Your message dated Sat, 23 Mar 2024 02:14:58 +0000 with message-id <e1rnquq-00174t...@fasolo.debian.org> and subject line Bug#1064983: fixed in nvidia-graphics-drivers 535.161.07-1 has caused the Debian Bug report #1064983, regarding nvidia-graphics-drivers: CVE-2024-0074, CVE-2024-0075, CVE-2022-42265, CVE-2024-0078 to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1064983: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1064983 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Source: nvidia-graphics-drivers Severity: serious Tags: security upstream X-Debbugs-Cc: Debian Security Team <t...@security.debian.org> Control: clone -1 -2 -3 -4 -5 -6 -7 -8 -9 Control: reassign -2 src:nvidia-graphics-drivers-legacy-340xx 340.76-6 Control: retitle -2 nvidia-graphics-drivers-legacy-340xx: CVE-2024-0074, CVE-2022-42265, CVE-2024-0078 Control: tag -2 + wontfix Control: reassign -3 src:nvidia-graphics-drivers-legacy-390xx 390.48-4 Control: retitle -3 nvidia-graphics-drivers-legacy-390xx: CVE-2024-0074, CVE-2022-42265, CVE-2024-0078 Control: tag -3 + wontfix Control: reassign -4 src:nvidia-graphics-drivers-tesla-418 418.87.01-1 Control: retitle -4 nvidia-graphics-drivers-tesla-418: CVE-2024-0074, CVE-2022-42265, CVE-2024-0078 Control: tag -4 + wontfix Control: reassign -5 src:nvidia-graphics-drivers-tesla-450 450.51.05-1 Control: retitle -5 nvidia-graphics-drivers-tesla-450: CVE-2024-0074, CVE-2022-42265, CVE-2024-0078 Control: tag -5 + wontfix Control: close -5 450.248.02-4 Control: reassign -6 src:nvidia-graphics-drivers-tesla-460 460.32.03-1 Control: retitle -6 nvidia-graphics-drivers-tesla-460: CVE-2024-0074, CVE-2022-42265, CVE-2024-0078 Control: tag -6 + wontfix Control: close -6 460.106.00-3 Control: reassign -7 src:nvidia-graphics-drivers-tesla-470 470.57.02-1 Control: retitle -7 nvidia-graphics-drivers-tesla-470: CVE-2024-0074, CVE-2022-42265, CVE-2024-0078 Control: reassign -8 src:nvidia-graphics-drivers-tesla 510.85.02-1 Control: retitle -8 nvidia-graphics-drivers-tesla: CVE-2024-0074, CVE-2024-0075, CVE-2024-0078 Control: found -8 515.48.07-1 Control: found -8 525.60.13-1 Control: tag -8 + wontfix Control: close -8 525.147.05-6 Control: reassign -9 src:nvidia-open-gpu-kernel-modules 515.43.04-1 Control: retitle -9 nvidia-open-gpu-kernel-modules: CVE-2024-0074, CVE-2024-0075, CVE-2024-0078 Control: found -9 520.56.06-1 Control: found -9 525.85.12-1 Control: found -9 530.30.02-1 Control: found -9 535.43.02-1 Control: found -9 545.23.06-1 Control: found -9 550.40.07-1 Control: found -1 340.24-1 Control: found -1 343.22-1 Control: found -1 396.18-1 Control: found -1 430.14-1 Control: found -1 455.23.04-1 Control: found -1 465.24.02-1 Control: found -1 495.44-1 Control: found -1 515.48.07-1 Control: found -1 520.56.06-1 Control: found -1 525.53-1 Control: found -1 530.30.02-1 Control: found -1 535.43.02-1 Control: found -1 545.23.06-1 Control: found -1 550.40.07-1 Control: fixed -7 470.239.06-1 https://nvidia.custhelp.com/app/answers/detail/a_id/5520 CVE-2024-0074 NVIDIA