» 2021 » 6월

CVE-2021-34377

Posted on 2021년 6월 30일2021년 6월 30일 by admin

CVE-2021-34377

Trusty contains a vulnerability in the HDCP service TA where bounds checking in command 9 is missing. Improper restriction of operations within the bounds of a memory buffer might lead to escalation of privileges, information disclosure, and denial of service.

Source: CVE-2021-34377

CVE-2021-34373

Posted on 2021년 6월 30일2021년 6월 30일 by admin

CVE-2021-34373

Trusty trusted Linux kernel (TLK) contains a vulnerability in the NVIDIA TLK kernel where a lack of heap hardening could cause heap overflows, which might lead to information disclosure and denial of service.

Source: CVE-2021-34373

CVE-2021-34380

Posted on 2021년 6월 30일2021년 6월 30일 by admin

CVE-2021-34380

Bootloader contains a vulnerability in NVIDIA MB2 where potential heap overflow might cause corruption of the heap metadata, which might lead to arbitrary code execution, denial of service, and information disclosure during secure boot.

Source: CVE-2021-34380

CVE-2021-34374

Posted on 2021년 6월 30일2021년 6월 30일 by admin

CVE-2021-34374

Trusty contains a vulnerability in command handlers where the length of input buffers is not verified. This vulnerability can cause memory corruption, which may lead to information disclosure, escalation of privileges, and denial of service.

Source: CVE-2021-34374

CVE-2021-34381

Posted on 2021년 6월 30일2021년 6월 30일 by admin

CVE-2021-34381

Trusty TLK contains a vulnerability in the NVIDIA TLK kernel function where a lack of checks allows the exploitation of an integer overflow on the size parameter of the tz_map_shared_mem function, which might lead to denial of service, information disclosure, or data tampering.

Source: CVE-2021-34381

CVE-2021-34375

Posted on 2021년 6월 30일2021년 6월 30일 by admin

CVE-2021-34375

Trusty contains a vulnerability in all trusted applications (TAs) where the stack cookie was not randomized, which might result in stack-based buffer overflow, leading to denial of service, escalation of privileges, and information disclosure.

Source: CVE-2021-34375

CVE-2021-34382

Posted on 2021년 6월 30일2021년 6월 30일 by admin

CVE-2021-34382

Trusty TLK contains a vulnerability in the NVIDIA TLK kernelÃ¢â‚¬â„¢s tz_map_shared_mem function where an integer overflow on the size parameter causes the request buffer and the logging buffer to overflow, allowing writes to arbitrary addresses within the kernel.

Source: CVE-2021-34382

CVE-2021-34376

Posted on 2021년 6월 30일2021년 6월 30일 by admin

CVE-2021-34376

Trusty contains a vulnerability in the HDCP service TA where bounds checking in command 5 is missing. Improper restriction of operations within the bounds of a memory buffer might lead to denial of service, escalation of privileges, and information disclosure.

Source: CVE-2021-34376

CVE-2021-34384

Posted on 2021년 6월 30일2021년 6월 30일 by admin

CVE-2021-34384

Bootloader contains a vulnerability in NVIDIA MB2 where a potential heap overflow could cause memory corruption, which might lead to denial of service or code execution.

Source: CVE-2021-34384

CVE-2021-34383

Posted on 2021년 6월 30일2021년 6월 30일 by admin

CVE-2021-34383

Bootloader contains a vulnerability in NVIDIA MB2 where a potential heap overflow might lead to denial of service or escalation of privileges.

Source: CVE-2021-34383