NVIDIA OTE Protocol Message Parsing Code Vulnerability in Trusty

NVIDIA OTE Protocol Message Parsing Code Vulnerability in Trusty

CVE-2021-34389 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N

Trusty contains a vulnerability in NVIDIA OTE protocol message parsing code, which is present in all the TAs. An incorrect bounds check can allow a local user through a malicious client to access memory from the heap in the TrustZone, which may lead to information disclosure.

Learn more about our User Device Pen Test.