Source: nvidia-graphics-drivers Severity: serious Tags: security upstream X-Debbugs-Cc: Debian Security Team <t...@security.debian.org> Control: clone -1 -2 -3 -4 -5 -6 -7 -8 -9 Control: reassign -2 src:nvidia-graphics-drivers-legacy-340xx 340.76-6 Control: retitle -2 nvidia-graphics-drivers-legacy-340xx: CVE-2024-0074, CVE-2022-42265, CVE-2024-0078 Control: tag -2 + wontfix Control: reassign -3 src:nvidia-graphics-drivers-legacy-390xx 390.48-4 Control: retitle -3 nvidia-graphics-drivers-legacy-390xx: CVE-2024-0074, CVE-2022-42265, CVE-2024-0078 Control: tag -3 + wontfix Control: reassign -4 src:nvidia-graphics-drivers-tesla-418 418.87.01-1 Control: retitle -4 nvidia-graphics-drivers-tesla-418: CVE-2024-0074, CVE-2022-42265, CVE-2024-0078 Control: tag -4 + wontfix Control: reassign -5 src:nvidia-graphics-drivers-tesla-450 450.51.05-1 Control: retitle -5 nvidia-graphics-drivers-tesla-450: CVE-2024-0074, CVE-2022-42265, CVE-2024-0078 Control: tag -5 + wontfix Control: close -5 450.248.02-4 Control: reassign -6 src:nvidia-graphics-drivers-tesla-460 460.32.03-1 Control: retitle -6 nvidia-graphics-drivers-tesla-460: CVE-2024-0074, CVE-2022-42265, CVE-2024-0078 Control: tag -6 + wontfix Control: close -6 460.106.00-3 Control: reassign -7 src:nvidia-graphics-drivers-tesla-470 470.57.02-1 Control: retitle -7 nvidia-graphics-drivers-tesla-470: CVE-2024-0074, CVE-2022-42265, CVE-2024-0078 Control: reassign -8 src:nvidia-graphics-drivers-tesla 510.85.02-1 Control: retitle -8 nvidia-graphics-drivers-tesla: CVE-2024-0074, CVE-2024-0075, CVE-2024-0078 Control: found -8 515.48.07-1 Control: found -8 525.60.13-1 Control: tag -8 + wontfix Control: close -8 525.147.05-6 Control: reassign -9 src:nvidia-open-gpu-kernel-modules 515.43.04-1 Control: retitle -9 nvidia-open-gpu-kernel-modules: CVE-2024-0074, CVE-2024-0075, CVE-2024-0078 Control: found -9 520.56.06-1 Control: found -9 525.85.12-1 Control: found -9 530.30.02-1 Control: found -9 535.43.02-1 Control: found -9 545.23.06-1 Control: found -9 550.40.07-1 Control: found -1 340.24-1 Control: found -1 343.22-1 Control: found -1 396.18-1 Control: found -1 430.14-1 Control: found -1 455.23.04-1 Control: found -1 465.24.02-1 Control: found -1 495.44-1 Control: found -1 515.48.07-1 Control: found -1 520.56.06-1 Control: found -1 525.53-1 Control: found -1 530.30.02-1 Control: found -1 535.43.02-1 Control: found -1 545.23.06-1 Control: found -1 550.40.07-1 Control: fixed -7 470.239.06-1
https://nvidia.custhelp.com/app/answers/detail/a_id/5520 CVE-2024-0074 NVIDIA GPU Display Driver for Linux contains a vulnerability where an attacker may access a memory location after the end of the buffer. A successful exploit of this vulnerability may lead to denial of service and data tampering. CVE-2024-0075 NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability where a user may cause a NULL-pointer dereference by accessing passed parameters the validity of which has not been checked. A successful exploit of this vulnerability may lead to denial of service and limited information disclosure. CVE-2024-0078 NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where a user in a guest can cause a NULL-pointer dereference in the host, which may lead to denial of service. CVE-2022-42265 NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer handler, where an unprivileged regular user can cause integer overflow, which may lead to denial of service, information disclosure, and data tampering. Linux Driver Branch CVE IDs Addressed R550, R545, R535 CVE-2024-0074, CVE-2024-0075 R470 CVE-2024-0074, CVE-2022-42265 Driver Branch Affected Driver Versions Updated Driver Version R550 All driver versions prior to 550.54.14 550.54.14 R535 All driver versions prior to 535.161.07 535.161.07 R470 All driver versions prior to 470.239.06 470.239.06 R470 All driver versions prior to 470.223.02 470.223.02 Security Updates for NVIDIA vGPU Software Security Updates for NVIDIA Cloud Gaming Linux Driver Branch CVE IDs Addressed R535 CVE-2024-0074, CVE-2024-0075, CVE-2024-0078 R470 CVE-2024-0074, CVE-2024-0078, CVE-2022-42265 Andreas