NVIDIA Security Bulletins #548

madisongh · 2021-01-28T14:13:15Z

madisongh
Jan 28, 2021
Maintainer

Thread with information about NVIDIA's Tegra-specific security bulletins.

madisongh · 2021-01-28T14:39:24Z

madisongh
Jan 28, 2021
Maintainer Author

From 25 Jan 2021: https://nvidia.custhelp.com/app/answers/detail/a_id/5147

This bulletin lists three CVEs:

CVE-2021-1070: specific to the L4T BSP rootfs creation process, does not apply when using OE/Yocto.
CVE-2021-1069: applies to the nvhost kernel driver. Patch has been back-ported from the L4T R32.5 kernel for the dunfell, dunfell-l4t-r32.4.3, gatesgarth, and master branches.
CVE-2021-1071: patches to IIO core and NVIDIA's ina3221 driver have been back-ported from the R32.5 kernel for the dunfell, dunfell-l4t-r32.4.3, gatesgarth, and master branches.

meta-tegra commits with the kernel recipe updates:
master: b0a42c9
gatesgarth: e2a61e4
dunfell-l4t-r32.4.3: 58a8771
dunfell: 7a51e41

1 reply

ichergui Jan 28, 2021
Collaborator

Well done @madisongh

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

OpenEmbedded for Tegra

NVIDIA Security Bulletins #548

{{title}}

Replies: 1 comment 1 reply

{{title}}

{{title}}

Select a reply

OpenEmbedded for Tegra

NVIDIA Security Bulletins #548

madisongh Jan 28, 2021 Maintainer

Replies: 1 comment · 1 reply

madisongh Jan 28, 2021 Maintainer Author

ichergui Jan 28, 2021 Collaborator

madisongh
Jan 28, 2021
Maintainer

Replies: 1 comment 1 reply

madisongh
Jan 28, 2021
Maintainer Author

ichergui Jan 28, 2021
Collaborator