Trusty contains a vulnerability in the NVIDIA OTE protocol that is present in all TAs. An incorrect message stream deserialization allows an attacker to use the malicious CA that is run by the user to cause the buffer overflow, which may lead to information disclosure and data modification.
References
Link | Resource |
---|---|
https://nvidia.custhelp.com/app/answers/detail/a_id/5205 | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Information
Published : 2021-06-22 15:15
Updated : 2021-09-20 12:02
NVD link : CVE-2021-34394
Mitre link : CVE-2021-34394
JSON object : View
CWE
CWE-502
Deserialization of Untrusted Data
Products Affected
nvidia
- jetson_agx_xavier_32gb
- jetson_xavier_nx
- jetson_linux
- jetson_tx2
- jetson_tx2i
- jetson_agx_xavier_8gb
- jetson_agx_xavier_16gb
- jetson_tx2_nx
- jetson_tx2_4gb