Bug#1064989: marked as done (nvidia-graphics-drivers-tesla-470: CVE-2024-0074, CVE-2022-42265, CVE-2024-0078)
Your message dated Sun, 05 May 2024 19:18:20 + with message-id and subject line Bug#1064989: fixed in nvidia-graphics-drivers-tesla-470 470.239.06-1~deb11u1 has caused the Debian Bug report #1064989, regarding nvidia-graphics-drivers-tesla-470: CVE-2024-0074, CVE-2022-42265, CVE-2024-0078 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1064989: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1064989 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: nvidia-graphics-drivers Severity: serious Tags: security upstream X-Debbugs-Cc: Debian Security Team Control: clone -1 -2 -3 -4 -5 -6 -7 -8 -9 Control: reassign -2 src:nvidia-graphics-drivers-legacy-340xx 340.76-6 Control: retitle -2 nvidia-graphics-drivers-legacy-340xx: CVE-2024-0074, CVE-2022-42265, CVE-2024-0078 Control: tag -2 + wontfix Control: reassign -3 src:nvidia-graphics-drivers-legacy-390xx 390.48-4 Control: retitle -3 nvidia-graphics-drivers-legacy-390xx: CVE-2024-0074, CVE-2022-42265, CVE-2024-0078 Control: tag -3 + wontfix Control: reassign -4 src:nvidia-graphics-drivers-tesla-418 418.87.01-1 Control: retitle -4 nvidia-graphics-drivers-tesla-418: CVE-2024-0074, CVE-2022-42265, CVE-2024-0078 Control: tag -4 + wontfix Control: reassign -5 src:nvidia-graphics-drivers-tesla-450 450.51.05-1 Control: retitle -5 nvidia-graphics-drivers-tesla-450: CVE-2024-0074, CVE-2022-42265, CVE-2024-0078 Control: tag -5 + wontfix Control: close -5 450.248.02-4 Control: reassign -6 src:nvidia-graphics-drivers-tesla-460 460.32.03-1 Control: retitle -6 nvidia-graphics-drivers-tesla-460: CVE-2024-0074, CVE-2022-42265, CVE-2024-0078 Control: tag -6 + wontfix Control: close -6 460.106.00-3 Control: reassign -7 src:nvidia-graphics-drivers-tesla-470 470.57.02-1 Control: retitle -7 nvidia-graphics-drivers-tesla-470: CVE-2024-0074, CVE-2022-42265, CVE-2024-0078 Control: reassign -8 src:nvidia-graphics-drivers-tesla 510.85.02-1 Control: retitle -8 nvidia-graphics-drivers-tesla: CVE-2024-0074, CVE-2024-0075, CVE-2024-0078 Control: found -8 515.48.07-1 Control: found -8 525.60.13-1 Control: tag -8 + wontfix Control: close -8 525.147.05-6 Control: reassign -9 src:nvidia-open-gpu-kernel-modules 515.43.04-1 Control: retitle -9 nvidia-open-gpu-kernel-modules: CVE-2024-0074, CVE-2024-0075, CVE-2024-0078 Control: found -9 520.56.06-1 Control: found -9 525.85.12-1 Control: found -9 530.30.02-1 Control: found -9 535.43.02-1 Control: found -9 545.23.06-1 Control: found -9 550.40.07-1 Control: found -1 340.24-1 Control: found -1 343.22-1 Control: found -1 396.18-1 Control: found -1 430.14-1 Control: found -1 455.23.04-1 Control: found -1 465.24.02-1 Control: found -1 495.44-1 Control: found -1 515.48.07-1 Control: found -1 520.56.06-1 Control: found -1 525.53-1 Control: found -1 530.30.02-1 Control: found -1 535.43.02-1 Control: found -1 545.23.06-1 Control: found -1 550.40.07-1 Control: fixed -7 470.239.06-1 https://nvidia.custhelp.com/app/answers/detail/a_id/5520 CVE-2024-0074 NVIDIA GPU Display Driver for Linux contains a vulnerability where an attacker may access a memory location after the end of the buffer. A successful exploit of this vulnerability may lead to denial of service and data tampering. CVE-2024-0075 NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability where a user may cause a NULL-pointer dereference by accessing passed parameters the validity of which has not been checked. A successful exploit of this vulnerability may lead to denial of service and limited information disclosure. CVE-2024-0078 NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where a user in a guest can cause a NULL-pointer dereference in the host, which may lead to denial of service. CVE-2022-42265 NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer handler, where an unprivileged regular user can cause integer overflow, which may lead to denial of service, information disclosure, and data tampering. Linux Driver Branch CVE IDs Addressed R550, R545, R535CVE-2024-0074, CVE-2024-0075 R470CVE-2024-0074, CVE-2022-42265 Driver Branch Affected Driver VersionsUpdated Driver Version R550All driver versions prior to 550.54.14 550.54.14 R535All driver versions prior to 535.161.07 535.161.07 R470All driver versions prior to 470.239.06 470.239.06 R470All driver versions prior to 470.223.02 470.223.02 Securi
