selfblow: [NVIDIA CVE‑2019‑5680] Selfblow exploit, when nvtboot blows a hole in itself

NVIDIA has released software security updates for NVIDIA® Jetson™ TX1 in the NVIDIA® Tegra® Linux Driver Package (L4T). The update addresses issues that may lead to code execution, denial of service, or escalation of privileges. To protect your system, download available updates from NVIDIA DevZone.[…]

https://nvidia.custhelp.com/app/answers/detail/a_id/4835

https://nvd.nist.gov/vuln/detail/CVE-2019-5680

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5680

This is an untethered coldboot exploit and as far as i can tell it affects every single Tegra device released so far. (Except the Nintendo Switch since it uses a custom bootloader.) Completely defeats secure boot even on latest firmware.[…]

https://github.com/balika011/selfblow

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s