Bug#979672: marked as done (nvidia-graphics-drivers-legacy-390xx: CVE-2021-1056)

Sat, 30 Jan 2021 14:48:33 -0800 

Your message dated Sat, 30 Jan 2021 22:47:09 +0000
with message-id <e1l5z1j-000bos...@fasolo.debian.org>
and subject line Bug#979672: fixed in nvidia-graphics-drivers-legacy-390xx 
390.141-2~deb10u1
has caused the Debian Bug report #979672,
regarding nvidia-graphics-drivers-legacy-390xx: CVE-2021-1056
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
979672: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=979672
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message --- 
Source: nvidia-graphics-drivers
Severity: serious
Tags: security upstream
Control: clone -1 -2 -3 -4 -5 -6
Control: reassign -2 src:nvidia-graphics-drivers-legacy-340xx
Control: retitle -2 nvidia-graphics-drivers-legacy-340xx: CVE‑2021‑1056
Control: reassign -3 src:nvidia-graphics-drivers-legacy-390xx
Control: retitle -3 nvidia-graphics-drivers-legacy-390xx: CVE‑2021‑1056
Control: reassign -4 src:nvidia-graphics-drivers-tesla-418
Control: retitle -4 nvidia-graphics-drivers-tesla-418: CVE‑2021‑1056
Control: reassign -5 src:nvidia-graphics-drivers-tesla-440
Control: retitle -5 nvidia-graphics-drivers-tesla-440: CVE‑2021‑1056
Control: reassign -6 src:nvidia-graphics-drivers-tesla-450
Control: retitle -6 nvidia-graphics-drivers-tesla-450: CVE‑2021‑1052, 
CVE‑2021‑1053, CVE‑2021‑1056
Control: found -1 340.24-1
Control: found -1 343.22-1
Control: found -1 396.18-1
Control: found -1 430.14-1
Control: found -1 450.51-1
Control: found -1 455.23.04-1

https://nvidia.custhelp.com/app/answers/detail/a_id/5142

CVE‑2021‑1052   NVIDIA GPU Display Driver for Windows and Linux contains
a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for
DxgkDdiEscape or IOCTL in which user-mode clients can access legacy
privileged APIs, which may lead to denial of service, escalation of
privileges, and information disclosure.

CVE‑2021‑1053   NVIDIA GPU Display Driver for Windows and Linux contains
a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for
DxgkDdiEscape or IOCTL in which improper validation of a user pointer
may lead to denial of service.

CVE‑2021‑1056   NVIDIA GPU Display Driver for Linux contains a
vulnerability in the kernel mode layer (nvidia.ko) in which it does not
completely honor operating system file system permissions to provide
GPU device-level isolation, which may lead to denial of service or
information disclosure.

CVE‑2021‑1052 and CVE‑2021‑1053 affect R460 and R450 driver branches only.


Andreas

--- End Message ---
--- Begin Message --- 
Source: nvidia-graphics-drivers-legacy-390xx
Source-Version: 390.141-2~deb10u1
Done: Andreas Beckmann <a...@debian.org>

