Vulnerabilities > Nvidia > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-06-21 | CVE-2021-34387 | Incorrect Default Permissions vulnerability in Nvidia Jetson Linux The ARM TrustZone Technology on which Trusty is based on contains a vulnerability in access permission settings where the portion of the DRAM reserved for TrustZone is identity-mapped by TLK with read, write, and execute permissions, which gives write access to kernel code and data that is otherwise mapped read only. | 6.7 |
| 2021-06-21 | CVE-2021-34389 | Memory Leak vulnerability in Nvidia Jetson Linux Trusty contains a vulnerability in NVIDIA OTE protocol message parsing code, which is present in all the TAs. | 5.0 |
| 2021-04-29 | CVE-2021-1087 | Unspecified vulnerability in Nvidia Virtual GPU Manager NVIDIA vGPU driver contains a vulnerability in the Virtual GPU Manager (vGPU plugin), which could allow an attacker to retrieve information that could lead to a Address Space Layout Randomization (ASLR) bypass. | 5.5 |
| 2021-04-21 | CVE-2021-1078 | NULL Pointer Dereference vulnerability in Nvidia GPU Display Driver NVIDIA Windows GPU Display Driver for Windows, all versions, contains a vulnerability in the kernel driver (nvlddmkm.sys) where a NULL pointer dereference may lead to system crash. | 5.5 |
| 2021-04-21 | CVE-2021-1077 | Improper Resource Shutdown or Release vulnerability in Nvidia GPU Display Driver NVIDIA GPU Display Driver for Windows and Linux, R450 and R460 driver branch, contains a vulnerability where the software uses a reference count to manage a resource that is incorrectly updated, which may lead to denial of service. | 5.5 |
| 2021-04-20 | CVE-2021-1079 | Unspecified vulnerability in Nvidia Geforce Experience NVIDIA GeForce Experience, all versions prior to 3.22, contains a vulnerability in GameStream plugins where log files are created using NT/System level permissions, which may lead to code execution, denial of service, or local privilege escalation. | 6.1 |
| 2021-01-26 | CVE-2021-1071 | Unspecified vulnerability in Nvidia Linux for Tegra R21.6/R24.2.2 NVIDIA Tegra kernel in Jetson AGX Xavier Series, Jetson Xavier NX, TX1, TX2, Nano and Nano 2GB, all L4T versions prior to r32.5, contains a vulnerability in the INA3221 driver in which improper access control may lead to unauthorized users gaining access to system power usage data, which may lead to information disclosure. | 5.5 |
| 2021-01-20 | CVE-2021-1069 | NULL Pointer Dereference vulnerability in Nvidia Linux for Tegra and Shield Experience NVIDIA SHIELD TV, all versions prior to 8.2.2, contains a vulnerability in the NVHost function, which may lead to abnormal reboot due to a null pointer reference, causing data loss. | 6.1 |
| 2021-01-20 | CVE-2021-1067 | Unspecified vulnerability in Nvidia Shield Experience NVIDIA SHIELD TV, all versions prior to 8.2.2, contains a vulnerability in the implementation of the RPMB command status, in which an attacker can write to the Write Protect Configuration Block, which may lead to denial of service or escalation of privileges. low complexity nvidia | 6.8 |
| 2021-01-08 | CVE-2021-1066 | Improper Input Validation vulnerability in Nvidia Virtual GPU Manager NVIDIA vGPU manager contains a vulnerability in the vGPU plugin, in which input data is not validated, which may lead to unexpected consumption of resources, which in turn may lead to denial of service. | 5.5 |