Your message dated Thu, 20 Jun 2024 18:32:32 +0000
with message-id <[email protected]>
and subject line Bug#1072800: fixed in nvidia-open-gpu-kernel-modules
535.183.01-1~deb12u1
has caused the Debian Bug report #1072800,
regarding nvidia-open-gpu-kernel-modules: CVE-2024-0090, CVE-2024-0091,
CVE-2024-0092
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
1072800: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1072800
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: nvidia-graphics-drivers
Severity: serious
Tags: security upstream
X-Debbugs-Cc: Debian Security Team <[email protected]>
Control: clone -1 -2 -3 -4 -5 -6 -7 -8 -9
Control: reassign -2 src:nvidia-graphics-drivers-legacy-340xx 340.76-6
Control: retitle -2 nvidia-graphics-drivers-legacy-340xx: CVE-2024-0090,
CVE-2024-0092
Control: tag -2 + wontfix
Control: reassign -3 src:nvidia-graphics-drivers-legacy-390xx 390.48-4
Control: retitle -3 nvidia-graphics-drivers-legacy-390xx: CVE-2024-0090,
CVE-2024-0092
Control: tag -3 + wontfix
Control: reassign -4 src:nvidia-graphics-drivers-tesla-418 418.87.01-1
Control: retitle -4 nvidia-graphics-drivers-tesla-418: CVE-2024-0090,
CVE-2024-0092
Control: tag -4 + wontfix
Control: reassign -5 src:nvidia-graphics-drivers-tesla-450 450.51.05-1
Control: retitle -5 nvidia-graphics-drivers-tesla-450: CVE-2024-0090,
CVE-2024-0092
Control: tag -5 + wontfix
Control: close -5 450.248.02-4
Control: reassign -6 src:nvidia-graphics-drivers-tesla-460 460.32.03-1
Control: retitle -6 nvidia-graphics-drivers-tesla-460: CVE-2024-0090,
CVE-2024-0092
Control: tag -6 + wontfix
Control: close -6 460.106.00-3
Control: reassign -7 src:nvidia-graphics-drivers-tesla-470 470.57.02-1
Control: retitle -7 nvidia-graphics-drivers-tesla-470: CVE-2024-0090,
CVE-2024-0092
Control: reassign -8 src:nvidia-graphics-drivers-tesla 510.85.02-1
Control: retitle -8 nvidia-graphics-drivers-tesla: CVE-2024-0090, CVE-2024-0092
Control: found -8 515.48.07-1
Control: found -8 525.60.13-1
Control: tag -8 + wontfix
Control: close -8 525.147.05-6
Control: reassign -9 src:nvidia-open-gpu-kernel-modules 515.43.04-1
Control: retitle -9 nvidia-open-gpu-kernel-modules: CVE-2024-0090,
CVE-2024-0091, CVE-2024-0092
Control: found -9 520.56.06-1
Control: found -9 525.85.12-1
Control: found -9 530.30.02-1
Control: found -9 535.43.02-1
Control: found -9 545.23.06-1
Control: found -9 550.40.07-1
Control: found -9 555.42.02-1
Control: found -1 340.24-1
Control: found -1 343.22-1
Control: found -1 396.18-1
Control: found -1 430.14-1
Control: found -1 455.23.04-1
Control: found -1 465.24.02-1
Control: found -1 495.44-1
Control: found -1 515.48.07-1
Control: found -1 520.56.06-1
Control: found -1 525.53-1
Control: found -1 530.30.02-1
Control: found -1 535.43.02-1
Control: found -1 545.23.06-1
Control: found -1 550.40.07-1
Control: found -1 555.42.02-1
https://nvidia.custhelp.com/app/answers/detail/a_id/5551
CVE-2024-0090 NVIDIA GPU driver for Windows and Linux contains a
vulnerability where a user can cause an out-of-bounds write. A
successful exploit of this vulnerability might lead to code execution,
denial of service, escalation of privileges, information disclosure, and
data tampering.
CVE-2024-0091 NVIDIA GPU Display Driver for Windows and Linux contains
a vulnerability where a user can cause an untrusted pointer dereference
by executing a driver API. A successful exploit of this vulnerability
might lead to denial of service, information disclosure, and data
tampering.
CVE-2024-0092 NVIDIA GPU Driver for Windows and Linux contains a
vulnerability where an improper check or improper handling of exception
conditions might lead to denial of service.
Linux Driver Branch CVE IDs Addressed
R555, R550 CVE-2024-0090, CVE-2024-0091, CVE-2024-0092
R535, R470 CVE-2024-0090, CVE-2024-0092
Driver Branch Affected Driver Versions Updated Driver
Version
R555 All driver versions prior to 555.52.04 555.52.04
R550 All driver versions prior to 550.90.07 550.90.07
R535 All driver versions prior to 535.183.01 535.183.01
R470 All driver versions prior to 470.256.02 470.256.02
Andreas
--- End Message ---
--- Begin Message ---
Source: nvidia-open-gpu-kernel-modules
Source-Version: 535.183.01-1~deb12u1
Done: Andreas Beckmann <[email protected]>
We believe that the bug you reported is fixed in the latest version of
nvidia-open-gpu-kernel-modules, which is due to be installed in the Debian FTP
archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Andreas Beckmann <[email protected]> (supplier of updated
nvidia-open-gpu-kernel-modules package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Wed, 19 Jun 2024 18:17:12 +0200
Source: nvidia-open-gpu-kernel-modules
Architecture: source
Version: 535.183.01-1~deb12u1
Distribution: bookworm
Urgency: medium
Maintainer: Debian NVIDIA Maintainers <[email protected]>
Changed-By: Andreas Beckmann <[email protected]>
Closes: 1072800
Changes:
nvidia-open-gpu-kernel-modules (535.183.01-1~deb12u1) bookworm; urgency=medium
.
