Home News NVIDIA Jetson Chipsets Found Vulnerable to High-severity Flaws

    NVIDIA Jetson Chipsets Found Vulnerable to High-severity Flaws


    nvidia jetson nano

    U.S. graphics chip specialist NVIDIA has launched software updates to deal with a complete of 26 vulnerabilities impacting its Jetson system-on-module (SOM) collection that might be abused by adversaries to escalate privileges and even result in denial-of-service and data disclosure.

    Stack Overflow Teams

    Tracked from CVE‑2021‑34372 by way of CVE‑2021‑34397, the issues have an effect on merchandise Jetson TX1, TX2 collection, TX2 NX, AGX Xavier collection, Xavier NX, and Nano and Nano 2GB working all Jetson Linux variations previous to 32.5.1. The corporate credited Frédéric Perriot of Apple Media Merchandise for reporting all the problems.

    nvidia jetson nano

    The NVIDIA Jetson line consists of embedded Linux AI and laptop imaginative and prescient compute modules and developer kits that primarily caters to AI-based laptop imaginative and prescient purposes and autonomous programs akin to cell robots and drones.

    nvidia jetson nano

    Chief among the many vulnerabilities is CVE‑2021‑34372 (CVSS rating: 8.2), a buffer overflow flaw in its Trusty trusted execution atmosphere (TEE) that would end in data disclosure, escalation of privileges, and denial-of-service.

    Prevent Data Breaches

    Eight different essential weaknesses contain reminiscence corruption, stack overflows, and lacking bounds checks within the TEE in addition to heap overflows affecting the Bootloader that would result in arbitrary code execution, denial-of-service, and data disclosure. The remainder of the issues, additionally associated to Trusty and Bootloader, might be exploited to affect code execution, inflicting denial-of-service and data disclosure, the corporate famous.

    “Earlier software program department releases that help this product are additionally affected,” NVIDIA stated. “If you’re utilizing an earlier department launch, improve to the newest 32.5.1 launch. If you’re utilizing the 32.5.1 launch, replace to the newest Debian packages.”

    Source link