Bug#1064989: marked as done (nvidia-graphics-drivers-tesla-470: CVE-2024-0074, CVE-2022-42265, CVE-2024-0078)
Your message dated Mon, 25 Mar 2024 19:18:16 + with message-id and subject line Bug#1064989: fixed in nvidia-graphics-drivers-tesla-470 470.239.06-1~deb12u1 has caused the Debian Bug report #1064989, regarding nvidia-graphics-drivers-tesla-470: CVE-2024-0074, CVE-2022-42265, CVE-2024-0078 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1064989: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1064989 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: nvidia-graphics-drivers Severity: serious Tags: security upstream X-Debbugs-Cc: Debian Security Team Control: clone -1 -2 -3 -4 -5 -6 -7 -8 -9 Control: reassign -2 src:nvidia-graphics-drivers-legacy-340xx 340.76-6 Control: retitle -2 nvidia-graphics-drivers-legacy-340xx: CVE-2024-0074, CVE-2022-42265, CVE-2024-0078 Control: tag -2 + wontfix Control: reassign -3 src:nvidia-graphics-drivers-legacy-390xx 390.48-4 Control: retitle -3 nvidia-graphics-drivers-legacy-390xx: CVE-2024-0074, CVE-2022-42265, CVE-2024-0078 Control: tag -3 + wontfix Control: reassign -4 src:nvidia-graphics-drivers-tesla-418 418.87.01-1 Control: retitle -4 nvidia-graphics-drivers-tesla-418: CVE-2024-0074, CVE-2022-42265, CVE-2024-0078 Control: tag -4 + wontfix Control: reassign -5 src:nvidia-graphics-drivers-tesla-450 450.51.05-1 Control: retitle -5 nvidia-graphics-drivers-tesla-450: CVE-2024-0074, CVE-2022-42265, CVE-2024-0078 Control: tag -5 + wontfix Control: close -5 450.248.02-4 Control: reassign -6 src:nvidia-graphics-drivers-tesla-460 460.32.03-1 Control: retitle -6 nvidia-graphics-drivers-tesla-460: CVE-2024-0074, CVE-2022-42265, CVE-2024-0078 Control: tag -6 + wontfix Control: close -6 460.106.00-3 Control: reassign -7 src:nvidia-graphics-drivers-tesla-470 470.57.02-1 Control: retitle -7 nvidia-graphics-drivers-tesla-470: CVE-2024-0074, CVE-2022-42265, CVE-2024-0078 Control: reassign -8 src:nvidia-graphics-drivers-tesla 510.85.02-1 Control: retitle -8 nvidia-graphics-drivers-tesla: CVE-2024-0074, CVE-2024-0075, CVE-2024-0078 Control: found -8 515.48.07-1 Control: found -8 525.60.13-1 Control: tag -8 + wontfix Control: close -8 525.147.05-6 Control: reassign -9 src:nvidia-open-gpu-kernel-modules 515.43.04-1 Control: retitle -9 nvidia-open-gpu-kernel-modules: CVE-2024-0074, CVE-2024-0075, CVE-2024-0078 Control: found -9 520.56.06-1 Control: found -9 525.85.12-1 Control: found -9 530.30.02-1 Control: found -9 535.43.02-1 Control: found -9 545.23.06-1 Control: found -9 550.40.07-1 Control: found -1 340.24-1 Control: found -1 343.22-1 Control: found -1 396.18-1 Control: found -1 430.14-1 Control: found -1 455.23.04-1 Control: found -1 465.24.02-1 Control: found -1 495.44-1 Control: found -1 515.48.07-1 Control: found -1 520.56.06-1 Control: found -1 525.53-1 Control: found -1 530.30.02-1 Control: found -1 535.43.02-1 Control: found -1 545.23.06-1 Control: found -1 550.40.07-1 Control: fixed -7 470.239.06-1 https://nvidia.custhelp.com/app/answers/detail/a_id/5520 CVE-2024-0074 NVIDIA GPU Display Driver for Linux contains a vulnerability where an attacker may access a memory location after the end of the buffer. A successful exploit of this vulnerability may lead to denial of service and data tampering. CVE-2024-0075 NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability where a user may cause a NULL-pointer dereference by accessing passed parameters the validity of which has not been checked. A successful exploit of this vulnerability may lead to denial of service and limited information disclosure. CVE-2024-0078 NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where a user in a guest can cause a NULL-pointer dereference in the host, which may lead to denial of service. CVE-2022-42265 NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer handler, where an unprivileged regular user can cause integer overflow, which may lead to denial of service, information disclosure, and data tampering. Linux Driver Branch CVE IDs Addressed R550, R545, R535CVE-2024-0074, CVE-2024-0075 R470CVE-2024-0074, CVE-2022-42265 Driver Branch Affected Driver VersionsUpdated Driver Version R550All driver versions prior to 550.54.14 550.54.14 R535All driver versions prior to 535.161.07 535.161.07 R470All driver versions prior to 470.239.06 470.239.06 R470All driver versions prior to 470.223.02 470.223.02 Securi