* Rebuild for bookworm.
.
nvidia-open-gpu-kernel-modules (535.183.01-1) unstable; urgency=medium
.
* New upstream LTS and Tesla branch release 535.183.01 (2024-06-04).
* Fixed CVE-2024-0090, CVE-2024-0092. (Closes: #1072800)
https://nvidia.custhelp.com/app/answers/detail/a_id/5551
* New upstream long term support branch release 535.179 (2024-05-09).
* New upstream long term support branch release 535.171.04 (2024-03-21).
* Sync with src:nvidia-graphics-drivers.
* Refresh patches.
Checksums-Sha1:
82eae1c81dbb3fcc7de4ae9342b4e56704403d27 2761
nvidia-open-gpu-kernel-modules_535.183.01-1~deb12u1.dsc
e97b5cd896821c4d0510e498045416711225ab71 20580
nvidia-open-gpu-kernel-modules_535.183.01-1~deb12u1.debian.tar.xz
af699d2cdbf6beb157be81839f2cc3eaaa4ad6b6 5878
nvidia-open-gpu-kernel-modules_535.183.01-1~deb12u1_source.buildinfo
Checksums-Sha256:
8007e68dce2ede96a97b4bbcd128db1e0f3298049736be29e929e61357ebc805 2761
nvidia-open-gpu-kernel-modules_535.183.01-1~deb12u1.dsc
86589861f92f0c9b23c9f4a5c4f3be4c87ff6d1b2f1c473f1d3408fef74e70b9 20580
nvidia-open-gpu-kernel-modules_535.183.01-1~deb12u1.debian.tar.xz
7ca14a47b7ebb52b07bc8ae24ffcf4e53405092f2b6b8bef47d493fdcb943268 5878
nvidia-open-gpu-kernel-modules_535.183.01-1~deb12u1_source.buildinfo
Files:
4555849717765a09895bfa87177f34c4 2761 contrib/kernel optional
nvidia-open-gpu-kernel-modules_535.183.01-1~deb12u1.dsc
04c65a187289c28f10a95941bbed05b7 20580 contrib/kernel optional
nvidia-open-gpu-kernel-modules_535.183.01-1~deb12u1.debian.tar.xz
f3ef34bb2716145cd9341edc0c9631f2 5878 contrib/kernel optional
nvidia-open-gpu-kernel-modules_535.183.01-1~deb12u1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQJEBAEBCAAuFiEE6/MKMKjZxjvaRMaUX7M/k1np7QgFAmZzBY0QHGFuYmVAZGVi
aWFuLm9yZwAKCRBfsz+TWentCFf1D/oDvL07zjqpYo6RUKQKbVxTVZktgUTsTjC6
3OlDkJkCPZsyxvrlELJ1ubCZOMJA4O2kR3YoIgP5f32Bhbg1QpPkmLuCS7ENLK+W
s0DFQyeSS426lbrO5+DjMmED6UTrt1o4WW4WHL4EvxaalceLgZE25//oAqtmLURl
7mC0oVgtVra20YMzk7TlHPwl40nTJ/8zqj99r6MEbCxvyU2L0RMLMT5WVTFUBlM3
dlerDBshcLxZ7JtQgE+t+zAvPT4spqPzHIf/yI222XLh3L8Q+sKsaLxL71ZEVVR8
RK17FDorH5DN2f9O5J/hbGd4KEBLy6NyJwEUkN+Qad6tJ88zl30rQBsXFBDjBTGV
AdJVGDYb2d0jpg3HxW7QzFMWvyVE+dqHF35F4r7apmn+yKFrjXkrEGXaEqHhr6K2
nwUQ5EBgElQVHHKF/Xb8BbNtqtFmgR3jlxLPHOlf3jepQGFoF+p2cAt3a/EaupRb
mTEuBPtys1PWrpa8ImuyYWEbjLCuk2Q0Ih9+wHji8cV0Qcst9cTk7NBvoFo/8ofk
eP8TLimCwGdUXm45e5aq4ae8nt1NtHaIGdbP1d8aIuiH94JceqqG7Q+ScOSjAf1q
AmuASmnzdUgKbGaCghL99woa3n1u5rySaNLxarIcWZn1P9nYAcOJRCJbiedkMlgV
DWs9+VDvnA==
=yt8X
-----END PGP SIGNATURE-----
pgpaT4s4beSit.pgp
Description: PGP signature
--- End Message ---