CVE-2021-34374

Severity CVSS v4.0:
Pending analysis
Type:
CWE-20 Input Validation
Publication date:
30/06/2021
Last modified:
06/07/2021

Description

Trusty contains a vulnerability in command handlers where the length of input buffers is not verified. This vulnerability can cause memory corruption, which may lead to information disclosure, escalation of privileges, and denial of service.

Vulnerable products and versions

CPE From Up to
cpe:2.3:o:nvidia:jetson_linux:*:*:*:*:*:*:*:* 32.5.1 (excluding)
cpe:2.3:h:nvidia:jetson_agx_xavier_16gb:-:*:*:*:*:*:*:*
cpe:2.3:h:nvidia:jetson_agx_xavier_32gb:-:*:*:*:*:*:*:*
cpe:2.3:h:nvidia:jetson_agx_xavier_8gb:-:*:*:*:*:*:*:*
cpe:2.3:h:nvidia:jetson_tx2:-:*:*:*:*:*:*:*
cpe:2.3:h:nvidia:jetson_tx2_4gb:-:*:*:*:*:*:*:*
cpe:2.3:h:nvidia:jetson_tx2_nx:-:*:*:*:*:*:*:*
cpe:2.3:h:nvidia:jetson_tx2i:-:*:*:*:*:*:*:*
cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:*:*:*:*:*:*


References to Advisories, Solutions, and Tools