Description
Trusty contains a vulnerability in command handlers where the length of input buffers is not verified. This vulnerability can cause memory corruption, which may lead to information disclosure, escalation of privileges, and denial of service.
CVSS breakdown
CVSS 3.1
Attack Vector
Local
Attack Complexity
Low
Privileges Required
High
User Interaction
Required
Scope
Changed
Confidentiality
High
Integrity
High
Availability
High
Affected products
- NVIDIA / NVIDIA Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NXAll Jetson Linux versions prior to r32.5.1 – All Jetson Linux versions prior to r32.5.1