Your message dated Thu, 22 May 2025 06:34:18 +0000
with message-id <[email protected]>
and subject line Bug#1093916: fixed in nvidia-open-gpu-kernel-modules
550.144.03-1
has caused the Debian Bug report #1093916,
regarding nvidia-open-gpu-kernel-modules: CVE-2024-0131, CVE-2024-0147,
CVE-2024-0149, CVE-2024-0150
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
1093916: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1093916
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: nvidia-graphics-drivers
Severity: serious
Tags: security upstream
X-Debbugs-Cc: Debian Security Team <[email protected]>
Control: clone -1 -2 -3 -4 -5 -6 -7 -8 -9 -10
Control: reassign -2 src:nvidia-graphics-drivers-legacy-340xx 340.76-6
Control: retitle -2 nvidia-graphics-drivers-legacy-340xx: CVE-2024-0131,
CVE-2024-0147, CVE-2024-0149, CVE-2024-0150
Control: tag -2 + wontfix
Control: reassign -3 src:nvidia-graphics-drivers-legacy-390xx 390.48-4
Control: retitle -3 nvidia-graphics-drivers-legacy-390xx: CVE-2024-0131,
CVE-2024-0147, CVE-2024-0149, CVE-2024-0150
Control: tag -3 + wontfix
Control: reassign -4 src:nvidia-graphics-drivers-tesla-418 418.87.01-1
Control: retitle -4 nvidia-graphics-drivers-tesla-418: CVE-2024-0131,
CVE-2024-0147, CVE-2024-0149, CVE-2024-0150
Control: tag -4 + wontfix
Control: reassign -5 src:nvidia-graphics-drivers-tesla-450 450.51.05-1
Control: retitle -5 nvidia-graphics-drivers-tesla-450: CVE-2024-0131,
CVE-2024-0147, CVE-2024-0149, CVE-2024-0150
Control: tag -5 + wontfix
Control: close -5 450.248.02-4
Control: reassign -6 src:nvidia-graphics-drivers-tesla-460 460.32.03-1
Control: retitle -6 nvidia-graphics-drivers-tesla-460: CVE-2024-0131,
CVE-2024-0147, CVE-2024-0149, CVE-2024-0150
Control: tag -6 + wontfix
Control: close -6 460.106.00-3
Control: reassign -7 src:nvidia-graphics-drivers-tesla-470 470.57.02-1
Control: retitle -7 nvidia-graphics-drivers-tesla-470: CVE-2024-0131,
CVE-2024-0147, CVE-2024-0149, CVE-2024-0150
Control: tag -7 + wontfix
Control: severity -7 important
Control: reassign -8 src:nvidia-graphics-drivers-tesla 510.85.02-1
Control: retitle -8 nvidia-graphics-drivers-tesla: CVE-2024-0131,
CVE-2024-0147, CVE-2024-0149, CVE-2024-0150
Control: found -8 515.48.07-1
Control: found -8 525.60.13-1
Control: tag -8 + wontfix
Control: close -8 525.147.05-6
Control: reassign -9 src:nvidia-open-gpu-kernel-modules 515.43.04-1
Control: retitle -9 nvidia-open-gpu-kernel-modules: CVE-2024-0131,
CVE-2024-0147, CVE-2024-0149, CVE-2024-0150
Control: found -9 520.56.06-1
Control: found -9 525.85.12-1
Control: found -9 530.30.02-1
Control: found -9 535.43.02-1
Control: found -9 545.23.06-1
Control: found -9 550.40.07-1
Control: found -9 555.42.02-1
Control: found -9 560.28.03-1
Control: found -9 565.57.01-1
Control: reassign -10 src:nvidia-graphics-drivers-tesla-535 535.216.01-1
Control: retitle -10 nvidia-graphics-drivers-tesla-535: CVE-2024-0131,
CVE-2024-0147, CVE-2024-0149, CVE-2024-0150
Control: found -1 340.24-1
Control: found -1 343.22-1
Control: found -1 396.18-1
Control: found -1 430.14-1
Control: found -1 455.23.04-1
Control: found -1 465.24.02-1
Control: found -1 495.44-1
Control: found -1 515.48.07-1
Control: found -1 520.56.06-1
Control: found -1 525.53-1
Control: found -1 530.30.02-1
Control: found -1 535.43.02-1
Control: found -1 545.23.06-1
Control: found -1 550.40.07-1
Control: found -1 555.42.02-1
Control: found -1 560.28.03-1
Control: found -1 565.57.01-1
https://nvidia.custhelp.com/app/answers/detail/a_id/5614
CVE-2024-0150 NVIDIA GPU display driver for Windows and Linux contains
a vulnerability where data is written past the end or before the
beginning of a buffer. A successful exploit of this vulnerability might
lead to information disclosure, denial of service, or data tampering.
