Unauthorized Access to System Power Usage Data in NVIDIA Tegra Kernel

Unauthorized Access to System Power Usage Data in NVIDIA Tegra Kernel

CVE-2021-1071 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

NVIDIA Tegra kernel in Jetson AGX Xavier Series, Jetson Xavier NX, TX1, TX2, Nano and Nano 2GB, all L4T versions prior to r32.5, contains a vulnerability in the INA3221 driver in which improper access control may lead to unauthorized users gaining access to system power usage data, which may lead to information disclosure.

Learn more about our User Device Pen Test.