Vulnerability Description
NVIDIA Tegra kernel contains a vulnerability in the CORE DVFS Thermal driver where there is the potential to read or write a buffer using an index or pointer that references a memory location after the end of the buffer, which may lead to a denial of service or possible escalation of privileges.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Nvidia | Jetson Tx1 Firmware | <= 24.2.2 |
| Nvidia | Jetson Tx1 | - |
| Nvidia | Jetson Tk1 Firmware | <= 21.6 |
| Nvidia | Jetson Tk1 | - |
| Nvidia | Tegra K1 Firmware | <= 21.6 |
| Nvidia | Tegra K1 | - |
Related Weaknesses (CWE)
References
- http://nvidia.custhelp.com/app/answers/detail/a_id/4635Vendor Advisory
- https://nvidia.custhelp.com/app/answers/detail/a_id/4787
- http://nvidia.custhelp.com/app/answers/detail/a_id/4635Vendor Advisory
- https://nvidia.custhelp.com/app/answers/detail/a_id/4787
FAQ
What is CVE-2017-6278?
CVE-2017-6278 is a vulnerability with a CVSS score of 7.8 (HIGH). NVIDIA Tegra kernel contains a vulnerability in the CORE DVFS Thermal driver where there is the potential to read or write a buffer using an index or pointer that references a memory location after th...
How severe is CVE-2017-6278?
CVE-2017-6278 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2017-6278?
Check the references section above for vendor advisories and patch information. Affected products include: Nvidia Jetson Tx1 Firmware, Nvidia Jetson Tx1, Nvidia Jetson Tk1 Firmware, Nvidia Jetson Tk1, Nvidia Tegra K1 Firmware.