Buffer overflow in nVidia products - CVE-2021-1111
Published: August 4, 2021
Vulnerability identifier: #VU55586
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2021-1111
CWE-ID: CWE-119
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vendor: nVidia
Affected software:
Jetson AGX Xavier series
Jetson Xavier NX
Jetson TX2 series
Jetson TX2 NX
Jetson AGX Xavier series
Jetson Xavier NX
Jetson TX2 series
Jetson TX2 NX
Detailed vulnerability description
The vulnerability allows an attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in Bootloader. An attacker with physical access through USB to the system can trigger memory corruption and execute arbitrary code.
How to mitigate CVE-2021-1111
Install updates from vendor's website.