Security Notice: NVIDIA GPU and Tegra Hardware - November 2021

Updated 11/19/2021 02:22 PM

This notice is a response to a published research paper on vulnerabilities in Tegra systems on a chip (SOCs).

Go to NVIDIA Product Security.


Details

This section provides a summary of potential vulnerabilities and their impact. Descriptions use CWE™, and base scores and vectors use CVSS v3.1 standards.

Note:

  • Ampere products are not impacted.
  • In an environment where the GPU is virtualized (for example, vGPU), you are not impacted. 
  • If the hypervisor is compromised or you have direct GPU access with bare metal or pass through, Turing, Volta, Pascal or Maxwell products can be exposed. 
  • Tegra X1, Tegra X1+, Tegra TX2 and Xavier products are impacted.
  • In all cases, an attacker requires OS administrative/kernel rights.
CVE ID Description Base Score Vector
CVE‑2021‑23201 NVIDIA GPU and Tegra hardware contain a vulnerability in an internal microcontroller which may allow a user with elevated privileges to generate valid microcode. This could lead to information disclosure, data corruption, or denial of service of the device.  7.5 AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
CVE‑2021‑23217 NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to instantiate a specifically timed DMA write to corrupt code execution, which may impact confidentiality, integrity, or availability.  7.5 AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
CVE‑2021‑34400 NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to gain access to information from unscrubbed memory, which may lead to information disclosure. 4.1 AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
CVE‑2021‑34399 NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to gain access to information from unscrubbed registers, which may lead to information disclosure. 4.1 AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
CVE‑2021‑23219 NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to access protected information, which may lead to information disclosure. 4.1 AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
CVE‑2021‑1125 NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller  which may allow a user with elevated privileges to corrupt program data.  4.1 AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:N
CVE‑2021‑1105 NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to access debug registers during runtime, which may lead to information disclosure. 4.1 AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
CVE‑2021‑1088 NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to utilize debug mechanisms with insufficient access control, which may lead to information disclosure. 4.1 AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N

The NVIDIA risk assessment is based on an average of risk across a diverse set of installed systems and may not represent the true risk to your local installation. NVIDIA recommends consulting a security or IT professional to evaluate the risk to your specific configuration. 

Affected NVIDIA Products  

Note: Ampere products are not affected

CVE IDs by Hardware Architecture

CVE IDs Hardware Architecture Type*
CVE‑2021‑1125 Maxwell, Pascal, Volta, Tegra X1, Tegra X1+, Tegra TX2, Xavier
CVE‑2021‑23217 Maxwell, GP100, Tegra X1, Tegra X1+, Tegra TX2
CVE‑2021‑23219 Maxwell (except GM206), Tegra X1, Tegra X1+
CVE‑2021‑23201
CVE‑2021‑34400
CVE‑2021‑34399
CVE‑2021‑1105
CVE‑2021‑1088
Turing, Volta, Pascal, Maxwell, Tegra X1, Tegra X1+, Tegra TX2, Xavier

*These vulnerabilities impact both Windows and Linux operating systems

The following table lists NVIDIA products affected. 

Product Category Hardware Architecture Type* Impacted Notes
GPU Turing, Volta, Pascal, Maxwell Yes  
GPU Kepler No Kepler does not contain security features impacted by these vulnerabilities
GPU Ampere  No  
Tegra SoC Tegra X1, Tegra X1+, Tegra TX2, Xavier Yes  

*See the table below for the product names corresponding to the architecture for each segment.

