CVE-2021-34393

Summary

CVE	CVE-2021-34393
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2021-06-22 22:15:00 UTC
Updated	2021-06-29 19:50:00 UTC
Description	Trusty contains a vulnerability in TSEC TA which deserializes the incoming messages even though the TSEC TA does not expose any command. This vulnerability might allow an attacker to exploit the deserializer to impact code execution, causing information disclosure.

Risk And Classification

Problem Types: CWE-502

NVD Known Affected Configurations (CPE 2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Hardware	Nvidia	Jetson Agx Xavier 16gb	-	All	All	All
Hardware	Nvidia	Jetson Agx Xavier 32gb	-	All	All	All
Hardware	Nvidia	Jetson Agx Xavier 8gb	-	All	All	All
Operating System	Nvidia	Jetson Linux	All	All	All	All
Hardware	Nvidia	Jetson Tx1	-	All	All	All
Hardware	Nvidia	Jetson Tx2	-	All	All	All
Hardware	Nvidia	Jetson Tx2i	-	All	All	All
Hardware	Nvidia	Jetson Tx2 4gb	-	All	All	All
Hardware	Nvidia	Jetson Tx2 Nx	-	All	All	All
Hardware	Nvidia	Jetson Xavier Nx	-	All	developer_kit	All
Hardware	Nvidia	Jetson Xavier Nx	-	All	production	All

References

Reference	Source	Link	Tags
Security Bulletin: NVIDIA Jetson AGX Xavier Series, Jetson Xavier NX, Jetson TX1, Jetson TX2 Series (including Jetson TX2 NX), and Jetson Nano (including Jetson Nano 2GB) - June 2021 \| NVIDIA	CONFIRM	nvidia.custhelp.com
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

There are currently no legacy QID mappings associated with this CVE.