CVE-2021-34389

Trusty contains a vulnerability in NVIDIA OTE protocol message parsing code, which is present in all the TAs. An incorrect bounds check can allow a local user through a malicious client to access memory from the heap in the TrustZone, which may lead to information disclosure.

Published: Jun 22, 2021
Updated: Apr 14, 2023
CVE: CVE-2021-34389
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 5
AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N

CVSS v2:

Severity: Low
Score: 1.9
AV:L/AC:M/Au:N/C:P/I:N/A:N

CWEs:

CWE-401

Affected Software
References

Software	From	Fixed in
nvidia / jetson_linux	-	32.5.1

https://nvidia.custhelp.com/app/answers/detail/a_id/5205

Vulnerability Database

290,206

CVE-2021-34389