Bugs in NVIDIA’s Jetson Chipset Open Door to DoS Attacks, Data Theft

nvidia

Chipmaker patches nine high-severity bugs in its Jetson SoC framework tied to the way it handles low-level cryptographic algorithms.

Flaws impacting millions of internet of things (IoT) devices running NVIDIA’s Jetson chips open the door for a variety of hacks, including denial-of-service (DoS) attacks or the siphoning of data.

NVIDIA released patches addressing nine high-severity vulnerabilities including eight additional bugs of less severity. The patches fix a wide swath of NVIDIA’s chipsets typically used for embedded computing systems, machine-learning applications and autonomous devices such as robots and drones.
Impacted products include Jetson chipset series; AGX Xavier, Xavier NX/TX1, Jetson TX2 (including Jetson TX2 NX), and Jetson Nano devices (including Jetson Nano 2GB) found in the NVIDIA JetPack software developers kit. The patches were delivered as part of NVIDIA’s June security bulletin, released Friday.

Most Important Patch

The most severe bug, tracked as CVE‑2021‑34372, opens the Jetson framework to a buffer-overflow attack by an adversary. According to the NVIDIA security bulletin, the attacker would need network access to a system to carry out an attack, but the company warned the vulnerability is not complex to exploit and that an adversary with little to low access rights could launch it. It added that an attack could give an adversary persistent access to components – other than the NVIDIA chipset targeted – and allow a hacker to manipulate and or sabotage a targeted system.

“[The Jetson] driver contains a vulnerability in the NVIDIA OTE protocol message parsing code where an integer overflow in a malloc() size calculation leads to a buffer overflow on the heap, which might result in information disclosure, escalation of privileges and denial of service (DoS),” according to the security bulletin, posted on Friday.

Oblivious transfer extensions (OTE) are low-level cryptographic algorithms used by Jetson chipsets to process private-set-intersection protocols used to secure data as the chip processes data.

High-Severity Roundup

Other high-severity bugs patched by NVIDIA include vulnerabilities with severity ratings of between 7.9 and 7, which include CVE‑2021‑34373, CVE‑2021‑34374, CVE‑2021‑34375, CVE‑2021‑34376,  CVE‑2021‑34377, CVE‑2021‑34378, CVE‑2021‑34379 and CVE‑2021‑34380. Six of the bugs, if exploited, could allow a local attacker to trigger a DoS attack.

One of the bugs (CVE‑2021‑34373), with a 7.9 severity rating, impacts Jetson’s trusted Linux kernel and opens the door to a heap-based buffer overflow attack. This type attack is directed at the chip’s heap data memory framework, where the component is manipulated to generate errors.

“Trusty trusted Linux kernel (TLK) contains a vulnerability in the NVIDIA TLK kernel where a lack of heap hardening could cause heap overflows, which might lead to information disclosure and denial of service,” NVIDIA wrote.

Besides firmware, the chipmaker issued patches (CVE‑2021‑34372 through CVE‑2021‑34397) to address endpoint software for Jetson TX1, TX2 series, TX2 NX, AGX Xavier series, Xavier NX, Nano and Nano 2GB. For those bugs, NVIDIA credited bug hunter Frédéric Perriot of the Apple Media Products RedTeam for reporting the issues.

“[Updates address] security issues that may lead to escalation of privileges, denial of service and information disclosure. To protect your system, download and install the latest Debian packages from the APT repositories,” NVIDIA wrote.

Join Threatpost for “Tips and Tactics for Better Threat Hunting” — a LIVE event on Wed., June 30 at 2:00 PM ET in partnership with Palo Alto Networks. Learn from Palo Alto’s Unit 42 experts the best way to hunt down threats and how to use automation to help. Register HERE for free!

Suggested articles