NVIDIA Jetson chipset contains a series of security holes that allow data theft, DDoS attacks

Evaluation from experts shows that these vulnerabilities can completely be abused by hackers to carry out denial of service (DDoS) attacks, and even steal the target's data, according to the report. from Threat Post.

Nvidia has now confirmed the problem and will soon release a patch in the near future. There are a total of 9 vulnerabilities, all rated at high severity. With that said, these vulnerabilities exist in the Jetson framework, so could directly affect millions of IoT devices running NVIDIA Jetson chips, including embedded systems, AI applications, and even devices. Independent automation such as robots, drones, etc.

Some of the affected products identified include Jetson Nano devices (including Jetson Nano 2GB), Xavier NX/TX1, AGX Xavier, Jetson TX2 (including Jetson TX2 NX).

The most serious flaw

Out of the 9 vulnerabilities mentioned above, CVE-2021-34372 is rated as the most severe case, which can expose the Jetson framework to attack through a buffer overflow. While the NVIDIA Security Bulletin explains that an attacker needs access to the local network to carry out such an attack, please note that that's all the hacker needs.

In other words, this is a fairly easy vulnerability to exploit. Once infiltrated, an attacker can take control of the target system by gaining permanent access to various components, not just the NVIDIA chipset, thereby manipulating or sabotaging the system.

Besides CVE-2021-34372, the remaining 8 vulnerabilities include:

1. CVE‑2021‑34380
2. CVE‑2021‑34379
3. CVE‑2021‑34378
4. CVE‑2021‑34376
5. CVE‑2021‑34377
6. CVE‑2021‑34373
7. CVE‑2021‑34374
8. CVE‑2021‑34375

It should be noted that all of these vulnerabilities have a severity rating of 7 to 7.9 on the CVSS scale. Most of the vulnerabilities affect Jetson's trusted Linux kernel and target the component's heap memory frame. From there, the chipset can be easily manipulated to create various errors. Furthermore, six of these vulnerabilities can be exploited to trigger DDoS attacks.

You've just finished reading the article "NVIDIA Jetson chipset contains a series of security holes that allow data theft, DDoS attacks" edited by the TipsMake team. You can save nvidia-jetson-chipset-contains-a-series-of-security-holes-that-allow-data-theft-ddos-attacks.pdf to your computer here to read later or print it out. We hope this article has provided you with many useful tech tips and tricks. You can search for similar articles on tips and guides. Thank you for reading and for following us regularly.