Headline
CVE-2021-34400: Security Notice: NVIDIA GPU and Tegra Hardware - November 2021
NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to gain access to information from unscrubbed memory, which may lead to information disclosure.
Details
This section provides a summary of potential vulnerabilities and their impact. Descriptions use CWE™, and base scores and vectors use CVSS v3.1 standards.
Note:
- Ampere products are not impacted.
- In an environment where the GPU is virtualized (for example, vGPU), you are not impacted.
- If the hypervisor is compromised or you have direct GPU access with bare metal or pass through, Turing, Volta, Pascal or Maxwell products can be exposed.
- Tegra X1, Tegra X1+, Tegra TX2 and Xavier products are impacted.
- In all cases, an attacker requires OS administrative/kernel rights.
CVE ID
Description
Base Score
Vector
CVE‑2021‑23201
NVIDIA GPU and Tegra hardware contain a vulnerability in an internal microcontroller which may allow a user with elevated privileges to generate valid microcode. This could lead to information disclosure, data corruption, or denial of service of the device.
7.5
AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
CVE‑2021‑23217
NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to instantiate a specifically timed DMA write to corrupt code execution, which may impact confidentiality, integrity, or availability.
7.5
AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
CVE‑2021‑34400
NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to gain access to information from unscrubbed memory, which may lead to information disclosure.
4.1
AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
CVE‑2021‑34399
NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to gain access to information from unscrubbed registers, which may lead to information disclosure.
4.1
AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
CVE‑2021‑23219
NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to access protected information, which may lead to information disclosure.
4.1
AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
CVE‑2021‑1125
NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to corrupt program data.
4.1
AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:N
CVE‑2021‑1105
NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to access debug registers during runtime, which may lead to information disclosure.
4.1
AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
CVE‑2021‑1088
NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to utilize debug mechanisms with insufficient access control, which may lead to information disclosure.
4.1
AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
The NVIDIA risk assessment is based on an average of risk across a diverse set of installed systems and may not represent the true risk to your local installation. NVIDIA recommends consulting a security or IT professional to evaluate the risk to your specific configuration.
**Affected NVIDIA Products **
Note: Ampere products are not affected
CVE IDs by Hardware Architecture
CVE IDs
Hardware Architecture Type*
CVE‑2021‑1125
Maxwell, Pascal, Volta, Tegra X1, Tegra X1+, Tegra TX2, Xavier
CVE‑2021‑23217
Maxwell, GP100, Tegra X1, Tegra X1+, Tegra TX2
CVE‑2021‑23219
Maxwell (except GM206), Tegra X1, Tegra X1+
CVE‑2021‑23201
CVE‑2021‑34400
CVE‑2021‑34399
CVE‑2021‑1105
CVE‑2021‑1088
Turing, Volta, Pascal, Maxwell, Tegra X1, Tegra X1+, Tegra TX2, Xavier
*These vulnerabilities impact both Windows and Linux operating systems
The following table lists NVIDIA products affected.
Product Category
Hardware Architecture Type*
Impacted
Notes
GPU
Turing, Volta, Pascal, Maxwell
Yes
GPU
Kepler
No
Kepler does not contain security features impacted by these vulnerabilities
GPU
Ampere
No
Tegra SoC
Tegra X1, Tegra X1+, Tegra TX2, Xavier
Yes
*See the table below for the product names corresponding to the architecture for each segment.
Affected NVIDIA Products by Hardware Architecture****Consumer and Commercial Client (GeForce, NVIDIA RTX) GPU Solutions
Hardware Architecture
Product Name
Turing
GeForce RTX 20-series, GeForce GTX 16-series, Titan RTX
Volta
Titan V Series
Pascal (except P100)
GeForce GTX 10-series, Titan X, Titan Xp
Maxwell, Pascal P100
GeForce 900-series, GeForce GTX Titan X
Kepler
GeForce 600-series, GeForce 700-series, GTX Titan, GTX Titan Black, GTX Titan Z
Data Center and Edge (Tesla) GPU Solutions
Hardware Architecture
Product Name
Turing
NVIDIA T4
Volta
Tesla V100 (16GB, 32GB), Tesla V100S, HGX-2
Pascal (except GP100)
Tesla P40, Tesla P6, Tesla P4
Maxwell, Pascal GP100
Tesla P100 (12GB, 16GB) Tesla M_xx_, Tesla M_xxxx_
Kepler
Tesla Kxx/Kxxx, GRID Kx/Kxxx
Professional Visualization (Quadro/NVIDIA RTX) GPU Solutions
Hardware Architecture
Product Name
Turing
NVIDIA Quadro RTX_xxxx_, NVIDIA Quadro T-series, NVIDIA T-series
Volta
NVIDIA Quadro GV100
Pascal (except GP100)
NVIDIA Quadro P-series (P_xx_/P_xxx_)
Maxwell, Pascal GP100
NVIDIA Quadro M-series (M_xx_/M_xxx_)
Kepler
NVIDIA Quadro K-series (K_xx_/K_xxx_)
Jetson Products
Hardware Architecture
Product Name
Xavier
Jetson Xavier Series, Jetson Xavier NX
Tegra TX2
Jetson TX2 Series
Tegra X1
Jetson Nano Series, Jetson TX1
**Shield TV **
Hardware Architecture
Product Name
Tegra X1, Tegra X1+
SHIELD TV - All Versions
DGX Systems
Hardware Architecture
Product Name
Volta
NVIDIA DGX-1 (with V100), NVIDIA DGX-2, NVIDIA DGX Station
Pascal GP100
NVIDIA DGX-1 (with P100)
NVIDIA DRIVE Constellation
Hardware Architecture
Product Name
Turing
NVIDIA DRIVE Constellation
Mitigations
NVIDIA recommends following security best practices for managing access to computer systems. Limit administrative and kernel access to trusted users only.
Get the Most Up to Date Product Security Information
Visit the NVIDIA Product Security page to
- Subscribe to security bulletin notifications
- See the current list of NVIDIA security bulletins
- Report a potential security issue in any NVIDIA supported product
- Learn more about the vulnerability management process followed by the NVIDIA Product Security Incident Response Team (PSIRT)
Revision History
Revision
Date
Description
1.0
November 19, 2021
Initial release
Support
If you have any questions about this security bulletin, contact NVIDIA Support.
Disclaimer
ALL NVIDIA INFORMATION, DESIGN SPECIFICATIONS, REFERENCE BOARDS, FILES, DRAWINGS, DIAGNOSTICS, LISTS, AND OTHER DOCUMENTS (TOGETHER AND SEPARATELY, “MATERIALS”) ARE BEING PROVIDED “AS IS.” NVIDIA MAKES NO WARRANTIES, EXPRESS, IMPLIED, STATUTORY, OR OTHERWISE WITH RESPECT TO THE MATERIALS, AND ALL EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS AND WARRANTIES, INCLUDING ANY IMPLIED WARRANTY OR CONDITION OF TITLE, MERCHANTABILITY, SATISFACTORY QUALITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT, ARE HEREBY EXCLUDED TO THE MAXIMUM EXTENT PERMITTED BY LAW.
Information is believed to be accurate and reliable at the time it is furnished. However, NVIDIA Corporation assumes no responsibility for the consequences of use of such information or for any infringement of patents or other rights of third parties that may result from its use. No license is granted by implication or otherwise under any patent or patent rights of NVIDIA Corporation. Specifications mentioned in this publication are subject to change without notice. This publication supersedes and replaces all information previously supplied. NVIDIA Corporation products are not authorized for use as critical components in life support devices or systems without express written approval of NVIDIA Corporation.