Your message dated Thu, 20 Jun 2024 18:32:32 +0000
with message-id <[email protected]>
and subject line Bug#1072800: fixed in nvidia-open-gpu-kernel-modules 
535.183.01-1~deb12u1
has caused the Debian Bug report #1072800,
regarding nvidia-open-gpu-kernel-modules: CVE-2024-0090, CVE-2024-0091, 
CVE-2024-0092
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
1072800: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1072800
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: nvidia-graphics-drivers
Severity: serious
Tags: security upstream
X-Debbugs-Cc: Debian Security Team <[email protected]>
Control: clone -1 -2 -3 -4 -5 -6 -7 -8 -9
Control: reassign -2 src:nvidia-graphics-drivers-legacy-340xx 340.76-6
Control: retitle -2 nvidia-graphics-drivers-legacy-340xx: CVE-2024-0090, 
CVE-2024-0092
Control: tag -2 + wontfix
Control: reassign -3 src:nvidia-graphics-drivers-legacy-390xx 390.48-4
Control: retitle -3 nvidia-graphics-drivers-legacy-390xx: CVE-2024-0090, 
CVE-2024-0092
Control: tag -3 + wontfix
Control: reassign -4 src:nvidia-graphics-drivers-tesla-418 418.87.01-1
Control: retitle -4 nvidia-graphics-drivers-tesla-418: CVE-2024-0090, 
CVE-2024-0092
Control: tag -4 + wontfix
Control: reassign -5 src:nvidia-graphics-drivers-tesla-450 450.51.05-1
Control: retitle -5 nvidia-graphics-drivers-tesla-450: CVE-2024-0090, 
CVE-2024-0092
Control: tag -5 + wontfix
Control: close -5 450.248.02-4
Control: reassign -6 src:nvidia-graphics-drivers-tesla-460 460.32.03-1
Control: retitle -6 nvidia-graphics-drivers-tesla-460: CVE-2024-0090, 
CVE-2024-0092
Control: tag -6 + wontfix
Control: close -6 460.106.00-3
Control: reassign -7 src:nvidia-graphics-drivers-tesla-470 470.57.02-1
Control: retitle -7 nvidia-graphics-drivers-tesla-470: CVE-2024-0090, 
CVE-2024-0092
Control: reassign -8 src:nvidia-graphics-drivers-tesla 510.85.02-1
Control: retitle -8 nvidia-graphics-drivers-tesla: CVE-2024-0090, CVE-2024-0092
Control: found -8 515.48.07-1
Control: found -8 525.60.13-1
Control: tag -8 + wontfix
Control: close -8 525.147.05-6
Control: reassign -9 src:nvidia-open-gpu-kernel-modules 515.43.04-1
Control: retitle -9 nvidia-open-gpu-kernel-modules: CVE-2024-0090, 
CVE-2024-0091, CVE-2024-0092
Control: found -9 520.56.06-1
Control: found -9 525.85.12-1
Control: found -9 530.30.02-1
Control: found -9 535.43.02-1
Control: found -9 545.23.06-1
Control: found -9 550.40.07-1
Control: found -9 555.42.02-1
Control: found -1 340.24-1
Control: found -1 343.22-1
Control: found -1 396.18-1
Control: found -1 430.14-1
Control: found -1 455.23.04-1
Control: found -1 465.24.02-1
Control: found -1 495.44-1
Control: found -1 515.48.07-1
Control: found -1 520.56.06-1
Control: found -1 525.53-1
Control: found -1 530.30.02-1
Control: found -1 535.43.02-1
Control: found -1 545.23.06-1
Control: found -1 550.40.07-1
Control: found -1 555.42.02-1

https://nvidia.custhelp.com/app/answers/detail/a_id/5551

CVE-2024-0090   NVIDIA GPU driver for Windows and Linux contains a
vulnerability where a user can cause an out-of-bounds write. A
successful exploit of this vulnerability might lead to code execution,
denial of service, escalation of privileges, information disclosure, and
data tampering.

CVE-2024-0091   NVIDIA GPU Display Driver for Windows and Linux contains
a vulnerability where a user can cause an untrusted pointer dereference
by executing a driver API. A successful exploit of this vulnerability
might lead to denial of service, information disclosure, and data
tampering.

CVE-2024-0092   NVIDIA GPU Driver for Windows and Linux contains a
vulnerability where an improper check or improper handling of exception
conditions might lead to denial of service.

Linux Driver Branch     CVE IDs Addressed
R555, R550              CVE-2024-0090, CVE-2024-0091, CVE-2024-0092
R535, R470              CVE-2024-0090, CVE-2024-0092

Driver Branch   Affected Driver Versions                        Updated Driver 
Version
R555            All driver versions prior to 555.52.04          555.52.04
R550            All driver versions prior to 550.90.07          550.90.07
R535            All driver versions prior to 535.183.01         535.183.01
R470            All driver versions prior to 470.256.02         470.256.02


Andreas

--- End Message ---
--- Begin Message ---
Source: nvidia-open-gpu-kernel-modules
Source-Version: 535.183.01-1~deb12u1
Done: Andreas Beckmann <[email protected]>

