Strix
26.1K

CVE-2021-23217

HIGHCVSS 7.5/10EPSS 0.30%

Last modified

CVE-2021-23217 is a high-severity vulnerability rated 7.5/10 on the CVSS scale. NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller, which may allow a user with elevated privileges to instantiate a DMA write operation only within a specific time window timed to corrupt code execution, which may impact confidentiality, integrity, or availability. The scope impact may extend to other components.. EPSS estimates a 0.30% chance of exploitation in the next 30 days.

Description

NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller, which may allow a user with elevated privileges to instantiate a DMA write operation only within a specific time window timed to corrupt code execution, which may impact confidentiality, integrity, or availability. The scope impact may extend to other components.

Metrics

CVSS 3.1
7.5/10

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

EPSS Probability
0.30%

21.8th percentile

Probability of exploitation in the next 30 days. Learn more

Affected Software

VendorProductVersions
NvidiaGeforce Gt 605All versions
NvidiaGeforce Gt 610All versions
NvidiaGeforce Gt 620All versions
NvidiaGeforce Gt 625All versions
NvidiaGeforce Gt 630All versions
NvidiaGeforce Gt 635All versions
NvidiaGeforce Gt 640All versions
NvidiaGeforce Gt 705All versions
NvidiaGeforce Gt 710All versions
NvidiaGeforce Gt 720All versions
NvidiaGeforce Gt 730All versions
NvidiaGeforce Gt 740All versions
NvidiaGeforce Gtx 645All versions
NvidiaGeforce Gtx 650All versions
NvidiaGeforce Gtx 650 TiAll versions
NvidiaGeforce Gtx 650 Ti BoostAll versions
NvidiaGeforce Gtx 660All versions
NvidiaGeforce Gtx 660 TiAll versions
NvidiaGeforce Gtx 670All versions
NvidiaGeforce Gtx 680All versions
NvidiaGeforce Gtx 690All versions
NvidiaGeforce Gtx 745All versions
NvidiaGeforce Gtx 750All versions
NvidiaGeforce Gtx 750 TiAll versions
NvidiaGeforce Gtx 760All versions
NvidiaGeforce Gtx 760 TiAll versions
NvidiaGeforce Gtx 770All versions
NvidiaGeforce Gtx 780All versions
NvidiaGeforce Gtx 780 TiAll versions
NvidiaGeforce Gtx 950All versions
NvidiaGeforce Gtx 960All versions
NvidiaGeforce Gtx 970All versions
NvidiaGeforce Gtx 980All versions
NvidiaGeforce Gtx Titan XAll versions
NvidiaGtx TitanAll versions
NvidiaGtx Titan BlackAll versions
NvidiaGtx Titan ZAll versions
NvidiaJetson NanoAll versions
NvidiaJetson Tx1All versions
NvidiaQuadro M1000mAll versions
NvidiaQuadro M1200All versions
NvidiaQuadro M2000All versions
NvidiaQuadro M2000mAll versions
NvidiaQuadro M2200All versions
NvidiaQuadro M3000mAll versions
NvidiaQuadro M4000All versions
NvidiaQuadro M4000mAll versions
NvidiaQuadro M5000All versions
NvidiaQuadro M5000mAll versions
NvidiaQuadro M500mAll versions

Showing 50 of 63 affected configurations. See NVD for the full list.

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2021-23217?
NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller, which may allow a user with elevated privileges to instantiate a DMA write operation only within a specific time window timed to corrupt code execution, which may impact confidentiality, integrity, or availability. The scope impact may extend to other components.
How severe is CVE-2021-23217?
CVE-2021-23217 has a CVSS score of 7.5/10 (HIGH severity). The EPSS model estimates a 0.30% probability of exploitation in the next 30 days.
How do I fix CVE-2021-23217?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2021-23217?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST