAL

Exploitability Score

3.9

Impact Score

6.4

Weaknesses

Type: Primary
CWE-190

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	nvidia	jetson_linux	< 32.5.1	Yes
Hardware	nvidia	jetson_tx1	-	No

References

https://nvidia.custhelp.com/app/answers/detail/a_id/5205 Vendor Advisory ([email protected])
https://nvidia.custhelp.com/app/answers/detail/a_id/5205 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)