Your message dated Sat, 03 May 2025 19:51:39 +0000
with message-id <[email protected]>
and subject line Bug#1093916: fixed in nvidia-open-gpu-kernel-modules
535.230.02-1
has caused the Debian Bug report #1093916,
regarding nvidia-open-gpu-kernel-modules: CVE-2024-0131, CVE-2024-0147,
CVE-2024-0149, CVE-2024-0150
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
1093916: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1093916
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: nvidia-graphics-drivers
Severity: serious
Tags: security upstream
X-Debbugs-Cc: Debian Security Team <[email protected]>
Control: clone -1 -2 -3 -4 -5 -6 -7 -8 -9 -10
Control: reassign -2 src:nvidia-graphics-drivers-legacy-340xx 340.76-6
Control: retitle -2 nvidia-graphics-drivers-legacy-340xx: CVE-2024-0131,
CVE-2024-0147, CVE-2024-0149, CVE-2024-0150
Control: tag -2 + wontfix
Control: reassign -3 src:nvidia-graphics-drivers-legacy-390xx 390.48-4
Control: retitle -3 nvidia-graphics-drivers-legacy-390xx: CVE-2024-0131,
CVE-2024-0147, CVE-2024-0149, CVE-2024-0150
Control: tag -3 + wontfix
Control: reassign -4 src:nvidia-graphics-drivers-tesla-418 418.87.01-1
Control: retitle -4 nvidia-graphics-drivers-tesla-418: CVE-2024-0131,
CVE-2024-0147, CVE-2024-0149, CVE-2024-0150
Control: tag -4 + wontfix
Control: reassign -5 src:nvidia-graphics-drivers-tesla-450 450.51.05-1
Control: retitle -5 nvidia-graphics-drivers-tesla-450: CVE-2024-0131,
CVE-2024-0147, CVE-2024-0149, CVE-2024-0150
Control: tag -5 + wontfix
Control: close -5 450.248.02-4
Control: reassign -6 src:nvidia-graphics-drivers-tesla-460 460.32.03-1
Control: retitle -6 nvidia-graphics-drivers-tesla-460: CVE-2024-0131,
CVE-2024-0147, CVE-2024-0149, CVE-2024-0150
Control: tag -6 + wontfix
Control: close -6 460.106.00-3
Control: reassign -7 src:nvidia-graphics-drivers-tesla-470 470.57.02-1
Control: retitle -7 nvidia-graphics-drivers-tesla-470: CVE-2024-0131,
CVE-2024-0147, CVE-2024-0149, CVE-2024-0150
Control: tag -7 + wontfix
Control: severity -7 important
Control: reassign -8 src:nvidia-graphics-drivers-tesla 510.85.02-1
Control: retitle -8 nvidia-graphics-drivers-tesla: CVE-2024-0131,
CVE-2024-0147, CVE-2024-0149, CVE-2024-0150
Control: found -8 515.48.07-1
Control: found -8 525.60.13-1
Control: tag -8 + wontfix
Control: close -8 525.147.05-6
Control: reassign -9 src:nvidia-open-gpu-kernel-modules 515.43.04-1
Control: retitle -9 nvidia-open-gpu-kernel-modules: CVE-2024-0131,
CVE-2024-0147, CVE-2024-0149, CVE-2024-0150
Control: found -9 520.56.06-1
Control: found -9 525.85.12-1
Control: found -9 530.30.02-1
Control: found -9 535.43.02-1
Control: found -9 545.23.06-1
Control: found -9 550.40.07-1
Control: found -9 555.42.02-1
Control: found -9 560.28.03-1
Control: found -9 565.57.01-1
Control: reassign -10 src:nvidia-graphics-drivers-tesla-535 535.216.01-1
Control: retitle -10 nvidia-graphics-drivers-tesla-535: CVE-2024-0131,
CVE-2024-0147, CVE-2024-0149, CVE-2024-0150
Control: found -1 340.24-1
Control: found -1 343.22-1
Control: found -1 396.18-1
Control: found -1 430.14-1
Control: found -1 455.23.04-1
Control: found -1 465.24.02-1
Control: found -1 495.44-1
Control: found -1 515.48.07-1
Control: found -1 520.56.06-1
Control: found -1 525.53-1
Control: found -1 530.30.02-1
Control: found -1 535.43.02-1
Control: found -1 545.23.06-1
Control: found -1 550.40.07-1
Control: found -1 555.42.02-1
Control: found -1 560.28.03-1
Control: found -1 565.57.01-1
https://nvidia.custhelp.com/app/answers/detail/a_id/5614
CVE-2024-0150 NVIDIA GPU display driver for Windows and Linux contains
a vulnerability where data is written past the end or before the
beginning of a buffer. A successful exploit of this vulnerability might
lead to information disclosure, denial of service, or data tampering.