Affected NVIDIA Products by Hardware Architecture

Consumer and Commercial Client (GeForce, NVIDIA RTX) GPU Solutions
Hardware Architecture Product Name
Turing GeForce RTX 20-series, GeForce GTX 16-series, Titan RTX
Volta Titan V Series
Pascal (except P100) GeForce GTX 10-series, Titan X, Titan Xp
Maxwell, Pascal P100 GeForce 900-series, GeForce GTX Titan X
Kepler GeForce 600-series, GeForce 700-series, GTX Titan, GTX Titan Black, GTX Titan Z
Data Center and Edge (Tesla) GPU Solutions
Hardware Architecture Product Name
Turing NVIDIA T4
Volta Tesla V100 (16GB, 32GB), Tesla V100S, HGX-2
Pascal (except GP100) Tesla P40, Tesla P6, Tesla P4
Maxwell, Pascal GP100 Tesla P100 (12GB, 16GB) Tesla Mxx, Tesla Mxxxx
Kepler Tesla Kxx/Kxxx, GRID Kx/Kxxx 
Professional Visualization (Quadro/NVIDIA RTX) GPU Solutions
Hardware Architecture Product Name
Turing NVIDIA Quadro RTXxxxx, NVIDIA Quadro T-series, NVIDIA T-series
Volta NVIDIA Quadro GV100
Pascal (except GP100) NVIDIA Quadro P-series (Pxx/Pxxx)
Maxwell, Pascal GP100 NVIDIA Quadro M-series (Mxx/Mxxx)
Kepler NVIDIA Quadro K-series (Kxx/Kxxx)
Jetson Products
Hardware Architecture Product Name
Xavier Jetson Xavier Series, Jetson Xavier NX
Tegra TX2 Jetson TX2 Series
Tegra X1 Jetson Nano Series, Jetson TX1
Shield TV 
Hardware Architecture Product Name
Tegra X1, Tegra X1+ SHIELD TV - All Versions
DGX Systems
Hardware  Architecture Product Name
Volta NVIDIA DGX-1 (with V100), NVIDIA DGX-2, NVIDIA DGX Station
Pascal GP100 NVIDIA DGX-1 (with P100)
NVIDIA DRIVE Constellation
Hardware Architecture Product Name
Turing NVIDIA DRIVE Constellation

Mitigations

NVIDIA recommends following security best practices for managing access to computer systems. Limit administrative and kernel access to trusted users only.

Get the Most Up to Date Product Security Information

Visit the NVIDIA Product Security page to

  • Subscribe to security bulletin notifications
  • See the current list of NVIDIA security bulletins 
  • Report a potential security issue in any NVIDIA supported product
  • Learn more about the vulnerability management process followed by the NVIDIA Product Security Incident Response Team (PSIRT) 

Revision History

Revision Date Description
1.0 November 19, 2021  Initial release

Support

If you have any questions about this security bulletin, contact NVIDIA Support.

Disclaimer

ALL NVIDIA INFORMATION, DESIGN SPECIFICATIONS, REFERENCE BOARDS, FILES, DRAWINGS, DIAGNOSTICS, LISTS, AND OTHER DOCUMENTS (TOGETHER AND SEPARATELY, “MATERIALS”) ARE BEING PROVIDED “AS IS.” NVIDIA MAKES NO WARRANTIES, EXPRESS, IMPLIED, STATUTORY, OR OTHERWISE WITH RESPECT TO THE MATERIALS, AND ALL EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS AND WARRANTIES, INCLUDING ANY IMPLIED WARRANTY OR CONDITION OF TITLE, MERCHANTABILITY, SATISFACTORY QUALITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT, ARE HEREBY EXCLUDED TO THE MAXIMUM EXTENT PERMITTED BY LAW.

Information is believed to be accurate and reliable at the time it is furnished. However, NVIDIA Corporation assumes no responsibility for the consequences of use of such information or for any infringement of patents or other rights of third parties that may result from its use. No license is granted by implication or otherwise under any patent or patent rights of NVIDIA Corporation. Specifications mentioned in this publication are subject to change without notice. This publication supersedes and replaces all information previously supplied. NVIDIA Corporation products are not authorized for use as critical components in life support devices or systems without express written approval of NVIDIA Corporation.

Is this answer helpful?

Live Chat

Chat online with one of our support agents

CHAT NOW

ASK US A QUESTION

Contact Support for assistance

Ask a Question