CVE-2021-1106
Severity CVSS v4.0:
Pending analysis
Type:
CWE-787
Out-of-bounds Write
Publication date:
11/08/2021
Last modified:
08/07/2022
Description
NVIDIA Linux kernel distributions contain a vulnerability in nvmap, where writes may be allowed to read-only buffers, which may result in escalation of privileges, complete denial of service, unconstrained information disclosure, and serious data tampering of all processes on the system.
Impact
Base Score 3.x
7.80
Severity 3.x
HIGH
Base Score 2.0
4.60
Severity 2.0
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:nvidia:jetson_linux:*:*:*:*:*:*:*:* | 32.1 (including) | 32.6.1 (excluding) |
| cpe:2.3:h:nvidia:jetson_agx_xavier:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:nvidia:jetson_nano:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:nvidia:jetson_nano_2gb:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:nvidia:jetson_tx1:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:nvidia:jetson_tx2:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:nvidia:jetson_tx2_nx:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:*:*:*:*:*:* | ||
| cpe:2.3:a:nvidia:shield_experience:*:*:*:*:*:*:*:* | 9.0 (excluding) | |
| cpe:2.3:h:nvidia:shield_tv:-:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page