CVE-2024-0147 NVIDIA GPU display driver for Windows and Linux contains
a vulnerability where referencing memory after it has been freed can
lead to denial of service or data tampering.
CVE-2024-53869 NVIDIA Unified Memory driver for Linux contains a
vulnerability where an attacker could leak uninitialized memory. A
successful exploit of this vulnerability might lead to information
disclosure.
CVE-2024-0131 NVIDIA GPU kernel driver for Windows and Linux contains
a vulnerability where a potential user-mode attacker could read a
buffer with an incorrect length. A successful exploit of this
vulnerability might lead to denial of service.
CVE-2024-0149 NVIDIA GPU Display Driver for Linux contains a
vulnerability which could allow an attacker unauthorized access to
files. A successful exploit of this vulnerability might lead to limited
information disclosure.
Linux Driver Branch CVEs Addressed
R550 CVE-2024-0131, CVE-2024-0147, CVE-2024-0149,
CVE-2024-0150, CVE-2024-53869
R535 CVE-2024-0131, CVE-2024-0147, CVE-2024-0149,
CVE-2024-0150
Driver Branch Affected Driver Versions Updated Driver
Version
R550 All driver versions prior to 550.144.03 550.144.03
R535 All driver versions prior to 535.230.02 535.230.02
Andreas
--- End Message ---
--- Begin Message ---
Source: nvidia-open-gpu-kernel-modules
Source-Version: 535.230.02-1
Done: Andreas Beckmann <[email protected]>
We believe that the bug you reported is fixed in the latest version of
nvidia-open-gpu-kernel-modules, which is due to be installed in the Debian FTP
archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Andreas Beckmann <[email protected]> (supplier of updated
nvidia-open-gpu-kernel-modules package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Sat, 03 May 2025 20:16:34 +0200
Source: nvidia-open-gpu-kernel-modules
Architecture: source
Version: 535.230.02-1
Distribution: unstable
Urgency: medium
Maintainer: Debian NVIDIA Maintainers <[email protected]>
Changed-By: Andreas Beckmann <[email protected]>
Closes: 1093916
Changes:
nvidia-open-gpu-kernel-modules (535.230.02-1) unstable; urgency=medium
.
* New upstream LTS and Tesla branch release 535.230.02 (2025-01-16).
* Fixed CVE-2024-0150, CVE-2024-0147, CVE-2024-53869, CVE-2024-0131,
CVE-2024-0149. (Closes: #1093916)
https://nvidia.custhelp.com/app/answers/detail/a_id/5614
* Sync with src:nvidia-graphics-drivers.
* Refresh patches.
