CVE-2021-23219 - Vulnerability Details

NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller, which may allow a user with elevated privileges to access protected information by identifying, exploiting, and loading vulnerable microcode. Such an attack may lead to information disclosure.

No CVSS v4.0

Attack Vector Local

Attack Complexity High

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Local

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

This CVE is not in the KEV list.

The EPSS score is 0.00053.

Key SSVC decision points have not yet been added.

Vendors	Products
Linux	Linux Kernel
Microsoft	Windows
Nvidia	Dgx-1 P100 Dgx-1 V100 Dgx-2 Dgx Station A100 Drive Constellation Geforce Gt 605 Geforce Gt 610 Geforce Gt 620 Geforce Gt 625 Geforce Gt 630 Geforce Gt 635 Geforce Gt 640 Geforce Gt 705 Geforce Gt 710 Geforce Gt 720 Geforce Gt 730 Geforce Gt 740 Geforce Gtx 1050 Geforce Gtx 1050 Ti Geforce Gtx 1060 Geforce Gtx 1070 Geforce Gtx 1070 Ti Geforce Gtx 1080 Geforce Gtx 1080 Ti Geforce Gtx 1650 Geforce Gtx 1650 Super Geforce Gtx 1660 Geforce Gtx 1660 Super Geforce Gtx 1660 Ti Geforce Gtx 645 Geforce Gtx 650 Geforce Gtx 650 Ti Geforce Gtx 650 Ti Boost Geforce Gtx 660 Geforce Gtx 660 Ti Geforce Gtx 670 Geforce Gtx 680 Geforce Gtx 690 Geforce Gtx 745 Geforce Gtx 750 Geforce Gtx 750 Ti Geforce Gtx 760 Geforce Gtx 760 Ti Geforce Gtx 770 Geforce Gtx 780 Geforce Gtx 780 Ti Geforce Gtx 950 Geforce Gtx 960 Geforce Gtx 970 Geforce Gtx 980 Geforce Gtx Titan X Geforce Rtx 2060 Geforce Rtx 2060 Super Geforce Rtx 2070 Geforce Rtx 2070 Super Geforce Rtx 2080 Geforce Rtx 2080 Super Geforce Rtx 2080 Ti Gtx Titan Gtx Titan Black Gtx Titan Z Jetson Agx Xavier 16gb Jetson Agx Xavier 32gb Jetson Agx Xavier 8gb Jetson Nano Jetson Tx1 Jetson Tx2 Jetson Tx2 4gb Jetson Tx2 Nx Jetson Tx2i Jetson Xavier Nx Nvidia Hgx-2 Nvidia T1000 Nvidia T2000 Nvidia T4 Nvidia T400 Nvidia T600 Quadro Gv100 Quadro M1000m Quadro M1200 Quadro M2000 Quadro M2000m Quadro M2200 Quadro M3000m Quadro M4000 Quadro M4000m Quadro M5000 Quadro M5000m Quadro M500m Quadro M520 Quadro M5500 Quadro M6000 Quadro M600m Quadro M620 Quadro P1000 Quadro P2000 Quadro P2200 Quadro P3000 Quadro P3200 Quadro P400 Quadro P4000 Quadro P4200 Quadro P500 Quadro P5000 Quadro P520 Quadro P5200 Quadro P600 Quadro P6000 Quadro P620 Quadro Rtx 3000 Quadro Rtx 4000 Quadro Rtx 5000 Quadro Rtx 6000 Quadro Rtx 8000 Quadro T1000 Quadro T2000 Quadro T400 Quadro T600 Shield Tv Shield Tv Pro Tesla M10 Tesla M4 Tesla M40 Tesla M6 Tesla M60 Tesla P100 Tesla P4 Tesla P40 Tesla P6 Tesla V100 Tesla V100s Titan Rtx Titan V Titan X Titan Xp

Configuration 1 [-]

