PT-2021-20493 · Nvidia · Nvidia Mb2

Frédéric Perriot

Published

2021-06-30

Updated

2021-07-06

CVE-2021-34380

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions: NVIDIA MB2 (affected versions not specified)

Description: The issue is related to a potential heap overflow in the NVIDIA MB2 bootloader, which could lead to corruption of the heap metadata. This might result in arbitrary code execution, denial of service, and information disclosure during secure boot.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787

Related Identifiers

CVE-2021-34380

Affected Products

Nvidia Mb2

PT-2021-20493 · Nvidia · Nvidia Mb2

CVE-2021-34380

Weakness Enumeration

Related Identifiers

Affected Products

References · 4