cvelist/2021/23xxx/CVE-2021-23217.json

{
	"CVE_data_meta" : {
		"ASSIGNER" : "psirt@nvidia.com",
		"ID" : "CVE-2021-23217",
		"STATE" : "PUBLIC"
	},
	"affects" : {
		"vendor" : {
			"vendor_data" : [
				{
					"product" : {
						"product_data" : [
							{
								"product_name" : "NVIDIA GPU and Tegra hardware",
								"version" : {
									"version_data" : [
										{
											"version_value" : "Maxwell, GP100, Tegra X1, Tegra X1+, Tegra TX2"
										}
									]
								}
							}
						]
					},
					"vendor_name" : "NVIDIA"
				}
			]
		}
	},
	"data_format" : "MITRE",
	"data_type" : "CVE",
	"data_version" : "4.0",
	"description" : {
		"description_data" : [
			{
				"lang" : "eng",
				"value" : "NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller, which may allow a user with elevated privileges to instantiate a DMA write operation only within a specific time window timed to corrupt code execution, which may impact confidentiality, integrity, or availability. The scope impact may extend to other components."
			}
		]
	},
	"impact" : {
		"cvss" : {
			"baseScore" : 7.5,
			"baseSeverity" : "High",
			"vectorString" : "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
			"version" : "3.1"
		}
	},
	"problemtype" : {
		"problemtype_data" : [
			{
				"description" : [
					{
						"lang" : "eng",
						"value" : "CWE 1190: DMA Device Enabled Too Early in Boot Phase"
					}
				]
			}
		]
	},
	"references" : {
		"reference_data" : [
			{
				"name" : "https://nvidia.custhelp.com/app/answers/detail/a_id/5263",
				"refsource" : "CONFIRM",
				"url" : "https://nvidia.custhelp.com/app/answers/detail/a_id/5263"
			}
		]
	}
}
"-Synchronized-Data." 2021-02-09 21:00:40 +00:00			`{`
GPU_Tegra_Nov_2021 CVE-2021-23201, CVE-2021-23217, CVE-2021-34399, CVE-2021-1125, CVE-2021-1105, CVE-2021-1088 2021-11-20 08:19:13 -06:00			`"CVE_data_meta" : {`
			`"ASSIGNER" : "psirt@nvidia.com",`
			`"ID" : "CVE-2021-23217",`
			`"STATE" : "PUBLIC"`
			`},`
			`"affects" : {`
			`"vendor" : {`
			`"vendor_data" : [`
			`{`
			`"product" : {`
			`"product_data" : [`
			`{`
			`"product_name" : "NVIDIA GPU and Tegra hardware",`
			`"version" : {`
			`"version_data" : [`
			`{`
			`"version_value" : "Maxwell, GP100, Tegra X1, Tegra X1+, Tegra TX2"`
			`}`
			`]`
			`}`
			`}`
			`]`
			`},`
			`"vendor_name" : "NVIDIA"`
			`}`
			`]`
			`}`
			`},`
			`"data_format" : "MITRE",`
			`"data_type" : "CVE",`
			`"data_version" : "4.0",`
			`"description" : {`
			`"description_data" : [`
			`{`
			`"lang" : "eng",`
Update CVE-2021-23201, CVE-2021-23217, CVE-2021-23219 Update CVE-2021-23201, CVE-2021-23217, CVE-2021-23219 2022-02-07 18:06:40 -06:00			`"value" : "NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller, which may allow a user with elevated privileges to instantiate a DMA write operation only within a specific time window timed to corrupt code execution, which may impact confidentiality, integrity, or availability. The scope impact may extend to other components."`
GPU_Tegra_Nov_2021 CVE-2021-23201, CVE-2021-23217, CVE-2021-34399, CVE-2021-1125, CVE-2021-1105, CVE-2021-1088 2021-11-20 08:19:13 -06:00			`}`
			`]`
			`},`
			`"impact" : {`
			`"cvss" : {`
			`"baseScore" : 7.5,`
			`"baseSeverity" : "High",`
			`"vectorString" : "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",`
			`"version" : "3.1"`
			`}`
			`},`
			`"problemtype" : {`
			`"problemtype_data" : [`
			`{`
			`"description" : [`
			`{`
			`"lang" : "eng",`
			`"value" : "CWE 1190: DMA Device Enabled Too Early in Boot Phase"`
			`}`
			`]`
			`}`
			`]`
			`},`
			`"references" : {`
			`"reference_data" : [`
			`{`
			`"name" : "https://nvidia.custhelp.com/app/answers/detail/a_id/5263",`
			`"refsource" : "CONFIRM",`
			`"url" : "https://nvidia.custhelp.com/app/answers/detail/a_id/5263"`
			`}`
			`]`
			`}`
			`}`