NVIDIA this week released security patches to address multiple vulnerabilities in the Tegra Linux Driver Package (L4T), including several flaws assessed with a “high” severity rating.
The most important of the bugs is CVE‑2018‑6269, a vulnerability residing in the Tegra kernel driver (the issue features a CVSS score of 8.8).
It affects the input/output control (IOCTL) handling for user mode requests and it could lead to information disclosure, denial-of-service (DoS), escalation of privileges, or code execution through a non-trusted pointer dereference.
The second most serious vulnerability, based on its CVSS score of 8.4, is CVE‑2017‑6278. Residing in the Tegra kernel’s CORE dynamic voltage and frequency scaling (DVFS) thermal driver, the vulnerability makes it possible to “read or write a buffer using an index or pointer that references a memory location after the end of the buffer, which may lead to a denial of service or escalation of privileges,” NVIDIA says.
A third severe flaw (CVE‑2018‑6267, CVSS score 8.4) was found in the Tegra OpenMax driver (libnvomx) and consists of a missing user metadata check that could allow invalid metadata to pass as valid, thus resulting in a DoS condition or escalation of privileges.
Another high risk bug addressed in this round of patches is CVE‑2018‑6271 (CVSS score 8.4). It also resides in the Tegra OpenMax driver and is created by invalid or erroneously validated input, which could affect the control flow or data flow of a program, leading to DoS or privilege escalation.
NVIDIA also addressed an important vulnerability in the Tegra kernel driver’s ARM System Memory Management Unit (SMMU), which could lead to denial of service (CVE‑2019‑5673), and another in the Tegra OpenMax driver, which could lead to denial of service or escalation of privileges (CVE‑2018‑6268).
Other vulnerabilities addressed this week may lead to information disclosure, denial of service or escalation of privileges. The updates should also mitigate side-channel attacks, specifically Variant 4 of the speculative execution methods known as Meltdown and Spectre.
The majority of these vulnerabilities require local access to the targeted system, but the attack complexity is low for most of them, NVIDIA reveals.
The vulnerabilities impact Jetson TX1 versions prior to R28.3 and Jetson TX2 versions prior to R28.3.