Your message dated Sat, 23 Mar 2024 02:14:58 +0000
with message-id <e1rnquq-00174t...@fasolo.debian.org>
and subject line Bug#1064983: fixed in nvidia-graphics-drivers 535.161.07-1
has caused the Debian Bug report #1064983,
regarding nvidia-graphics-drivers: CVE-2024-0074, CVE-2024-0075,
CVE-2022-42265, CVE-2024-0078
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
1064983: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1064983
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: nvidia-graphics-drivers
Severity: serious
Tags: security upstream
X-Debbugs-Cc: Debian Security Team <t...@security.debian.org>
Control: clone -1 -2 -3 -4 -5 -6 -7 -8 -9
Control: reassign -2 src:nvidia-graphics-drivers-legacy-340xx 340.76-6
Control: retitle -2 nvidia-graphics-drivers-legacy-340xx: CVE-2024-0074,
CVE-2022-42265, CVE-2024-0078
Control: tag -2 + wontfix
Control: reassign -3 src:nvidia-graphics-drivers-legacy-390xx 390.48-4
Control: retitle -3 nvidia-graphics-drivers-legacy-390xx: CVE-2024-0074,
CVE-2022-42265, CVE-2024-0078
Control: tag -3 + wontfix
Control: reassign -4 src:nvidia-graphics-drivers-tesla-418 418.87.01-1
Control: retitle -4 nvidia-graphics-drivers-tesla-418: CVE-2024-0074,
CVE-2022-42265, CVE-2024-0078
Control: tag -4 + wontfix
Control: reassign -5 src:nvidia-graphics-drivers-tesla-450 450.51.05-1
Control: retitle -5 nvidia-graphics-drivers-tesla-450: CVE-2024-0074,
CVE-2022-42265, CVE-2024-0078
Control: tag -5 + wontfix
Control: close -5 450.248.02-4
Control: reassign -6 src:nvidia-graphics-drivers-tesla-460 460.32.03-1
Control: retitle -6 nvidia-graphics-drivers-tesla-460: CVE-2024-0074,
CVE-2022-42265, CVE-2024-0078
Control: tag -6 + wontfix
Control: close -6 460.106.00-3
Control: reassign -7 src:nvidia-graphics-drivers-tesla-470 470.57.02-1
Control: retitle -7 nvidia-graphics-drivers-tesla-470: CVE-2024-0074,
CVE-2022-42265, CVE-2024-0078
Control: reassign -8 src:nvidia-graphics-drivers-tesla 510.85.02-1
Control: retitle -8 nvidia-graphics-drivers-tesla: CVE-2024-0074,
CVE-2024-0075, CVE-2024-0078
Control: found -8 515.48.07-1
Control: found -8 525.60.13-1
Control: tag -8 + wontfix
Control: close -8 525.147.05-6
Control: reassign -9 src:nvidia-open-gpu-kernel-modules 515.43.04-1
Control: retitle -9 nvidia-open-gpu-kernel-modules: CVE-2024-0074,
CVE-2024-0075, CVE-2024-0078
Control: found -9 520.56.06-1
Control: found -9 525.85.12-1
Control: found -9 530.30.02-1
Control: found -9 535.43.02-1
Control: found -9 545.23.06-1
Control: found -9 550.40.07-1
Control: found -1 340.24-1
Control: found -1 343.22-1
Control: found -1 396.18-1
Control: found -1 430.14-1
Control: found -1 455.23.04-1
Control: found -1 465.24.02-1
Control: found -1 495.44-1
Control: found -1 515.48.07-1
Control: found -1 520.56.06-1
Control: found -1 525.53-1
Control: found -1 530.30.02-1
Control: found -1 535.43.02-1
Control: found -1 545.23.06-1
Control: found -1 550.40.07-1
Control: fixed -7 470.239.06-1
https://nvidia.custhelp.com/app/answers/detail/a_id/5520
CVE-2024-0074 NVIDIA GPU Display Driver for Linux contains a
vulnerability where an attacker may access a memory location after the
end of the buffer. A successful exploit of this vulnerability may lead
to denial of service and data tampering.
