#VU13833 Integer overflow in SHIELD TV - CVE-2017-6292
Published: July 12, 2018
Vulnerability identifier: #VU13833
Vulnerability risk: Medium
CVSSv4.0: CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2017-6292
CWE-ID: CWE-190
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vulnerable software:
SHIELD TV
SHIELD TV
Software vendor:
nVidia
nVidia
Description
The vulnerability allows a physical unauthenticated attacker to gain elevated privileges on the target system.
The weakness exists due to a flaw in the TA-to-TA communication handler in NVIDIA TLK TrustZone OS where the software performs a calculation. A physical attacker can trigger integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value, and and cause the service to crash or execute arbitrary code execution with elevated privileges.
The weakness exists due to a flaw in the TA-to-TA communication handler in NVIDIA TLK TrustZone OS where the software performs a calculation. A physical attacker can trigger integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value, and and cause the service to crash or execute arbitrary code execution with elevated privileges.
Remediation
Update to version 7.0.