{ "CVE_data_meta": { "ASSIGNER": "psirt@nvidia.com", "ID": "CVE-2021-34374", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "NVIDIA Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX", "version": { "version_data": [ { "version_value": "All Jetson Linux versions prior to r32.5.1" } ] } } ] }, "vendor_name": "NVIDIA" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Trusty contains a vulnerability in command handlers where the length of input buffers is not verified. This vulnerability can cause memory corruption, which may lead to information disclosure, escalation of privileges, and denial of service." } ] }, "generator": { "engine": "Vulnogram 0.0.9" }, "impact": { "cvss": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.7, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H", "version": "3.1" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "information disclosure, escalation of privileges, denial of service" } ] } ] }, "references": { "reference_data": [ { "name": "https://nvidia.custhelp.com/app/answers/detail/a_id/5205", "refsource": "CONFIRM", "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5205" } ] }, "source": { "discovery": "UNKNOWN" } }