CVE-2024-0075 NVIDIA GPU Display Driver for Windows and Linux contains
a vulnerability where a user may cause a NULL-pointer dereference by
accessing passed parameters the validity of which has not been checked.
A successful exploit of this vulnerability may lead to denial of service
and limited information disclosure.
CVE-2024-0078 NVIDIA GPU Display Driver for Windows and Linux contains
a vulnerability in the kernel mode layer, where a user in a guest can
cause a NULL-pointer dereference in the host, which may lead to denial
of service.
CVE-2022-42265 NVIDIA GPU Display Driver for Windows and Linux contains
a vulnerability in the kernel mode layer handler, where an unprivileged
regular user can cause integer overflow, which may lead to denial of
service, information disclosure, and data tampering.
Linux Driver Branch CVE IDs Addressed
R550, R545, R535 CVE-2024-0074, CVE-2024-0075
R470 CVE-2024-0074, CVE-2022-42265
Driver Branch Affected Driver Versions Updated Driver
Version
R550 All driver versions prior to 550.54.14 550.54.14
R535 All driver versions prior to 535.161.07 535.161.07
R470 All driver versions prior to 470.239.06 470.239.06
R470 All driver versions prior to 470.223.02 470.223.02
Security Updates for NVIDIA vGPU Software
Security Updates for NVIDIA Cloud Gaming
Linux Driver Branch CVE IDs Addressed
R535 CVE-2024-0074, CVE-2024-0075, CVE-2024-0078
R470 CVE-2024-0074, CVE-2024-0078, CVE-2022-42265
Andreas
--- End Message ---
--- Begin Message ---
Source: nvidia-graphics-drivers
Source-Version: 535.161.07-1
Done: Andreas Beckmann <a...@debian.org>
We believe that the bug you reported is fixed in the latest version of
nvidia-graphics-drivers, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 1064...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Andreas Beckmann <a...@debian.org> (supplier of updated nvidia-graphics-drivers
package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Fri, 22 Mar 2024 23:44:46 +0100
Source: nvidia-graphics-drivers
Architecture: source
Version: 535.161.07-1
Distribution: experimental
Urgency: medium
Maintainer: Debian NVIDIA Maintainers <pkg-nvidia-de...@lists.alioth.debian.org>
Changed-By: Andreas Beckmann <a...@debian.org>
Closes: 1064983
Changes:
nvidia-graphics-drivers (535.161.07-1) experimental; urgency=medium
.
* New upstream LTS and Tesla branch release 535.161.07 (2024-02-22).
* Fixed CVE-2024-0074, CVE-2024-0075, CVE-2024-0078. (Closes: #1064983)
https://nvidia.custhelp.com/app/answers/detail/a_id/5520
* Improved compatibility with recent Linux kernels.
.
[ Andreas Beckmann ]
* Refresh patches.
* Update nv-readme.ids.
Checksums-Sha1:
8b03ba5c7a5d552538221dd3270c346b78ec6f5c 7896
nvidia-graphics-drivers_535.161.07-1.dsc
976f7c6fa525511a2f0b2fd9b380e77ab3b3385f 340345509
nvidia-graphics-drivers_535.161.07.orig-amd64.tar.gz
1b76245cfc66b994b8025a3fbc297251b3c9c8e0 269311958
nvidia-graphics-drivers_535.161.07.orig-arm64.tar.gz
fec4fbed28fb3b9853f92a335033873e444de127 96367863