AND

OR	cpe:2.3:h:nvidia:dgx-1_p100:-:::::::*
	cpe:2.3:h:nvidia:dgx-1_v100:-:::::::*
	cpe:2.3:h:nvidia:dgx-2:-:::::::*
	cpe:2.3:h:nvidia:dgx_station_a100:-:::::::*
	cpe:2.3:h:nvidia:drive_constellation:-:::::::*
	cpe:2.3:h:nvidia:geforce_gt_605:-:::::::*
	cpe:2.3:h:nvidia:geforce_gt_610:-:::::::*
	cpe:2.3:h:nvidia:geforce_gt_620:-:::::::*
	cpe:2.3:h:nvidia:geforce_gt_625:-:::::::*
	cpe:2.3:h:nvidia:geforce_gt_630:-:::::::*
	cpe:2.3:h:nvidia:geforce_gt_635:-:::::::*
	cpe:2.3:h:nvidia:geforce_gt_640:-:::::::*
	cpe:2.3:h:nvidia:geforce_gt_705:-:::::::*
	cpe:2.3:h:nvidia:geforce_gt_710:-:::::::*
	cpe:2.3:h:nvidia:geforce_gt_720:-:::::::*
	cpe:2.3:h:nvidia:geforce_gt_730:-:::::::*
	cpe:2.3:h:nvidia:geforce_gt_740:-:::::::*
	cpe:2.3:h:nvidia:geforce_gtx_1050:-:::::::*
	cpe:2.3:h:nvidia:geforce_gtx_1050_ti:-:::::::*
	cpe:2.3:h:nvidia:geforce_gtx_1060:-:::::::*
	cpe:2.3:h:nvidia:geforce_gtx_1070:-:::::::*
	cpe:2.3:h:nvidia:geforce_gtx_1070_ti:-:::::::*
	cpe:2.3:h:nvidia:geforce_gtx_1080:-:::::::*
	cpe:2.3:h:nvidia:geforce_gtx_1080_ti:-:::::::*
	cpe:2.3:h:nvidia:geforce_gtx_1650:-:::::::*
	cpe:2.3:h:nvidia:geforce_gtx_1650_super:-:::::::*
	cpe:2.3:h:nvidia:geforce_gtx_1660:-:::::::*
	cpe:2.3:h:nvidia:geforce_gtx_1660_super:-:::::::*
	cpe:2.3:h:nvidia:geforce_gtx_1660_ti:-:::::::*
	cpe:2.3:h:nvidia:geforce_gtx_645:-:::::::*
	cpe:2.3:h:nvidia:geforce_gtx_650:-:::::::*
	cpe:2.3:h:nvidia:geforce_gtx_650_ti:-:::::::*
	cpe:2.3:h:nvidia:geforce_gtx_650_ti_boost:-:::::::*
	cpe:2.3:h:nvidia:geforce_gtx_660:-:::::::*
	cpe:2.3:h:nvidia:geforce_gtx_660_ti:-:::::::*
	cpe:2.3:h:nvidia:geforce_gtx_670:-:::::::*
	cpe:2.3:h:nvidia:geforce_gtx_680:-:::::::*
	cpe:2.3:h:nvidia:geforce_gtx_690:-:::::::*
	cpe:2.3:h:nvidia:geforce_gtx_745:-:::::::*
	cpe:2.3:h:nvidia:geforce_gtx_750:-:::::::*
	cpe:2.3:h:nvidia:geforce_gtx_750_ti:-:::::::*
	cpe:2.3:h:nvidia:geforce_gtx_760:-:::::::*
	cpe:2.3:h:nvidia:geforce_gtx_760_ti:-:::::::*
	cpe:2.3:h:nvidia:geforce_gtx_770:-:::::::*
	cpe:2.3:h:nvidia:geforce_gtx_780:-:::::::*
	cpe:2.3:h:nvidia:geforce_gtx_780_ti:-:::::::*
	cpe:2.3:h:nvidia:geforce_gtx_950:-:::::::*
	cpe:2.3:h:nvidia:geforce_gtx_960:-:::::::*
	cpe:2.3:h:nvidia:geforce_gtx_970:-:::::::*
	cpe:2.3:h:nvidia:geforce_gtx_980:-:::::::*
	cpe:2.3:h:nvidia:geforce_gtx_titan_x:-:::::::*
	cpe:2.3:h:nvidia:geforce_rtx_2060:-:::::::*
	cpe:2.3:h:nvidia:geforce_rtx_2060_super:-:::::::*