GPU Display Driver for Linux contains a vulnerability where an attacker may access a memory location after the end of the buffer. A successful exploit of this vulnerability may lead to denial of service and data tampering. CVE-2024-0075 NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability where a user may cause a NULL-pointer dereference by accessing passed parameters the validity of which has not been checked. A successful exploit of this vulnerability may lead to denial of service and limited information disclosure. CVE-2024-0078 NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where a user in a guest can cause a NULL-pointer dereference in the host, which may lead to denial of service. CVE-2022-42265 NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer handler, where an unprivileged regular user can cause integer overflow, which may lead to denial of service, information disclosure, and data tampering. Linux Driver Branch CVE IDs Addressed R550, R545, R535 CVE-2024-0074, CVE-2024-0075 R470 CVE-2024-0074, CVE-2022-42265 Driver Branch Affected Driver Versions Updated Driver Version R550 All driver versions prior to 550.54.14 550.54.14 R535 All driver versions prior to 535.161.07 535.161.07 R470 All driver versions prior to 470.239.06 470.239.06 R470 All driver versions prior to 470.223.02 470.223.02 Security Updates for NVIDIA vGPU Software Security Updates for NVIDIA Cloud Gaming Linux Driver Branch CVE IDs Addressed R535 CVE-2024-0074, CVE-2024-0075, CVE-2024-0078 R470 CVE-2024-0074, CVE-2024-0078, CVE-2022-42265 Andreas
--- End Message ---
--- Begin Message ---Source: nvidia-graphics-drivers Source-Version: 535.161.07-1 Done: Andreas Beckmann <a...@debian.org> We believe that the bug you reported is fixed in the latest version of nvidia-graphics-drivers, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 1064...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Andreas Beckmann <a...@debian.org> (supplier of updated nvidia-graphics-drivers package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Fri, 22 Mar 2024 23:44:46 +0100 Source: nvidia-graphics-drivers Architecture: source Version: 535.161.07-1 Distribution: experimental Urgency: medium Maintainer: Debian NVIDIA Maintainers <pkg-nvidia-de...@lists.alioth.debian.org> Changed-By: Andreas Beckmann <a...@debian.org> Closes: 1064983 Changes: nvidia-graphics-drivers (535.161.07-1) experimental; urgency=medium . * New upstream LTS and Tesla branch release 535.161.07 (2024-02-22). * Fixed CVE-2024-0074, CVE-2024-0075, CVE-2024-0078. (Closes: #1064983) https://nvidia.custhelp.com/app/answers/detail/a_id/5520 * Improved compatibility with recent Linux kernels. . [ Andreas Beckmann ] * Refresh patches. * Update nv-readme.ids. Checksums-Sha1: 8b03ba5c7a5d552538221dd3270c346b78ec6f5c 7896 nvidia-graphics-drivers_535.161.07-1.dsc 976f7c6fa525511a2f0b2fd9b380e77ab3b3385f 340345509 nvidia-graphics-drivers_535.161.07.orig-amd64.tar.gz 1b76245cfc66b994b8025a3fbc297251b3c9c8e0 269311958 