Security News > 2021 > June > Bugs in NVIDIA’s Jetson Chipset Open Door to DoS Attacks, Data Theft
Flaws impacting millions of internet of things devices running NVIDIA's Jetson chips open the door for a variety of hacks, including denial-of-service attacks or the siphoning of data.
NVIDIA released patches addressing nine high-severity vulnerabilities including eight additional bugs of less severity.
Impacted products include Jetson chipset series; AGX Xavier, Xavier NX/TX1, Jetson TX2, and Jetson Nano devices found in the NVIDIA JetPack software developers kit.
Other high-severity bugs patched by NVIDIA include vulnerabilities with severity ratings of between 7.9 and 7, which include CVE?2021?34373, CVE?2021?34374, CVE?2021?34375, CVE?2021?34376, CVE?2021?34377, CVE?2021?34378, CVE?2021?34379 and CVE?2021?34380.
"Trusty trusted Linux kernel contains a vulnerability in the NVIDIA TLK kernel where a lack of heap hardening could cause heap overflows, which might lead to information disclosure and denial of service," NVIDIA wrote.
The chipmaker issued patches to address endpoint software for Jetson TX1, TX2 series, TX2 NX, AGX Xavier series, Xavier NX, Nano and Nano 2GB. For those bugs, NVIDIA credited bug hunter Frédéric Perriot of the Apple Media Products RedTeam for reporting the issues.
News URL
https://threatpost.com/nvidia-jetson-chipset-dos-data-theft/167093/
Related news
- New 'Loop DoS' Attack Impacts Hundreds of Thousands of Systems (source)
- New ‘Loop DoS’ attack may impact up to 300,000 online systems (source)
- Some 300,000 IPs vulnerable to this Loop DoS attack (source)
- Ivanti fixes VPN gateway vulnerability allowing RCE, DoS attacks (source)
- New HTTP/2 Vulnerability Exposes Web Servers to DoS Attacks (source)
- New HTTP/2 DoS attack can crash web servers with a single connection (source)