CVE-2021-34389

MEDIUM

Nvidia Jetson Linux < 32.5.1 - Memory Leak

Title source: rule

Description

Trusty contains a vulnerability in NVIDIA OTE protocol message parsing code, which is present in all the TAs. An incorrect bounds check can allow a local user through a malicious client to access memory from the heap in the TrustZone, which may lead to information disclosure.

References (1)

[Vendor Advisory] https://nvidia.custhelp.com/app/answers/detail/a_id/5205

Scores

CVSS v3 5.0

EPSS 0.0005

EPSS Percentile 15.6%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N

Classification

CWE

CWE-401

Status published

Affected Products (1)

nvidia/jetson_linux < 32.5.1

Timeline

Published Jun 21, 2021

Tracked Since Feb 18, 2026