	cpe:2.3:h:nvidia:geforce_rtx_2070:-:::::::*
	cpe:2.3:h:nvidia:geforce_rtx_2070_super:-:::::::*
	cpe:2.3:h:nvidia:geforce_rtx_2080:-:::::::*
	cpe:2.3:h:nvidia:geforce_rtx_2080_super:-:::::::*
	cpe:2.3:h:nvidia:geforce_rtx_2080_ti:-:::::::*
	cpe:2.3:h:nvidia:gtx_titan:-:::::::*
	cpe:2.3:h:nvidia:gtx_titan_black:-:::::::*
	cpe:2.3:h:nvidia:gtx_titan_z:-:::::::*
	cpe:2.3:h:nvidia:jetson_agx_xavier_16gb:-:::::::*
	cpe:2.3:h:nvidia:jetson_agx_xavier_32gb:-:::::::*
	cpe:2.3:h:nvidia:jetson_agx_xavier_8gb:-:::::::*
cpe:2.3:h:nvidia:jetson_nano:-:::::::*
cpe:2.3:h:nvidia:jetson_nano:-::-:::::
cpe:2.3:h:nvidia:jetson_nano:-::developer_kit:::::
cpe:2.3:h:nvidia:jetson_tx1:-:::::::*
cpe:2.3:h:nvidia:jetson_tx2:-:::::::*
cpe:2.3:h:nvidia:jetson_tx2_4gb:-:::::::*
cpe:2.3:h:nvidia:jetson_tx2_nx:-:::::::*
cpe:2.3:h:nvidia:jetson_tx2i:-:::::::*
cpe:2.3:h:nvidia:jetson_xavier_nx:-:::::::*
cpe:2.3:h:nvidia:jetson_xavier_nx:-::developer_kit:::::
cpe:2.3:h:nvidia:jetson_xavier_nx:-::production:::::
cpe:2.3:h:nvidia:nvidia_hgx-2:-:::::::*
cpe:2.3:h:nvidia:nvidia_t1000:-:::::::*
cpe:2.3:h:nvidia:nvidia_t2000:-:::::::*
cpe:2.3:h:nvidia:nvidia_t4:-:::::::*
cpe:2.3:h:nvidia:nvidia_t400:-:::::::*
cpe:2.3:h:nvidia:nvidia_t600:-:::::::*
cpe:2.3:h:nvidia:quadro_gv100:-:::::::*
cpe:2.3:h:nvidia:quadro_m1000m:-:::::::*
cpe:2.3:h:nvidia:quadro_m1200:-:::::::*
cpe:2.3:h:nvidia:quadro_m2000:-:::::::*
cpe:2.3:h:nvidia:quadro_m2000m:-:::::::*
cpe:2.3:h:nvidia:quadro_m2200:-:::::::*
cpe:2.3:h:nvidia:quadro_m3000m:-:::::::*
cpe:2.3:h:nvidia:quadro_m4000:-:::::::*
cpe:2.3:h:nvidia:quadro_m4000m:-:::::::*
cpe:2.3:h:nvidia:quadro_m5000:-:::::::*
cpe:2.3:h:nvidia:quadro_m5000m:-:::::::*
cpe:2.3:h:nvidia:quadro_m500m:-:::::::*
cpe:2.3:h:nvidia:quadro_m520:-:::::::*
cpe:2.3:h:nvidia:quadro_m5500:-:::::::*
cpe:2.3:h:nvidia:quadro_m6000:-:::::::*
cpe:2.3:h:nvidia:quadro_m600m:-:::::::*
cpe:2.3:h:nvidia:quadro_m620:-:::::::*
cpe:2.3:h:nvidia:quadro_p1000:-:::::::*
cpe:2.3:h:nvidia:quadro_p2000:-:::::::*
cpe:2.3:h:nvidia:quadro_p2200:-:::::::*
cpe:2.3:h:nvidia:quadro_p3000:-:::::::*
cpe:2.3:h:nvidia:quadro_p3200:-:::::::*
cpe:2.3:h:nvidia:quadro_p400:-:::::::*
cpe:2.3:h:nvidia:quadro_p4000:-:::::::*
cpe:2.3:h:nvidia:quadro_p4200:-:::::::*
cpe:2.3:h:nvidia:quadro_p500:-:::::::*
cpe:2.3:h:nvidia:quadro_p5000:-:::::::*
cpe:2.3:h:nvidia:quadro_p520:-:::::::*
cpe:2.3:h:nvidia:quadro_p5200:-:::::::*
