CVE-2021-23217 Information

Description

NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to instantiate a DMA write operation only within a specific time window timed to corrupt code execution which may impact confidentiality integrity or availability. The scope impact may extend to other components.

CVSS Vector

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

Reference

https://nvidia.custhelp.com/app/answers/detail/a_id/5263

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction Required

HIGH

Scope

NONE

Confidentiality Impact

CHANGED

Integrity Impact

HIGH

Availability Impact

HIGH

Base Score

HIGH

Base Severity

7.5