CVE-2021-1070

Published: Jan 26, 2021Modified: Nov 21, 2024

7.1

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

Exploitability: 1.8 / Impact: 5.2

Source: NVD

Description

NVIDIA Jetson AGX Xavier Series, Jetson Xavier NX, TX1, TX2, Nano and Nano 2GB, L4T versions prior to 32.5, contains a vulnerability in the apply_binaries.sh script used to install NVIDIA components into the root file system image, in which improper access control is applied, which may lead to an unprivileged user being able to modify system device tree files, leading to denial of service.

Affected (1)

Products: Nvidia: Linux For Tegra

Nvidia

1 product

Linux For Tegra

Configuration A

1 vulnerable · 6 platform

Vulnerable Software	Affected Versions
Nvidia Linux For Tegra	Before r32.5

Running on/with	Platform Versions
Nvidia Jetson Agx Xavier	All versions
Nvidia Jetson Nano	All versions
Nvidia Jetson Nano 2gb	All versions
Nvidia Jetson Tx1	All versions
Nvidia Jetson Tx2	All versions
Nvidia Jetson Xavier Nx	All versions

References (2)

https://nvidia.custhelp.com/app/answers/detail/a_id/5147

Source: psirt@nvidia.com

Vendor Advisory

https://nvidia.custhelp.com/app/answers/detail/a_id/5147

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.