NVIDIA GPU and Tegra hardware contain a vulnerability in an internal microcontroller, which may allow a user with elevated privileges to generate valid microcode by identifying, exploiting, and loading vulnerable microcode. Such an attack could lead to information disclosure, data corruption, or denial of service of the device. The scope may extend to other components.

Metrics

No CVSS v4.0

Attack Vector Local

Attack Complexity High

Privileges Required High

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Local

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:L/AC:M/Au:N/C:C/I:C/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Affected Vendors & Products

Vendors Products
Linux
  • Linux Kernel
Microsoft
  • Windows
Nvidia
  • Geforce Gtx 950
  • Geforce Gtx 960
  • Geforce Gtx 970
  • Geforce Gtx 980
  • Geforce Gtx Titan X
  • Jetson Nano
  • Jetson Tx1
  • Quadro M1000m
  • Quadro M1200
  • Quadro M2000
  • Quadro M2000m
  • Quadro M2200
  • Quadro M3000m
  • Quadro M4000
  • Quadro M4000m
  • Quadro M5000
  • Quadro M5000m
  • Quadro M500m
  • Quadro M520
  • Quadro M5500
  • Quadro M6000
  • Quadro M600m
  • Quadro M620
  • Shield Tv
  • Shield Tv Pro
  • Tesla M10
  • Tesla M2050
  • Tesla M2070
  • Tesla M2070q
  • Tesla M2090
  • Tesla M4
  • Tesla M40
  • Tesla M6
  • Tesla M60
  • Tesla P100

Configuration 1 [-]

AND
OR cpe:2.3:h:nvidia:geforce_gtx_950:-:*:*:*:*:*:*:*
cpe:2.3:h:nvidia:geforce_gtx_960:-:*:*:*:*:*:*:*
cpe:2.3:h:nvidia:geforce_gtx_970:-:*:*:*:*:*:*:*
cpe:2.3:h:nvidia:geforce_gtx_980:-:*:*:*:*:*:*:*
cpe:2.3:h:nvidia:geforce_gtx_titan_x:-:*:*:*:*:*:*:*
cpe:2.3:h:nvidia:jetson_nano:-:*:*:*:*:*:*:*
cpe:2.3:h:nvidia:jetson_nano:-:*:-:*:*:*:*:*
cpe:2.3:h:nvidia:jetson_nano:-:*:developer_kit:*:*:*:*:*
cpe:2.3:h:nvidia:jetson_tx1:-:*:*:*:*:*:*:*
cpe:2.3:h:nvidia:quadro_m1000m:-:*:*:*:*:*:*:*
cpe:2.3:h:nvidia:quadro_m1200:-:*:*:*:*:*:*:*
cpe:2.3:h:nvidia:quadro_m2000:-:*:*:*:*:*:*:*
cpe:2.3:h:nvidia:quadro_m2000m:-:*:*:*:*:*:*:*
cpe:2.3:h:nvidia:quadro_m2200:-:*:*:*:*:*:*:*
cpe:2.3:h:nvidia:quadro_m3000m:-:*:*:*:*:*:*:*
cpe:2.3:h:nvidia:quadro_m4000:-:*:*:*:*:*:*:*
cpe:2.3:h:nvidia:quadro_m4000m:-:*:*:*:*:*:*:*
cpe:2.3:h:nvidia:quadro_m5000:-:*:*:*:*:*:*:*
cpe:2.3:h:nvidia:quadro_m5000m:-:*:*:*:*:*:*:*
cpe:2.3:h:nvidia:quadro_m500m:-:*:*:*:*:*:*:*
cpe:2.3:h:nvidia:quadro_m520:-:*:*:*:*:*:*:*
cpe:2.3:h:nvidia:quadro_m5500:-:*:*:*:*:*:*:*
cpe:2.3:h:nvidia:quadro_m6000:-:*:*:*:*:*:*:*
cpe:2.3:h:nvidia:quadro_m600m:-:*:*:*:*:*:*:*
cpe:2.3:h:nvidia:quadro_m620:-:*:*:*:*:*:*:*
cpe:2.3:h:nvidia:shield_tv:-:*:*:*:*:*:*:*
cpe:2.3:h:nvidia:shield_tv_pro:-:*:*:*:*:*:*:*
cpe:2.3:h:nvidia:tesla_m10:-:*:*:*:*:*:*:*
cpe:2.3:h:nvidia:tesla_m2050:-:*:*:*:*:*:*:*
cpe:2.3:h:nvidia:tesla_m2070:-:*:*:*:*:*:*:*
cpe:2.3:h:nvidia:tesla_m2070q:-:*:*:*:*:*:*:*
cpe:2.3:h:nvidia:tesla_m2090:-:*:*:*:*:*:*:*
cpe:2.3:h:nvidia:tesla_m4:-:*:*:*:*:*:*:*
cpe:2.3:h:nvidia:tesla_m40:-:*:*:*:*:*:*:*
cpe:2.3:h:nvidia:tesla_m6:-:*:*:*:*:*:*:*
cpe:2.3:h:nvidia:tesla_m60:-:*:*:*:*:*:*:*
cpe:2.3:h:nvidia:tesla_p100:-:*:*:*:*:*:*:*
OR cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

No data.

References
Link Providers
https://nvidia.custhelp.com/app/answers/detail/a_id/5263 cve-icon cve-icon
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: nvidia

Published: 2021-11-20T14:55:21

Updated: 2024-08-03T19:05:55.376Z

Reserved: 2021-02-09T00:00:00

Link: CVE-2021-23201

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2021-11-20T15:15:07.840

Modified: 2022-02-24T19:13:40.897

Link: CVE-2021-23201

cve-icon Redhat

No data.