We believe that the bug you reported is fixed in the latest version of
nvidia-open-gpu-kernel-modules, which is due to be installed in the Debian FTP 
archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Andreas Beckmann <[email protected]> (supplier of updated 
nvidia-open-gpu-kernel-modules package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Wed, 19 Jun 2024 18:17:12 +0200
Source: nvidia-open-gpu-kernel-modules
Architecture: source
Version: 535.183.01-1~deb12u1
Distribution: bookworm
Urgency: medium
Maintainer: Debian NVIDIA Maintainers <[email protected]>
Changed-By: Andreas Beckmann <[email protected]>
Closes: 1072800
Changes:
 nvidia-open-gpu-kernel-modules (535.183.01-1~deb12u1) bookworm; urgency=medium
 .
   * Rebuild for bookworm.
 .
 nvidia-open-gpu-kernel-modules (535.183.01-1) unstable; urgency=medium
 .
   * New upstream LTS and Tesla branch release 535.183.01 (2024-06-04).
     * Fixed CVE-2024-0090, CVE-2024-0092.  (Closes: #1072800)
       https://nvidia.custhelp.com/app/answers/detail/a_id/5551
   * New upstream long term support branch release 535.179 (2024-05-09).
   * New upstream long term support branch release 535.171.04 (2024-03-21).
   * Sync with src:nvidia-graphics-drivers.
   * Refresh patches.
Checksums-Sha1:
 82eae1c81dbb3fcc7de4ae9342b4e56704403d27 2761 
nvidia-open-gpu-kernel-modules_535.183.01-1~deb12u1.dsc
 e97b5cd896821c4d0510e498045416711225ab71 20580 
nvidia-open-gpu-kernel-modules_535.183.01-1~deb12u1.debian.tar.xz
 af699d2cdbf6beb157be81839f2cc3eaaa4ad6b6 5878 
nvidia-open-gpu-kernel-modules_535.183.01-1~deb12u1_source.buildinfo
Checksums-Sha256:
 8007e68dce2ede96a97b4bbcd128db1e0f3298049736be29e929e61357ebc805 2761 
nvidia-open-gpu-kernel-modules_535.183.01-1~deb12u1.dsc
 86589861f92f0c9b23c9f4a5c4f3be4c87ff6d1b2f1c473f1d3408fef74e70b9 20580 
nvidia-open-gpu-kernel-modules_535.183.01-1~deb12u1.debian.tar.xz
 7ca14a47b7ebb52b07bc8ae24ffcf4e53405092f2b6b8bef47d493fdcb943268 5878 
nvidia-open-gpu-kernel-modules_535.183.01-1~deb12u1_source.buildinfo
Files:
 4555849717765a09895bfa87177f34c4 2761 contrib/kernel optional 
nvidia-open-gpu-kernel-modules_535.183.01-1~deb12u1.dsc
 04c65a187289c28f10a95941bbed05b7 20580 contrib/kernel optional 
nvidia-open-gpu-kernel-modules_535.183.01-1~deb12u1.debian.tar.xz
 f3ef34bb2716145cd9341edc0c9631f2 5878 contrib/kernel optional 
nvidia-open-gpu-kernel-modules_535.183.01-1~deb12u1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJEBAEBCAAuFiEE6/MKMKjZxjvaRMaUX7M/k1np7QgFAmZzBY0QHGFuYmVAZGVi
aWFuLm9yZwAKCRBfsz+TWentCFf1D/oDvL07zjqpYo6RUKQKbVxTVZktgUTsTjC6
3OlDkJkCPZsyxvrlELJ1ubCZOMJA4O2kR3YoIgP5f32Bhbg1QpPkmLuCS7ENLK+W
s0DFQyeSS426lbrO5+DjMmED6UTrt1o4WW4WHL4EvxaalceLgZE25//oAqtmLURl
7mC0oVgtVra20YMzk7TlHPwl40nTJ/8zqj99r6MEbCxvyU2L0RMLMT5WVTFUBlM3
dlerDBshcLxZ7JtQgE+t+zAvPT4spqPzHIf/yI222XLh3L8Q+sKsaLxL71ZEVVR8
RK17FDorH5DN2f9O5J/hbGd4KEBLy6NyJwEUkN+Qad6tJ88zl30rQBsXFBDjBTGV
AdJVGDYb2d0jpg3HxW7QzFMWvyVE+dqHF35F4r7apmn+yKFrjXkrEGXaEqHhr6K2
nwUQ5EBgElQVHHKF/Xb8BbNtqtFmgR3jlxLPHOlf3jepQGFoF+p2cAt3a/EaupRb
mTEuBPtys1PWrpa8ImuyYWEbjLCuk2Q0Ih9+wHji8cV0Qcst9cTk7NBvoFo/8ofk
eP8TLimCwGdUXm45e5aq4ae8nt1NtHaIGdbP1d8aIuiH94JceqqG7Q+ScOSjAf1q
AmuASmnzdUgKbGaCghL99woa3n1u5rySaNLxarIcWZn1P9nYAcOJRCJbiedkMlgV
DWs9+VDvnA==
=yt8X
-----END PGP SIGNATURE-----

Attachment: pgpaT4s4beSit.pgp
Description: PGP signature


--- End Message ---

Reply via email to