cpe:2.3:h:nvidia:quadro_p600:-:::::::*
cpe:2.3:h:nvidia:quadro_p6000:-:::::::*
cpe:2.3:h:nvidia:quadro_p620:-:::::::*
cpe:2.3:h:nvidia:quadro_rtx_3000:-:::::::*
cpe:2.3:h:nvidia:quadro_rtx_4000:-:::::::*
cpe:2.3:h:nvidia:quadro_rtx_5000:-:::::::*
cpe:2.3:h:nvidia:quadro_rtx_6000:-:::::::*
cpe:2.3:h:nvidia:quadro_rtx_8000:-:::::::*
cpe:2.3:h:nvidia:quadro_t1000:-:::::::*
cpe:2.3:h:nvidia:quadro_t2000:-:::::::*
cpe:2.3:h:nvidia:quadro_t400:-:::::::*
cpe:2.3:h:nvidia:quadro_t600:-:::::::*
cpe:2.3:h:nvidia:shield_tv:-:::::::*
cpe:2.3:h:nvidia:shield_tv_pro:-:::::::*
cpe:2.3:h:nvidia:tesla_m10:-:::::::*
cpe:2.3:h:nvidia:tesla_m4:-:::::::*
cpe:2.3:h:nvidia:tesla_m40:-:::::::*
cpe:2.3:h:nvidia:tesla_m6:-:::::::*
cpe:2.3:h:nvidia:tesla_m60:-:::::::*
cpe:2.3:h:nvidia:tesla_p100:-:::::::*
cpe:2.3:h:nvidia:tesla_p4:-:::::::*
cpe:2.3:h:nvidia:tesla_p40:-:::::::*
cpe:2.3:h:nvidia:tesla_p6:-:::::::*
cpe:2.3:h:nvidia:tesla_v100:-:::::::*
cpe:2.3:h:nvidia:tesla_v100s:-:::::::*
cpe:2.3:h:nvidia:titan_rtx:-:::::::*
cpe:2.3:h:nvidia:titan_v:-:::::::*
cpe:2.3:h:nvidia:titan_x:-:::::::*
cpe:2.3:h:nvidia:titan_xp:-:::::::*

OR	cpe:2.3:o:linux:linux_kernel:-:::::::*
	cpe:2.3:o:microsoft:windows:-:::::::*

No data.

Advisories

Source	ID	Title
EUVD	EUVD-2021-10322	NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller, which may allow a user with elevated privileges to access protected information by identifying, exploiting, and loading vulnerable microcode. Such an attack may lead to information disclosure.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://nvidia.custhelp.com/app/answers/detail/a_id/5263

History

No history.

MITRE

Status: PUBLISHED

Assigner: nvidia

Published: 2021-11-20T14:55:24

Updated: 2024-08-03T19:05:55.355Z

Reserved: 2021-02-09T00:00:00

Link: CVE-2021-23219

Vulnrichment

No data.

NVD

Status : Modified

Published: 2021-11-20T15:15:07.933

Modified: 2024-11-21T05:51:23.760

Link: CVE-2021-23219

Redhat

No data.

OpenCVE Enrichment

No data.

Metrics

Attack Vector Local

Attack Complexity High

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

Access Vector Local

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

Affected Vendors & Products

Metrics

Attack Vector Local

Attack Complexity High

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

Access Vector Local

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object

JSON object