CVE-2021-1111 - OpenCVE

Bootloader contains a vulnerability in the NV3P server where any user with physical access through USB can trigger an incorrect bounds check, which may lead to buffer overflow, resulting in limited information disclosure, limited data integrity, and denial of service across all components.

Attack Vector Physical

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:L/AC:L/Au:N/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Nvidia	Jetson Xavier Nx Jetson Tx2 Jetson Tx2 Nx Jetson Agx Xavier Jetson Linux

Configuration 1 [-]

AND

cpe:2.3:o:nvidia:jetson_linux:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:nvidia:jetson_agx_xavier:-:::::::*
	cpe:2.3:h:nvidia:jetson_tx2:-:::::::*
	cpe:2.3:h:nvidia:jetson_tx2_nx:-:::::::*
	cpe:2.3:h:nvidia:jetson_xavier_nx:-:::::::*

References

Link	Resource
https://nvidia.custhelp.com/app/answers/detail/a_id/5216	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: nvidia

Published: 2021-08-11T21:33:04

Updated: 2022-01-25T10:37:41

Reserved: 2020-11-12T00:00:00

Link: CVE-2021-1111

JSON object: View

NVD Information

Status : Analyzed

Published: 2021-08-11T22:15:08.327

Modified: 2022-07-08T18:54:47.797

Link: CVE-2021-1111

JSON object: View

Redhat Information

No data.

CWE

{"containers": {"cna": {"affected": [{"product": "NVIDIA Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX", "vendor": "NVIDIA", "versions": [{"status": "affected", "version": "All Jetson Linux versions prior to r32.6.1"}]}], "descriptions": [{"lang": "en", "value": "Bootloader contains a vulnerability in the NV3P server where any user with physical access through USB can trigger an incorrect bounds check, which may lead to buffer overflow, resulting in limited information disclosure, limited data integrity, and denial of service across all components."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "PHYSICAL", "availabilityImpact": "HIGH", "baseScore": 6.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:H", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-119", "description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2022-01-25T10:37:41", "orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6", "shortName": "nvidia"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5216"}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@nvidia.com", "ID": "CVE-2021-1111", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "NVIDIA Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX", "version": {"version_data": [{"version_value": "All Jetson Linux versions prior to r32.6.1"}]}}]}, "vendor_name": "NVIDIA"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Bootloader contains a vulnerability in the NV3P server where any user with physical access through USB can trigger an incorrect bounds check, which may lead to buffer overflow, resulting in limited information disclosure, limited data integrity, and denial of service across all components."}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "PHYSICAL", "availabilityImpact": "HIGH", "baseScore": 6.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:H", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer"}]}]}, "references": {"reference_data": [{"name": "https://nvidia.custhelp.com/app/answers/detail/a_id/5216", "refsource": "CONFIRM", "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5216"}]}, "source": {"discovery": "UNKNOWN"}}}}, "cveMetadata": {"assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6", "assignerShortName": "nvidia", "cveId": "CVE-2021-1111", "datePublished": "2021-08-11T21:33:04", "dateReserved": "2020-11-12T00:00:00", "dateUpdated": "2022-01-25T10:37:41", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:nvidia:jetson_linux:*:*:*:*:*:*:*:*", "matchCriteriaId": "9E69A431-2B5A-4718-BCD2-CA2D1077641B", "versionEndExcluding": "32.6.1", "versionStartIncluding": "32.1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:nvidia:jetson_agx_xavier:-:*:*:*:*:*:*:*", "matchCriteriaId": "5DD3D2AA-2A9F-470D-BB0F-A7B7C2EC2490", "vulnerable": false}, {"criteria": "cpe:2.3:h:nvidia:jetson_tx2:-:*:*:*:*:*:*:*", "matchCriteriaId": "DE9D4A55-A232-4AF2-B7E9-CD58D7D17479", "vulnerable": false}, {"criteria": "cpe:2.3:h:nvidia:jetson_tx2_nx:-:*:*:*:*:*:*:*", "matchCriteriaId": "64C3FB58-08AA-4FE4-97BE-21B254BA229F", "vulnerable": false}, {"criteria": "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:*:*:*:*:*:*", "matchCriteriaId": "B0AA5976-FD71-4A53-BD4F-D342E871FEB0", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Bootloader contains a vulnerability in the NV3P server where any user with physical access through USB can trigger an incorrect bounds check, which may lead to buffer overflow, resulting in limited information disclosure, limited data integrity, and denial of service across all components."}, {"lang": "es", "value": "El gestor de arranque contiene una vulnerabilidad en el servidor NV3P en la que cualquier usuario con acceso f\u00edsico a trav\u00e9s de USB puede desencadenar una comprobaci\u00f3n de l\u00edmites incorrecta, lo que puede provocar un desbordamiento del b\u00fafer, dando lugar a una divulgaci\u00f3n de informaci\u00f3n limitada, una integridad de datos limitada y una denegaci\u00f3n de servicio en todos los componentes"}], "id": "CVE-2021-1111", "lastModified": "2022-07-08T18:54:47.797", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "PHYSICAL", "availabilityImpact": "HIGH", "baseScore": 6.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:H", "version": "3.1"}, "exploitabilityScore": 0.9, "impactScore": 5.3, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "PHYSICAL", "availabilityImpact": "HIGH", "baseScore": 6.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:H", "version": "3.1"}, "exploitabilityScore": 0.9, "impactScore": 5.3, "source": "psirt@nvidia.com", "type": "Secondary"}]}, "published": "2021-08-11T22:15:08.327", "references": [{"source": "psirt@nvidia.com", "tags": ["Vendor Advisory"], "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5216"}], "sourceIdentifier": "psirt@nvidia.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-125"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-119"}], "source": "psirt@nvidia.com", "type": "Secondary"}]}