CVE-2021-23217

Common vulnerabilities & exposures (CVE)

CVE database CVE database blogpost Release & EoL database

Published at: - 20-11-2021 04:15

Last modified: - 24-02-2022 08:13

Total changes: - 4

Description

NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller, which may allow a user with elevated privileges to instantiate a DMA write operation only within a specific time window timed to corrupt code execution, which may impact confidentiality, integrity, or availability. The scope impact may extend to other components.

Common Vulnerability Scoring System (CVSS)

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

High

Attack complexity

Local

Attack vector

High

Availability

High

Confidentiality

High

Integrity

High

Privileges required

Changed

Scope

None

User interaction

7.5

Base score

0.8

6.0

Exploitability score

Impact score

Verification logic

AND

vendor=nvidia AND product=geforce_gt_605 AND version=-

vendor=nvidia AND product=geforce_gt_610 AND version=-

vendor=nvidia AND product=geforce_gt_620 AND version=-

vendor=nvidia AND product=geforce_gt_625 AND version=-

vendor=nvidia AND product=geforce_gt_630 AND version=-

vendor=nvidia AND product=geforce_gt_635 AND version=-

vendor=nvidia AND product=geforce_gt_640 AND version=-

vendor=nvidia AND product=geforce_gt_705 AND version=-

vendor=nvidia AND product=geforce_gt_710 AND version=-

vendor=nvidia AND product=geforce_gt_720 AND version=-

vendor=nvidia AND product=geforce_gt_730 AND version=-

vendor=nvidia AND product=geforce_gt_740 AND version=-

vendor=nvidia AND product=geforce_gtx_645 AND version=-

vendor=nvidia AND product=geforce_gtx_650 AND version=-

vendor=nvidia AND product=geforce_gtx_650_ti AND version=-

vendor=nvidia AND product=geforce_gtx_650_ti_boost AND version=-

vendor=nvidia AND product=geforce_gtx_660 AND version=-

vendor=nvidia AND product=geforce_gtx_660_ti AND version=-

vendor=nvidia AND product=geforce_gtx_670 AND version=-

vendor=nvidia AND product=geforce_gtx_680 AND version=-

vendor=nvidia AND product=geforce_gtx_690 AND version=-

vendor=nvidia AND product=geforce_gtx_745 AND version=-

vendor=nvidia AND product=geforce_gtx_750 AND version=-

vendor=nvidia AND product=geforce_gtx_750_ti AND version=-

vendor=nvidia AND product=geforce_gtx_760 AND version=-

vendor=nvidia AND product=geforce_gtx_760_ti AND version=-

vendor=nvidia AND product=geforce_gtx_770 AND version=-

vendor=nvidia AND product=geforce_gtx_780 AND version=-

vendor=nvidia AND product=geforce_gtx_780_ti AND version=-

vendor=nvidia AND product=geforce_gtx_950 AND version=-

vendor=nvidia AND product=geforce_gtx_960 AND version=-

vendor=nvidia AND product=geforce_gtx_970 AND version=-

vendor=nvidia AND product=geforce_gtx_980 AND version=-

vendor=nvidia AND product=geforce_gtx_titan_x AND version=-

vendor=nvidia AND product=gtx_titan AND version=-

vendor=nvidia AND product=gtx_titan_black AND version=-

vendor=nvidia AND product=gtx_titan_z AND version=-

vendor=nvidia AND product=jetson_nano AND version=-

vendor=nvidia AND product=jetson_nano AND version=- AND edition=-

vendor=nvidia AND product=jetson_nano AND version=- AND edition=developer_kit

vendor=nvidia AND product=jetson_tx1 AND version=-

vendor=nvidia AND product=quadro_m1000m AND version=-

vendor=nvidia AND product=quadro_m1200 AND version=-

vendor=nvidia AND product=quadro_m2000 AND version=-

vendor=nvidia AND product=quadro_m2000m AND version=-

vendor=nvidia AND product=quadro_m2200 AND version=-

vendor=nvidia AND product=quadro_m3000m AND version=-

vendor=nvidia AND product=quadro_m4000 AND version=-

vendor=nvidia AND product=quadro_m4000m AND version=-

vendor=nvidia AND product=quadro_m5000 AND version=-

vendor=nvidia AND product=quadro_m5000m AND version=-

vendor=nvidia AND product=quadro_m500m AND version=-

vendor=nvidia AND product=quadro_m520 AND version=-

vendor=nvidia AND product=quadro_m5500 AND version=-

vendor=nvidia AND product=quadro_m6000 AND version=-

vendor=nvidia AND product=quadro_m600m AND version=-

vendor=nvidia AND product=quadro_m620 AND version=-

vendor=nvidia AND product=shield_tv AND version=-

vendor=nvidia AND product=shield_tv_pro AND version=-

vendor=nvidia AND product=tesla_m10 AND version=-

vendor=nvidia AND product=tesla_m4 AND version=-

vendor=nvidia AND product=tesla_m40 AND version=-

vendor=nvidia AND product=tesla_m6 AND version=-

vendor=nvidia AND product=tesla_m60 AND version=-

vendor=nvidia AND product=tesla_p100 AND version=-

vendor=linux AND product=linux_kernel AND version=-

vendor=microsoft AND product=windows AND version=-

Reference

https://nvidia.custhelp.com/app/answers/detail/a_id/5263

Keywords

CVE-2021-23217

Common vulnerabilities & exposures (CVE)

Description

Common Vulnerability Scoring System (CVSS)

Verification logic

Reference

NVD

CVE-2021-23217

CVE

Common vulnerabilities & exposures

CVSS

Common vulnerability scoring system

Security

Vulnerabilities

Exposures