CVE-2021-1071
Last modified
CVE-2021-1071 is a medium-severity vulnerability rated 5.5/10 on the CVSS scale. NVIDIA Tegra kernel in Jetson AGX Xavier Series, Jetson Xavier NX, TX1, TX2, Nano and Nano 2GB, all L4T versions prior to r32.5, contains a vulnerability in the INA3221 driver in which improper access control may lead to unauthorized users gaining access to system power usage data, which may lead to information disclosure.. EPSS estimates a 0.27% chance of exploitation in the next 30 days.
Description
NVIDIA Tegra kernel in Jetson AGX Xavier Series, Jetson Xavier NX, TX1, TX2, Nano and Nano 2GB, all L4T versions prior to r32.5, contains a vulnerability in the INA3221 driver in which improper access control may lead to unauthorized users gaining access to system power usage data, which may lead to information disclosure.
Metrics
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Nvidia | Linux For Tegra | < r32.5 |
References
- https://nvidia.custhelp.com/app/answers/detail/a_id/5147Vendor Advisory
- https://nvidia.custhelp.com/app/answers/detail/a_id/5147Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2021-1071?
How severe is CVE-2021-1071?
How do I fix CVE-2021-1071?
Are you affected by CVE-2021-1071?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST