{ "CVE_data_meta": { "ASSIGNER": "psirt@nvidia.com", "ID": "CVE-2021-34380", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "NVIDIA Jetson TX1, TX2 series, TX2 NX, AGX Xavier series, Xavier NX, Nano and Nano 2GB", "version": { "version_data": [ { "version_value": "All Jetson Linux versions prior to r32.5.1" } ] } } ] }, "vendor_name": "NVIDIA" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Bootloader contains a vulnerability in NVIDIA MB2 where potential heap overflow might cause corruption of the heap metadata, which might lead to arbitrary code execution, denial of service, and information disclosure during secure boot." } ] }, "generator": { "engine": "Vulnogram 0.0.9" }, "impact": { "cvss": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "information disclosure, escalation of privileges, denial of service" } ] } ] }, "references": { "reference_data": [ { "name": "https://nvidia.custhelp.com/app/answers/detail/a_id/5205", "refsource": "CONFIRM", "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5205" } ] }, "source": { "discovery": "UNKNOWN" } }