We believe that the bug you reported is fixed in the latest version of
nvidia-graphics-drivers-legacy-390xx, which is due to be installed in the 
Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 979...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Andreas Beckmann <a...@debian.org> (supplier of updated 
nvidia-graphics-drivers-legacy-390xx package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Sat, 23 Jan 2021 18:04:20 +0100
Source: nvidia-graphics-drivers-legacy-390xx
Architecture: source
Version: 390.141-2~deb10u1
Distribution: buster
Urgency: medium
Maintainer: Debian NVIDIA Maintainers <pkg-nvidia-de...@lists.alioth.debian.org>
Changed-By: Andreas Beckmann <a...@debian.org>
Closes: 969085 969755 969889 969894 970093 970390 972468 972511 979672
Changes:
 nvidia-graphics-drivers-legacy-390xx (390.141-2~deb10u1) buster; urgency=medium
 .
   * Rebuild for buster.
 .
 nvidia-graphics-drivers-legacy-390xx (390.141-2) unstable; urgency=medium
 .
   * Really re-enable building the nvidia-uvm module.
 .
 nvidia-graphics-drivers-legacy-390xx (390.141-1) unstable; urgency=medium
 .
   * New upstream legacy branch release 390.141 (2021-01-07).
     * Fixed CVE-2021-1056.  (Closes: #979672)
       https://nvidia.custhelp.com/app/answers/detail/a_id/5142
     - Fixed a driver installation failure on Linux kernel 5.8 release
       candidates, where the NVIDIA kernel module failed to build with error
       "'struct mm_struct' has no member named 'mmap_sem'".
     - Fixed a driver installation failure on Linux kernel 5.8 release
       candidates, where the NVIDIA kernel module failed to build with error
       "too many arguments to function '__vmalloc'".
     * Improved compatibility with recent Linux kernels.
 .
   [ Andreas Beckmann ]
   * Re-enable building the nvidia-uvm module.
   * Refresh patches.
   * Update glvnd symbols files.
   * Update lintian overrides.
 .
 nvidia-graphics-drivers-legacy-390xx (390.138-6) unstable; urgency=medium
 .
   * Backport drm_prime_pages_to_sg_has_drm_device_arg and get_dma_ops changes
     from 455.45.01 to fix kernel module build for Linux 5.10.
   * Bump watch file version to 4.
   * Bump Standards-Version to 4.5.1. No changes needed.
 .
 nvidia-graphics-drivers-legacy-390xx (390.138-5) unstable; urgency=medium
 .
   * Backport get_user_pages_remote, vga_tryget,
     drm_driver_has_gem_free_object, drm_display_mode_has_vrefresh,
     drm_driver_master_set_has_int_return_type and drm_gem_object_put_unlocked
     changes from 455.23.04 to fix kernel module build for Linux 5.9.
     (Closes: #972468, #972511)
 .
 nvidia-graphics-drivers-legacy-390xx (390.138-4) unstable; urgency=medium
 .
   * Do not break non-uvm architectures when disabling the uvm module.
     (Closes: #970390)
 .
 nvidia-graphics-drivers-legacy-390xx (390.138-3) unstable; urgency=medium
 .
   * Temporarily disable building the nvidia-uvm module.
     (Closes: #969085, #969755, #969889, #969894, #970093)
   * Update lintian overrides.
 .
 nvidia-graphics-drivers-legacy-390xx (390.138-2) unstable; urgency=medium
 .
   [ Andreas Beckmann ]
   * Allow alternative libnvidia-{tesla,legacy}-*-cfg1 packages to substitute
     libnvidia-cfg1 in third-party packages (450.57-2).
     - Add Provides: libnvidia-cfg.so.1 (= ${nvidia:Version}).
     - Generate alternative versioned dependency on libnvidia-cfg.so.1 through
       the symbols file.
   * Test that the patches can be applied to the module source (450.66-1).
   * nvidia-kernel-dkms: Ship with unapplied patches and apply the patches
     while building kernel modules (450.66-1).
   * Simplify generating the -source and -dkms packages (450.66-1).
   * Backport nv_vmalloc changes from 450.57
     and work around mmap_{sem=>lock} rename
     to fix kernel module build for Linux 5.8.  (Partly addresses #969085)
   * Update lintian overrides.
 .
   [ Vincent Cheng ]
   * Remove myself from Uploaders.
Checksums-Sha1:
 06eb7f3fbb8b5679a881885ca1362a21f68187b7 7630 
nvidia-graphics-drivers-legacy-390xx_390.141-2~deb10u1.dsc
 53f63ea54c960af1035b63ce05bac72d20b36ad0 175420 
nvidia-graphics-drivers-legacy-390xx_390.141-2~deb10u1.debian.tar.xz
 f9214878575f15a8c3616060ef0caf09aa48ffee 8045 
nvidia-graphics-drivers-legacy-390xx_390.141-2~deb10u1_source.buildinfo
Checksums-Sha256:
 0d986a1f9fc156e97df2de07c27b6cd6ca3ede37db5901709ca886d70afb2269 7630 
nvidia-graphics-drivers-legacy-390xx_390.141-2~deb10u1.dsc
 c764fcac2190363a8d0f91f1984e675c7bc757b9a23dd88d0d9a8e12187e2fb4 175420 
nvidia-graphics-drivers-legacy-390xx_390.141-2~deb10u1.debian.tar.xz
 05ab73f2c94fc2c1c23012d92df624ee511b051f720095588de6403ef342e2f3 8045 
nvidia-graphics-drivers-legacy-390xx_390.141-2~deb10u1_source.buildinfo
Files:
 01d9f94533c4389bb6d7819ff329ca63 7630 non-free/libs optional 
nvidia-graphics-drivers-legacy-390xx_390.141-2~deb10u1.dsc
 7c3423e2ce72bbda0f798fbd3beb4c55 175420 non-free/libs optional 
nvidia-graphics-drivers-legacy-390xx_390.141-2~deb10u1.debian.tar.xz
 1c2fa4746639c7e09ea7a144f85d293f 8045 non-free/libs optional 
nvidia-graphics-drivers-legacy-390xx_390.141-2~deb10u1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJEBAEBCAAuFiEE6/MKMKjZxjvaRMaUX7M/k1np7QgFAmAMV/gQHGFuYmVAZGVi
aWFuLm9yZwAKCRBfsz+TWentCK8qD/sGx2adSACLkDwEQ5D62ixjGrgHDaEcnq9M
/lB2mQmDVkNuucnSWhnNagu1l9qSKf3i5JbPUuzUOzWkiYqiKoc7bkZHgwwXaQh7
KP2Xsipo3GSPFWenhwWMPB+bEphnY4nziWgUfYBAcWDRoLv+ldqgqsVaEjio9z0G
Ttwl075dv68A+lSc7P3hKndXmTX040f2tRdsrOpLLxjE/YyvcvD3m+gc07B7lw8F
eafvmvS0T6NXmDzeBkovOvY5QZAiBjDWq4l5Jy9sMkJqdMQginDCefc2eVCKmKSF
PpE6jU2HhT6S4QVzkv5MMB8a4dRUVSZsKqlUT2XeJfPqbSFXwRrgtw6rol9GCR5T
KTRegEYvqVzhj+s4/QCfGTNvY33Yo9HM+bh2t8XVYdF1aEGdgKjEClDz1Nawjesv
+gEh4RNarM5XzhGsRp9QktoBjROnSOg0BCTP//x+Y3JYjB0iDY+iSQZftI+GIGG4
C5Y0ACC47j9BBb//XWrSwG4TiQxjHUu8tBkRknDAz94vS/q4DkOFwOy9zPW83f7t
lAShDV5G/x3yz4v4F+1qHtAVV3cUID0PaPu3wkiDsCSGuiyhM1yreNwFBjF297L0
xcPqcamPCuXhsOazB67LC47YjlwZr9W3Z1jdu8X+gfX74zUqxZOJakR5n+WnVoVA
JBiCqPtqAw==
=9Vz9
-----END PGP SIGNATURE-----

--- End Message ---

Reply via email to