NVIDIAÐÞ¸´¶à¸öÎó²îΣº¦Í¨¸æ

Ðû²¼Ê±¼ä 2019-12-09

Îó²î±àºÅºÍ¼¶±ð


CVE±àºÅ£ºCVE-2018-6267 £¬Î£ÏÕ¼¶±ð£º¸ßΣ £¬CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ£º8.4 £¬¹Ù·½£º7.8

CVE±àºÅ£ºCVE-2018-6271 £¬Î£ÏÕ¼¶±ð£º¸ßΣ £¬CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ£º8.4 £¬¹Ù·½Î´ÆÀ¶¨

CVE±àºÅ£ºCVE-2018-6240 £¬Î£ÏÕ¼¶±ð£º¸ßΣ £¬CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ£º8.2 £¬¹Ù·½Î´ÆÀ¶¨

CVE±àºÅ£ºCVE-2018-6268 £¬Î£ÏÕ¼¶±ð£º¸ßΣ £¬CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ£º7.8 £¬¹Ù·½Î´ÆÀ¶¨

CVE±àºÅ£ºCVE-2019-5700 £¬Î£ÏÕ¼¶±ð£º¸ßΣ £¬CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ£º7.6 £¬¹Ù·½Î´ÆÀ¶¨

CVE±àºÅ£ºCVE-2019-5699 £¬Î£ÏÕ¼¶±ð£º¸ßΣ £¬CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ£º7.6 £¬¹Ù·½Î´ÆÀ¶¨


Ó°Ïì°æ±¾


×ðÁú¿­Ê±¡¤(ÖйúÇø)ÈËÉú¾ÍÊDz«!



Îó²î¸ÅÊö


NVIDIAÐû²¼ÁËÕë¶ÔJetson AGX Xavier £¬TK1 £¬TX1 £¬TX2ºÍNanoоƬµÄTegra LinuxÇý¶¯³ÌÐò°ü£¨L4T£©ÖеÄÁù¸ö¸ßΣÎó²îµÄÇå¾²¸üР£¬ÕâЩÎó²îÓÃÓÚ¼²³ÛµÄMBUXÐÅÏ¢ÓéÀÖϵͳºÍ²©ÊÀ×Ô¶¯¼ÝÊ»ÅÌËã»úϵͳÖС£ÊÜÕâЩÎó²îÓ°ÏìµÄоƬ»¹ÓÃÓÚHPºÍAcer Chromebook £¬Androidƽ°åµçÄÔ £¬Nintendo SwitchÊÓƵÓÎÏ·»úºÍMagic Leap OneÐéÄâÊÓÍøĤÏÔʾÆ÷¡£ÕâЩÇå¾²Îó²î¿ÉÄÜʹ¾ßÓвî±ð¼¶±ðÓû§È¨ÏÞµÄÍâµØ¹¥»÷ÕßÄܹ»Ö´ÐÐí§Òâ´úÂë £¬ÌáÉýȨÏÞ £¬´¥·¢¾Ü¾ø·þÎñ£¨DoS£©×´Ì¬ £¬²¢Õë¶Ôδ´ò²¹¶¡Ð¾Æ¬µÄ×°±¸ÌᳫÐÅϢй¶¹¥»÷¡£Îó²î¸ÅÊöÈçÏ£º


CVE-2018-6267

AndroidÊÇÃÀ¹ú¹È¸è£¨Google£©ºÍ¿ªËÉÊÖ³Ö×°±¸Í¬ÃË£¨¼ò³ÆOHA£©µÄÒ»Ì×ÒÔLinuxΪ»ù´¡µÄ¿ªÔ´²Ù×÷ϵͳ¡£NVIDIA libnvomxÊÇÆäÖеÄÒ»¸öÊÓƵ±àÂë¿â¡£


AndroidÖеÄNVIDIA libnvomx±£´æÊäÈëÑéÖ¤¹ýʧÎó²î £¬¸ÃÎó²îÔ´ÓÚ³ÌÐòûÓÐÑéÖ¤»ò¹ýʧµØÑéÖ¤ÁËÓû§µÄÊäÈë¡£Ô¶³Ì¹¥»÷Õß¿ÉʹÓøÃÎó²îÔì³É¾Ü¾ø·þÎñ»òÌáÉýȨÏÞ¡£


CVE-2018-6271

AndroidÖеÄNVIDIA libnvomx±£´æ»º³åÇø¹ýʧÎó²î £¬¸ÃÎó²îÔ´ÓÚ³ÌÐòûÓÐ׼ȷµØÑéÖ¤ÌØÁíÍâÊý¾Ý¡£Ô¶³Ì¹¥»÷Õß¿ÉʹÓøÃÎó²îÔì³É¾Ü¾ø·þÎñ»òÌáÉýȨÏÞ¡£


CVE-2018-6240

AndroidÖеÄNVIDIA BootROM×é¼þ±£´æÌáȨÎó²î¡£¹¥»÷Õß¿ÉʹÓøÃÎó²îÌáÉýȨÏÞ¡£


CVE-2018-6268

Google AndroidÖеÄNVIDIA libnvomx×é¼þµÄlibnvmmlite_video.soÎļþ±£´æÊͷźóÖØÓÃÎó²î¡£Ô¶³Ì¹¥»÷Õß¿ÉʹÓøÃÎó²îÔì³É¾Ü¾ø·þÎñ»ò¿ÉÄÜÌáÉýȨÏÞ¡£


CVE-2019-5700

NVIDIA Shield TV Experience 8.0.1°æ±¾ÖеÄNVIDIA TegraÈí¼þµÄ bootloader±£´æÇå¾²Îó²î £¬¸ÃÎó²îÔ´ÓÚ³ÌÐòûÓÐÑéÖ¤Ö¸µ¼¾µÏñµÄ×ֶΡ£¹¥»÷Õß¿ÉʹÓøÃÎó²îÖ´ÐдúÂë £¬Ôì³É¾Ü¾ø·þÎñ £¬ÌáÉýȨÏÞ¼°Ð¹Â¶ÐÅÏ¢¡£


CVE-2019-5699

NVIDIA Shield TV Experience 8.0.1֮ǰ°æ±¾ÖеÄNVIDIA Tegra bootloader±£´æ»º³åÇø¹ýʧÎó²î £¬¸ÃÎó²îÔ´ÓÚ³ÌÐò¾ÙÐеĹýʧµÄ½çÏß¼ì²é¡£¹¥»÷Õß¿ÉʹÓøÃÎó²îÌáÉýȨÏÞ £¬Ð¹Â¶ÐÅÏ¢ £¬Ö´ÐдúÂë»òÔì³É¾Ü¾ø·þÎñ¡£


Îó²îÑéÖ¤


ÔÝÎÞPOC/EXP¡£


ÐÞ¸´½¨Òé


ÏÖÔÚ³§ÉÌÒÑÐû²¼Éý¼¶²¹¶¡ÒÔÐÞ¸´Îó²î £¬²¹¶¡»ñÈ¡Á´½Ó£º

https://source.android.com/security/bulletin/2019-09-01

https://source.android.com/security/bulletin/2019-02-01

https://nvidia.custhelp.com/app/answers/detail/a_id/4875


²Î¿¼Á´½Ó


https://www.bleepingcomputer.com/news/security/nvidia-patches-severe-flaws-in-mercedes-infotainment-system-chips/