nvidia jetson CVE-2021-1111 is a vulnerability in NVIDIA Jetson
Published on August 11, 2021

Bootloader contains a vulnerability in the NV3P server where any user with physical access through USB can trigger an incorrect bounds check, which may lead to buffer overflow, resulting in limited information disclosure, limited data integrity, and denial of service across all components.

NVD

Vulnerability Analysis

CVE-2021-1111 can be exploited with physical access, and does not require authorization privileges or user interaction. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to have a small impact on confidentiality and integrity, and a high impact on availability.

Attack Vector:
PHYSICAL
Attack Complexity:
LOW
Privileges Required:
NONE
User Interaction:
NONE
Scope:
CHANGED
Confidentiality Impact:
LOW
Integrity Impact:
LOW
Availability Impact:
HIGH

Weakness Type

What is a Buffer Overflow Vulnerability?

The software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.

CVE-2021-1111 has been classified to as a Buffer Overflow vulnerability or weakness.


Products Associated with CVE-2021-1111

Want to know whenever a new CVE is published for NVIDIA Jetson? stack.watch will email you.

NVIDIA Jetson
 

Affected Versions

NVIDIA Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX Version All Jetson Linux versions prior to r32.6.1 is affected by CVE-2021-1111

Exploit Probability

EPSS
0.48%
Percentile
64.60%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.