Vulnerability Change Records for CVE-2021-34394

Change History

CVE Modified by NVIDIA Corporation 7/16/2021 7:15:08 PM

Action Type Old Value New Value
Changed Description
Trusty contains a vulnerability in all TAs whose deserializer does not reject messages with multiple occurrences of the same parameter. The deserialization of untrusted data might allow an attacker to exploit the deserializer to impact code execution.
Trusty contains a vulnerability in the NVIDIA OTE protocol that is present in all TAs. An incorrect message stream deserialization allows an attacker to use the malicious CA that is run by the user to cause the buffer overflow, which may lead to information disclosure and data modification.

Modified Analysis 9/20/2021 3:2:58 PM

Action Type Old Value New Value