Intel NUC and Nvidia Shield Flaws Fixed
Intel fixes flaw in it's NUC mini-PC kit. Nvidia also releases patches for it's Shield TV. Intel's NUC mini-PC kit offers processing, memory and storage capabilities for applications like gaming, digital signage and media centers. Nvidia's Shield TV is a media streaming box powered by Nvidia's Tegra X1 system-on-chip, that runs on the Android operating system and can be used for gaming and media streaming. Both of these systems are popular with gamers.
Nvidia fixed two glitches in the Nvidia Shield that could enable code execution, denial of service, escalation of privileges, and information disclosure. Intel patched their NUC against a flaw that could allow escalation-of-privilege, denial-of-service or information disclosure.
Nvidia's flaw is from the bootloader in the Nvidia Tegra SoC of Nvidia Shield TV. This is the piece of code that runs before an operating systems starts to run, and loads the operating system when a computer turns on. The issue is due to the software performing an incorrect bounds check. Bounds checking is a method of detecting whether a variable is within “bounds” before it is used in the memory buffer, which is a region of a physical memory storage. This flaw can lead to a buffer overflow; when more data is sent to a memory block (buffer) than it can hold. Hackers could exploit this flaw to launch escalation-of-privilege and code-execution attacks.
Intel fixed potential security vulnerabilities in system firmware could allow escalation-of-privilege, denial-of-service and/or information disclosure. To exploit the flaw, a hacker would need to be local and already have credentials to login to the NUC.