Vulnerability Description
Bootloader contains a vulnerability in the NV3P server where any user with physical access through USB can trigger an incorrect bounds check, which may lead to buffer overflow, resulting in limited information disclosure, limited data integrity, and denial of service across all components.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Nvidia | Jetson Linux | >= 32.1, < 32.6.1 |
| Nvidia | Jetson Agx Xavier | - |
| Nvidia | Jetson Tx2 | - |
| Nvidia | Jetson Tx2 Nx | - |
| Nvidia | Jetson Xavier Nx | - |
Related Weaknesses (CWE)
References
- https://nvidia.custhelp.com/app/answers/detail/a_id/5216Vendor Advisory
- https://nvidia.custhelp.com/app/answers/detail/a_id/5216Vendor Advisory
FAQ
What is CVE-2021-1111?
CVE-2021-1111 is a vulnerability with a CVSS score of 6.7 (MEDIUM). Bootloader contains a vulnerability in the NV3P server where any user with physical access through USB can trigger an incorrect bounds check, which may lead to buffer overflow, resulting in limited in...
How severe is CVE-2021-1111?
CVE-2021-1111 has been rated MEDIUM with a CVSS base score of 6.7/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-1111?
Check the references section above for vendor advisories and patch information. Affected products include: Nvidia Jetson Linux, Nvidia Jetson Agx Xavier, Nvidia Jetson Tx2, Nvidia Jetson Tx2 Nx, Nvidia Jetson Xavier Nx.