CVE-2024-0147 NVIDIA GPU display driver for Windows and Linux contains
a vulnerability where referencing memory after it has been freed can
lead to denial of service or data tampering.
CVE-2024-53869 NVIDIA Unified Memory driver for Linux contains a
vulnerability where an attacker could leak uninitialized memory. A
successful exploit of this vulnerability might lead to information
disclosure.
CVE-2024-0131 NVIDIA GPU kernel driver for Windows and Linux contains
a vulnerability where a potential user-mode attacker could read a
buffer with an incorrect length. A successful exploit of this
vulnerability might lead to denial of service.
CVE-2024-0149 NVIDIA GPU Display Driver for Linux contains a
vulnerability which could allow an attacker unauthorized access to
files. A successful exploit of this vulnerability might lead to limited
information disclosure.
Linux Driver Branch CVEs Addressed
R550 CVE-2024-0131, CVE-2024-0147, CVE-2024-0149,
CVE-2024-0150, CVE-2024-53869
R535 CVE-2024-0131, CVE-2024-0147, CVE-2024-0149,
CVE-2024-0150
Driver Branch Affected Driver Versions Updated Driver
Version
R550 All driver versions prior to 550.144.03 550.144.03
R535 All driver versions prior to 535.230.02 535.230.02
Andreas
--- End Message ---
--- Begin Message ---
Source: nvidia-open-gpu-kernel-modules
Source-Version: 550.144.03-1
Done: Andreas Beckmann <[email protected]>
We believe that the bug you reported is fixed in the latest version of
nvidia-open-gpu-kernel-modules, which is due to be installed in the Debian FTP
archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Andreas Beckmann <[email protected]> (supplier of updated
nvidia-open-gpu-kernel-modules package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Thu, 22 May 2025 08:05:14 +0200
Source: nvidia-open-gpu-kernel-modules
Architecture: source
Version: 550.144.03-1
Distribution: unstable
Urgency: medium
Maintainer: Debian NVIDIA Maintainers <[email protected]>
Changed-By: Andreas Beckmann <[email protected]>
Closes: 1093916
Changes:
nvidia-open-gpu-kernel-modules (550.144.03-1) unstable; urgency=medium
.
* New upstream production and Tesla branch release 550.144.03 (2025-01-16).
* Fixed CVE-2024-0150, CVE-2024-0147, CVE-2024-53869, CVE-2024-0131,
CVE-2024-0149. (Closes: #1093916)
https://nvidia.custhelp.com/app/answers/detail/a_id/5614
* New upstream production branch release 550.142 (2024-12-17).
* Sync with src:nvidia-graphics-drivers.
* Upload to unstable.
