Description
NVIDIA GPU and Tegra hardware contain a vulnerability in an internal microcontroller, which may allow a user with elevated privileges to generate valid microcode by identifying, exploiting, and loading vulnerable microcode. Such an attack could lead to information disclosure, data corruption, or denial of service of the device. The scope may extend to other components.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_confirm
https://nvidia.custhelp.com/app/answers/detail/a_id/5263
Scores
CVSS v3
7.5
EPSS
0.0011
EPSS Percentile
29.6%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
Details
Status
published
Products (35)
nvidia/geforce_gtx_950
nvidia/geforce_gtx_960
nvidia/geforce_gtx_970
nvidia/geforce_gtx_980
nvidia/geforce_gtx_titan_x
nvidia/jetson_nano
(3 CPE variants)
nvidia/jetson_tx1
nvidia/quadro_m1000m
nvidia/quadro_m1200
nvidia/quadro_m2000
... and 25 more
Published
Nov 20, 2021
Tracked Since
Feb 18, 2026