Checksums-Sha1:
100fd8043ab517b8daa9f31a62ea5bab0b4839d2 2681
nvidia-open-gpu-kernel-modules_535.230.02-1.dsc
8b5d415c17b928c5ee94b2fe71fccd61334cfdd1 12527212
nvidia-open-gpu-kernel-modules_535.230.02.orig.tar.xz
c4d1b4182065ba49b0bec1c895d1b1147005cadf 34048
nvidia-open-gpu-kernel-modules_535.230.02-1.debian.tar.xz
8f88b31599d0bf7c94f080903a1ea2e5745589b4 5537
nvidia-open-gpu-kernel-modules_535.230.02-1_source.buildinfo
Checksums-Sha256:
01d5e571f1b6f19925e69e2b33b06a4f76334bfba01f59e495cab5c66ba62a0e 2681
nvidia-open-gpu-kernel-modules_535.230.02-1.dsc
3b09709698baf902254e6a8c13e43ec7c04a627d6536799c3e50afc4b685eff8 12527212
nvidia-open-gpu-kernel-modules_535.230.02.orig.tar.xz
e9ca58ea6a63b8b2a3dd077411c309f8110ffaf5cc3c38103029b5805b4ff69b 34048
nvidia-open-gpu-kernel-modules_535.230.02-1.debian.tar.xz
0f891c610874ece108e6d99d24fb1791a307fbb8c3b37a325801afebd7146096 5537
nvidia-open-gpu-kernel-modules_535.230.02-1_source.buildinfo
Files:
0f52877162c99fa2a201e0899a0031cc 2681 contrib/kernel optional
nvidia-open-gpu-kernel-modules_535.230.02-1.dsc
e60d1c4a6b4305e68ced2572600c22b2 12527212 contrib/kernel optional
nvidia-open-gpu-kernel-modules_535.230.02.orig.tar.xz
8547e500a5ac80fb878e5ea907f7b317 34048 contrib/kernel optional
nvidia-open-gpu-kernel-modules_535.230.02-1.debian.tar.xz
1bf53c2125a202b75eace46dfb4931a4 5537 contrib/kernel optional
nvidia-open-gpu-kernel-modules_535.230.02-1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQJEBAEBCAAuFiEE6/MKMKjZxjvaRMaUX7M/k1np7QgFAmgWXksQHGFuYmVAZGVi
aWFuLm9yZwAKCRBfsz+TWentCE6kEACfMK0YL9jkWzHibjIhWFzEkLxcfdpMO1W3
59yG6boba/x1G24Ph4nq6+sYbnXGhlcfQeOC9T2vJlMZsUt7/tijfwmKJa4PYCLD
7Wi4xs/tmgo/HaGZK9CAUhS5RQWJGTrw992H/El6lhHlOYTMak9SQra9ZnpzjK0l
XbQ6rUgmxIAnNOJZ9keqfTZDP83n/akiqex93Q6Fa8VLBrlEVBUjl+qqSQMY4yeF
RCAK7zS9hV4ldOpSAo4THo9nLxrVBhrPMNPwBsjdyL1lhtSpflScC+QSjvSukyIQ
mrJIxYU4oPqE4UTiGimsCe7dNxTKr0W5s+nNBJ9E8UBaKLTtB2EZoiq3udTJIFaC
yYfoZ1//3E0xuz/kIdsyJ3WssY5R1rduZoLD18LDl8ypiL+56kGZWQK+frw25qRl
DXmqme+mZJC/mAYhc00PO18ofvbsYgXny7gq+nR2qmvNz+OTyrSgTAxR6oEnhxdG
dSQ3GwfuXZINuJM0hl1/7pR9k21oqMq8As27604UV9Ngi8b9lbNFvb1ePkW0mLZd
ABV3/qeQIyTjhpeeEIwTkAWrQ71v5JGm7eZ/Rab6JcwFGvnav3cnj1NCxeY7rZye
qUIWlGXkx3ouXL1uhvubPA3FY+OOwml3nSAl/j7Alh0LsUTE/fJHX8V9Ja31J5qN
fp498agW0A==
=WOY3
-----END PGP SIGNATURE-----
pgpr763qCKXlH.pgp
Description: PGP signature
--- End Message ---
