Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2021-1070

Опубликовано: 26 янв. 2021
Источник: nvd
CVSS3: 7.1
CVSS2: 3.6
EPSS Низкий

Описание

NVIDIA Jetson AGX Xavier Series, Jetson Xavier NX, TX1, TX2, Nano and Nano 2GB, L4T versions prior to 32.5, contains a vulnerability in the apply_binaries.sh script used to install NVIDIA components into the root file system image, in which improper access control is applied, which may lead to an unprivileged user being able to modify system device tree files, leading to denial of service.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:nvidia:linux_for_tegra:*:*:*:*:*:*:*:*
Версия до r32.5 (исключая)

Одно из

cpe:2.3:h:nvidia:jetson_agx_xavier:-:*:*:*:*:*:*:*
cpe:2.3:h:nvidia:jetson_nano:-:*:*:*:*:*:*:*
cpe:2.3:h:nvidia:jetson_nano_2gb:-:*:*:*:*:*:*:*
cpe:2.3:h:nvidia:jetson_tx1:-:*:*:*:*:*:*:*
cpe:2.3:h:nvidia:jetson_tx2:-:*:*:*:*:*:*:*
cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:*:*:*:*:*:*

EPSS

Процентиль: 14%
0.00045
Низкий

7.1 High

CVSS3

3.6 Low

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

github логотип

GHSA-4q38-pc3j-9fmc

github
больше 3 лет назад

NVIDIA Jetson AGX Xavier Series, Jetson Xavier NX, TX1, TX2, Nano and Nano 2GB, L4T versions prior to 32.5, contains a vulnerability in the apply_binaries.sh script used to install NVIDIA components into the root file system image, in which improper access control is applied, which may lead to an unprivileged user being able to modify system device tree files, leading to denial of service.

EPSS

Процентиль: 14%
0.00045
Низкий

7.1 High

CVSS3

3.6 Low

CVSS2

Дефекты

NVD-CWE-Other