Description
Trusty contains a vulnerability in TSEC TA which deserializes the incoming messages even though the TSEC TA does not expose any command. This vulnerability might allow an attacker to exploit the deserializer to impact code execution, causing information disclosure.
CVSS breakdown
CVSS 3.1
Attack Vector
Local
Attack Complexity
Low
Privileges Required
High
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None
Affected products
- NVIDIA / NVIDIA Jetson TX2 series, TX2 NX, AGX Xavier series, Xavier NXAll Jetson Linux versions prior to r32.5.1 – All Jetson Linux versions prior to r32.5.1