Vulnerabilities > CVE-2021-34393 - Deserialization of Untrusted Data vulnerability in Nvidia Jetson Linux

CVSS 4.4 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

HIGH

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

local

low complexity

nvidia

CWE-502

NVD

Published: 2021-06-22

Updated: 2021-06-29

Summary

Trusty contains a vulnerability in TSEC TA which deserializes the incoming messages even though the TSEC TA does not expose any command. This vulnerability might allow an attacker to exploit the deserializer to impact code execution, causing information disclosure.

Vulnerable Configurations

Part	Description	Count
OS	Nvidia Nvidia Jetson Linux - Nvidia Jetson Linux 16.5 Nvidia Jetson Linux 19.3 Nvidia Jetson Linux 21.1 Nvidia Jetson Linux 21.2 Nvidia Jetson Linux 21.3 Nvidia Jetson Linux 21.4 Nvidia Jetson Linux 21.5 Nvidia Jetson Linux 21.6 Nvidia Jetson Linux 21.7 Nvidia Jetson Linux 21.8 Nvidia Jetson Linux 23.1 Nvidia Jetson Linux 23.2 Nvidia Jetson Linux 24.1 Nvidia Jetson Linux 24.2 Nvidia Jetson Linux 24.2.1 Nvidia Jetson Linux 24.2.2 Nvidia Jetson Linux 24.2.3 Nvidia Jetson Linux 27.1 Nvidia Jetson Linux 28.1 Nvidia Jetson Linux 28.2 Nvidia Jetson Linux 28.2.1 Nvidia Jetson Linux 28.3 Nvidia Jetson Linux 28.3.1 Nvidia Jetson Linux 28.3.2 Nvidia Jetson Linux 28.4 Nvidia Jetson Linux 28.5 Nvidia Jetson Linux 31.1 Nvidia Jetson Linux 32.1 Nvidia Jetson Linux 32.2 Nvidia Jetson Linux 32.2.1 Nvidia Jetson Linux 32.2.3 Nvidia Jetson Linux 32.3.1 Nvidia Jetson Linux 32.4.2 Nvidia Jetson Linux 32.4.3 Nvidia Jetson Linux 32.4.4 Nvidia Jetson Linux 32.5	37
Hardware	Nvidia Nvidia Jetson AGX Xavier 16Gb - Nvidia Jetson AGX Xavier 32Gb - Nvidia Jetson AGX Xavier 8GB - Nvidia Jetson TX1 - Nvidia Jetson TX2 - Nvidia Jetson TX2 4GB - Nvidia Jetson TX2 NX - Nvidia Jetson Tx2I - Nvidia Jetson Xavier NX -	10

Common Weakness Enumeration (CWE)

CWE-502 - Deserialization of Untrusted Data

References

https://nvidia.custhelp.com/app/answers/detail/a_id/5205