Vulnerability Description
NVIDIA Tegra kernel in Jetson AGX Xavier Series, Jetson Xavier NX, TX1, TX2, Nano and Nano 2GB, all L4T versions prior to r32.5, contains a vulnerability in the INA3221 driver in which improper access control may lead to unauthorized users gaining access to system power usage data, which may lead to information disclosure.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Nvidia | Linux For Tegra | < r32.5 |
| Nvidia | Jetson Agx Xavier | - |
| Nvidia | Jetson Nano | - |
| Nvidia | Jetson Nano 2Gb | - |
| Nvidia | Jetson Tx1 | - |
| Nvidia | Jetson Tx2 | - |
| Nvidia | Jetson Xavier Nx | - |
References
- https://nvidia.custhelp.com/app/answers/detail/a_id/5147Vendor Advisory
- https://nvidia.custhelp.com/app/answers/detail/a_id/5147Vendor Advisory
FAQ
What is CVE-2021-1071?
CVE-2021-1071 is a vulnerability with a CVSS score of 5.6 (MEDIUM). NVIDIA Tegra kernel in Jetson AGX Xavier Series, Jetson Xavier NX, TX1, TX2, Nano and Nano 2GB, all L4T versions prior to r32.5, contains a vulnerability in the INA3221 driver in which improper access...
How severe is CVE-2021-1071?
CVE-2021-1071 has been rated MEDIUM with a CVSS base score of 5.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-1071?
Check the references section above for vendor advisories and patch information. Affected products include: Nvidia Linux For Tegra, Nvidia Jetson Agx Xavier, Nvidia Jetson Nano, Nvidia Jetson Nano 2Gb, Nvidia Jetson Tx1.