nvidia-graphics-drivers_535.161.07.orig-arm64.tar.gz fec4fbed28fb3b9853f92a335033873e444de127 96367863 nvidia-graphics-drivers_535.161.07.orig-ppc64el.tar.gz f52798b90f8bd918901ebdf98db8ff193db08734 141 nvidia-graphics-drivers_535.161.07.orig.tar.gz 0b855340c79d55a1893aa3a26b7435f68da8bac0 225424 nvidia-graphics-drivers_535.161.07-1.debian.tar.xz fe7e7fc6379e9b6f4eb256ba223135df2f5f3ed2 5728 nvidia-graphics-drivers_535.161.07-1_source.buildinfo Checksums-Sha256: bc043730439477109ee04b189d9ceca91597da86dbd588f647f9aad8b4111ec8 7896 nvidia-graphics-drivers_535.161.07-1.dsc 2ce91b0ad1703b247dfce0f30455c2195993d612dc816d7fc3cf11c85df4f789 340345509 nvidia-graphics-drivers_535.161.07.orig-amd64.tar.gz 5a53e172c4cd6e24d90c4a61d4c8bb596bd756e47a649cb6a87309a992caaf6b 269311958 nvidia-graphics-drivers_535.161.07.orig-arm64.tar.gz b4617a73f2590461fe6db66d935f8f2aa90f898881e3ed5becb47735b5c166b9 96367863 nvidia-graphics-drivers_535.161.07.orig-ppc64el.tar.gz d6275cc220d18fdbfba8b9e5f9601022c956cfd21b7c8924543fdd7bfb2240bd 141 nvidia-graphics-drivers_535.161.07.orig.tar.gz 3a7761a3d819476d68265de97ba2a27d8d859061167827e9767a393c69dda853 225424 nvidia-graphics-drivers_535.161.07-1.debian.tar.xz 33f5124cabc6e603e915ff9ee79c4017791c6a6bd7eef5996e5f858a90cc1eae 5728 nvidia-graphics-drivers_535.161.07-1_source.buildinfo Files: 37c1abc0dd15414d8a623d5bd29e9a11 7896 non-free/libs optional nvidia-graphics-drivers_535.161.07-1.dsc c456693f83c82f4765adf98c760b7702 340345509 non-free/libs optional nvidia-graphics-drivers_535.161.07.orig-amd64.tar.gz e8443e763a34d0535c796cd675d7604a 269311958 non-free/libs optional nvidia-graphics-drivers_535.161.07.orig-arm64.tar.gz f861fc8cf5c7263946fcf0cfbffe4dae 96367863 non-free/libs optional nvidia-graphics-drivers_535.161.07.orig-ppc64el.tar.gz 209173f83ef82826fd77d816d375fdfe 141 non-free/libs optional nvidia-graphics-drivers_535.161.07.orig.tar.gz 858fdd38e3bac57e5499d19ed5d7dbbc 225424 non-free/libs optional nvidia-graphics-drivers_535.161.07-1.debian.tar.xz 2b08f20e0139f4c983794771cc7d7428 5728 non-free/libs optional nvidia-graphics-drivers_535.161.07-1_source.buildinfo -----BEGIN PGP SIGNATURE----- iQJEBAEBCAAuFiEE6/MKMKjZxjvaRMaUX7M/k1np7QgFAmX+C9IQHGFuYmVAZGVi aWFuLm9yZwAKCRBfsz+TWentCM05EACBnvdKt1vDtTPnMoCpLPKvcn10SuB6dPFv mpbiWtj/Ovn3nvECSZ3Luqs8/4o+tf9FOv+t7DF1K3l0YAgT59qcd2IYtUUlcvHg qQlQ5D0Sc3xvviZMUZbrYWDuAmCaeDE9yDglBwVTUP6/XOPWYg+5O1IZMFjMyAYr 6v5JeXHPIHRpViTBdtyLp4mm2NjH499Upf4Ozc3C9uCTBXRNnL9DecrPsziK3MnM Fpe/ouiZV2qu3AqfqhOh6jlKra/b3rRtNUceAENvxZW+9y+VFc3KT+CSppib9asS OnH94sxkuwbah66AKWXln9gl/IxucwVkcnUg+te3b09Hupb1+/lxB/ojmmhDj9E8 eutWuIkjZNt/6kaHv7Lo//aG3ftEHEc+JkV+p0khRdIEcLJx8LObezmnUANoi9lb HvBNUMrh5YBPdl8wzTR10cXkrXGmzTjEV5iI3E+wv47N5Yg3+LujsjS8Sc33puSc p7vDU53//Vk/F7/cn38qjazQGW5RF3AciS7D0OlhMxlBpelSccb9XCb28/LG121B xqG8BUAcmbADSO5fOic+jP9jM33kZnoqjxpg7MTkbsKeZ/UAzkful0iVuZBydzRq R3yHlIXbr3bX3I7icfeMHJN0c5TneglGlqMZFkD9CLsYJeabY5yqqHVmTITUZtJ1 45/xxkrRAw== =6AJT -----END PGP SIGNATURE-----pgpUceRe0rytU.pgp
Description: PGP signature
--- End Message ---