nvidia-graphics-drivers_535.161.07.orig-ppc64el.tar.gz
f52798b90f8bd918901ebdf98db8ff193db08734 141
nvidia-graphics-drivers_535.161.07.orig.tar.gz
0b855340c79d55a1893aa3a26b7435f68da8bac0 225424
nvidia-graphics-drivers_535.161.07-1.debian.tar.xz
fe7e7fc6379e9b6f4eb256ba223135df2f5f3ed2 5728
nvidia-graphics-drivers_535.161.07-1_source.buildinfo
Checksums-Sha256:
bc043730439477109ee04b189d9ceca91597da86dbd588f647f9aad8b4111ec8 7896
nvidia-graphics-drivers_535.161.07-1.dsc
2ce91b0ad1703b247dfce0f30455c2195993d612dc816d7fc3cf11c85df4f789 340345509
nvidia-graphics-drivers_535.161.07.orig-amd64.tar.gz
5a53e172c4cd6e24d90c4a61d4c8bb596bd756e47a649cb6a87309a992caaf6b 269311958
nvidia-graphics-drivers_535.161.07.orig-arm64.tar.gz
b4617a73f2590461fe6db66d935f8f2aa90f898881e3ed5becb47735b5c166b9 96367863
nvidia-graphics-drivers_535.161.07.orig-ppc64el.tar.gz
d6275cc220d18fdbfba8b9e5f9601022c956cfd21b7c8924543fdd7bfb2240bd 141
nvidia-graphics-drivers_535.161.07.orig.tar.gz
3a7761a3d819476d68265de97ba2a27d8d859061167827e9767a393c69dda853 225424
nvidia-graphics-drivers_535.161.07-1.debian.tar.xz
33f5124cabc6e603e915ff9ee79c4017791c6a6bd7eef5996e5f858a90cc1eae 5728
nvidia-graphics-drivers_535.161.07-1_source.buildinfo
Files:
37c1abc0dd15414d8a623d5bd29e9a11 7896 non-free/libs optional
nvidia-graphics-drivers_535.161.07-1.dsc
c456693f83c82f4765adf98c760b7702 340345509 non-free/libs optional
nvidia-graphics-drivers_535.161.07.orig-amd64.tar.gz
e8443e763a34d0535c796cd675d7604a 269311958 non-free/libs optional
nvidia-graphics-drivers_535.161.07.orig-arm64.tar.gz
f861fc8cf5c7263946fcf0cfbffe4dae 96367863 non-free/libs optional
nvidia-graphics-drivers_535.161.07.orig-ppc64el.tar.gz
209173f83ef82826fd77d816d375fdfe 141 non-free/libs optional
nvidia-graphics-drivers_535.161.07.orig.tar.gz
858fdd38e3bac57e5499d19ed5d7dbbc 225424 non-free/libs optional
nvidia-graphics-drivers_535.161.07-1.debian.tar.xz
2b08f20e0139f4c983794771cc7d7428 5728 non-free/libs optional
nvidia-graphics-drivers_535.161.07-1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQJEBAEBCAAuFiEE6/MKMKjZxjvaRMaUX7M/k1np7QgFAmX+C9IQHGFuYmVAZGVi
aWFuLm9yZwAKCRBfsz+TWentCM05EACBnvdKt1vDtTPnMoCpLPKvcn10SuB6dPFv
mpbiWtj/Ovn3nvECSZ3Luqs8/4o+tf9FOv+t7DF1K3l0YAgT59qcd2IYtUUlcvHg
qQlQ5D0Sc3xvviZMUZbrYWDuAmCaeDE9yDglBwVTUP6/XOPWYg+5O1IZMFjMyAYr
6v5JeXHPIHRpViTBdtyLp4mm2NjH499Upf4Ozc3C9uCTBXRNnL9DecrPsziK3MnM
Fpe/ouiZV2qu3AqfqhOh6jlKra/b3rRtNUceAENvxZW+9y+VFc3KT+CSppib9asS
OnH94sxkuwbah66AKWXln9gl/IxucwVkcnUg+te3b09Hupb1+/lxB/ojmmhDj9E8
eutWuIkjZNt/6kaHv7Lo//aG3ftEHEc+JkV+p0khRdIEcLJx8LObezmnUANoi9lb
HvBNUMrh5YBPdl8wzTR10cXkrXGmzTjEV5iI3E+wv47N5Yg3+LujsjS8Sc33puSc
p7vDU53//Vk/F7/cn38qjazQGW5RF3AciS7D0OlhMxlBpelSccb9XCb28/LG121B
xqG8BUAcmbADSO5fOic+jP9jM33kZnoqjxpg7MTkbsKeZ/UAzkful0iVuZBydzRq
R3yHlIXbr3bX3I7icfeMHJN0c5TneglGlqMZFkD9CLsYJeabY5yqqHVmTITUZtJ1
45/xxkrRAw==
=6AJT
-----END PGP SIGNATURE-----
pgpUceRe0rytU.pgp
Description: PGP signature
--- End Message ---
