Security News > 2021 > June > Bugs in NVIDIA’s Jetson Chipset Open Door to DoS Attacks, Data Theft

Bugs in NVIDIA’s Jetson Chipset Open Door to DoS Attacks, Data Theft
2021-06-21 20:21

Flaws impacting millions of internet of things devices running NVIDIA's Jetson chips open the door for a variety of hacks, including denial-of-service attacks or the siphoning of data.

NVIDIA released patches addressing nine high-severity vulnerabilities including eight additional bugs of less severity.

Impacted products include Jetson chipset series; AGX Xavier, Xavier NX/TX1, Jetson TX2, and Jetson Nano devices found in the NVIDIA JetPack software developers kit.

Other high-severity bugs patched by NVIDIA include vulnerabilities with severity ratings of between 7.9 and 7, which include CVE?2021?34373, CVE?2021?34374, CVE?2021?34375, CVE?2021?34376, CVE?2021?34377, CVE?2021?34378, CVE?2021?34379 and CVE?2021?34380.

"Trusty trusted Linux kernel contains a vulnerability in the NVIDIA TLK kernel where a lack of heap hardening could cause heap overflows, which might lead to information disclosure and denial of service," NVIDIA wrote.

The chipmaker issued patches to address endpoint software for Jetson TX1, TX2 series, TX2 NX, AGX Xavier series, Xavier NX, Nano and Nano 2GB. For those bugs, NVIDIA credited bug hunter Frédéric Perriot of the Apple Media Products RedTeam for reporting the issues.


News URL

https://threatpost.com/nvidia-jetson-chipset-dos-data-theft/167093/