Checksums-Sha1:
75858901a39f77bd632afda3ac2d9cd49d5137a7 2681
nvidia-open-gpu-kernel-modules_550.144.03-1.dsc
b300d72c323a0fd419ceb2510e4f7021267deca5 13544304
nvidia-open-gpu-kernel-modules_550.144.03.orig.tar.xz
1573b17445e53e51982a43b14658dff2926a02dd 29576
nvidia-open-gpu-kernel-modules_550.144.03-1.debian.tar.xz
13eb0f60b9b44d8e9ce0d907a4e4bc26880bfa53 5538
nvidia-open-gpu-kernel-modules_550.144.03-1_source.buildinfo
Checksums-Sha256:
ca90773315508dcac479674a644923d7fce9d9c145148934761552eb42e92039 2681
nvidia-open-gpu-kernel-modules_550.144.03-1.dsc
33f5ef9723cfe0022b9537cd9bc8e88f926fe0751ee555e148b2c52688d49027 13544304
nvidia-open-gpu-kernel-modules_550.144.03.orig.tar.xz
7c9204e55843c5e9c0828df9396cba26144917f01f663f37cbf4ba8872a1c961 29576
nvidia-open-gpu-kernel-modules_550.144.03-1.debian.tar.xz
ce37d4a59aacc150001fafbe1a045eb8ae65e5cb07e65588924ab5abc3e3c2a5 5538
nvidia-open-gpu-kernel-modules_550.144.03-1_source.buildinfo
Files:
b654645c62b9a9ead0dd89141c26e3cc 2681 contrib/kernel optional
nvidia-open-gpu-kernel-modules_550.144.03-1.dsc
50ad19e43061d4760f12684a1ba11576 13544304 contrib/kernel optional
nvidia-open-gpu-kernel-modules_550.144.03.orig.tar.xz
730ab8d26abf35e0581239e971e9b9db 29576 contrib/kernel optional
nvidia-open-gpu-kernel-modules_550.144.03-1.debian.tar.xz
8d20549f4c549b386c3cbd63727fd52f 5538 contrib/kernel optional
nvidia-open-gpu-kernel-modules_550.144.03-1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQJEBAEBCAAuFiEE6/MKMKjZxjvaRMaUX7M/k1np7QgFAmguwicQHGFuYmVAZGVi
aWFuLm9yZwAKCRBfsz+TWentCAlvEACB/+VY4wz16ZAJanuKotWHmuva7lWOeGuK
9XrK4AfRfaZM0SAWlcGxDUwzSE8vc50iSSjWuDebOpN7N7LdOON0BQaHQgqQ4Qwe
CH6WnKPpqagzww+limRbRwWHdUtNns/SNuFmbZZvp5qj4+/5SShMgF9CFXTAvZ2f
47fsoG0lWKTYSB283N04UgSDzp5XUVyb0P4y8cUnjzrL4+QiE/w981jxJYQmvBXC
OBQC7J3Ghalzfb8p6rrJlrZ9nyUWDuEtjG4mCnGdkQrC6Co4W4FMmPaC8w1t7Ku0
qwSYcAWj/xVPe3UAJHRETwBXLlSTpKTnLVq06Z9zCdJVf7mX9nKGwUSmvelJ+Osa
FLs6F+mdWzTYQKhQKlf5XXULGbwEmrOnEY4sPDatj2hu9eAnXVxJrVvZEo8w7KeT
vCs8ABsTZGDVrxmjt78jEso+H1KG6E6MXoYYxZI/ipYawg83drUpJ+Y884gV/TJW
wp8RruCcmgNbzQjO9AKkYdM5ayz+m6pJRXbQCiwdi7j4zxFLDlHvLgdTCHAHhuOg
tMGRyAzNJbOGFnkrG9vEzaTwiGTVZXQfz0qnzZlR2NnZdsYC9e6hWGN30vWzzT0Y
NDTP34zgPK77cI9eU2f22t6OwgaJpQaVGs2VUMgDWTg2UM3erksNyJ9gDrJeed94
c5YcM3KikA==
=jzTO
-----END PGP SIGNATURE-----
pgpiUfYHTIGrr.pgp
Description: PGP signature
--- End Message ---
