Vulnerabilities > CVE-2021-34403 - Use After Free vulnerability in Nvidia Shield Experience

CVSS 7.8 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

nvidia

CWE-416

NVD

Published: 2022-01-18

Updated: 2022-01-25

Summary

NVIDIA Linux distributions contain a vulnerability in nvmap ioctl, which allows any user with a local account to exploit a use-after-free condition, leading to code privilege escalation, loss of confidentiality and integrity, or denial of service.

Vulnerable Configurations

Part	Description	Count
Application	Nvidia Nvidia Shield Experience - Nvidia Shield Experience 5.0 Nvidia Shield Experience 5.1 Nvidia Shield Experience 5.2 Nvidia Shield Experience 6.0 Nvidia Shield Experience 6.1 Nvidia Shield Experience 6.2 Nvidia Shield Experience 6.3 Nvidia Shield Experience 7.0 Nvidia Shield Experience 7.1 Nvidia Shield Experience 7.2 Nvidia Shield Experience 7.2.3 Nvidia Shield Experience 8.0 Nvidia Shield Experience 8.0.1 Nvidia Shield Experience 8.2.2	15
OS	Google Google Android -	1

Common Weakness Enumeration (CWE)

CWE-416 - Use After Free

References

https://nvidia.custhelp.com/app/answers/detail/a_id/5259