N/A

Trusty contains a vulnerability in NVIDIA OTE protocol message parsing code, which is present in all the TAs. An incorrect bounds check can allow a local user through a malicious client to access memory from the heap in the TrustZone, which may lead to information disclosure.

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N

N/A

NVIDIA OTE 缓冲区错误漏洞

Nvidia NVIDIA OTE是美国Nvidia公司的一个独立的、软件分区的环境，提供可信的操作。 NVIDIA OTE 存在缓冲区错误漏洞，该漏洞源于在NVIDIA OTE协议消息解析代码中包含一个漏洞，不正确的边界检查会导致位于流缓冲区之后的部分堆内存泄漏。

N/A

N/A