Bug#1016614: marked as done (nvidia-graphics-drivers: CVE-2022-31607, CVE-2022-31608, CVE-2022-31615)

Debian Bug Tracking System Sat, 03 Sep 2022 05:51:40 -0700

Your message dated Sat, 03 Sep 2022 12:49:15 +0000
with message-id <e1ousaj-00edai...@fasolo.debian.org>
and subject line Bug#1016614: fixed in nvidia-graphics-drivers-tesla-470 
470.141.03-1~deb11u1
has caused the Debian Bug report #1016614,
regarding nvidia-graphics-drivers: CVE-2022-31607, CVE-2022-31608, 
CVE-2022-31615
to be marked as done.


This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
1016614: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016614
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

--- Begin Message ---

Source: nvidia-graphics-drivers
Severity: serious
Tags: security upstream
Control: clone -1 -2 -3 -4 -5 -6 -7 -8
Control: reassign -2 src:nvidia-graphics-drivers-legacy-340xx 340.76-6
Control: retitle -2 nvidia-graphics-drivers-legacy-340xx: CVE-2022-31607, 
CVE-2022-31608, CVE-2022-31615
Control: tag -2 + wontfix
Control: reassign -3 src:nvidia-graphics-drivers-legacy-390xx 390.48-4
Control: retitle -3 nvidia-graphics-drivers-legacy-390xx: CVE-2022-31607, 
CVE-2022-31608, CVE-2022-31615
Control: reassign -4 src:nvidia-graphics-drivers-tesla-418 418.87.01-1
Control: retitle -4 nvidia-graphics-drivers-tesla-418: CVE-2022-31607, 
CVE-2022-31608, CVE-2022-31615
Control: tag -4 + wontfix
Control: reassign -5 src:nvidia-graphics-drivers-tesla-450 450.51.05-1
Control: retitle -5 nvidia-graphics-drivers-tesla-450: CVE-2022-31607, 
CVE-2022-31608, CVE-2022-31615
Control: reassign -6 src:nvidia-graphics-drivers-tesla-460 460.32.03-1
Control: retitle -6 nvidia-graphics-drivers-tesla-460: CVE-2022-31607, 
CVE-2022-31608, CVE-2022-31615
Control: tag -6 + wontfix
Control: close -6 460.106.00-3
Control: reassign -7 src:nvidia-graphics-drivers-tesla-470 470.57.02-1
Control: retitle -7 nvidia-graphics-drivers-tesla-470: CVE-2022-31607, 
CVE-2022-31608, CVE-2022-31615
Control: reassign -8 src:nvidia-graphics-drivers-tesla-510 510.47.03-1
Control: retitle -8 nvidia-graphics-drivers-tesla-510: CVE-2022-31607, 
CVE-2022-31608, CVE-2022-31615
Control: found -1 340.24-1
Control: found -1 343.22-1
Control: found -1 396.18-1
Control: found -1 430.14-1
Control: found -1 455.23.04-1
Control: found -1 465.24.02-1
Control: found -1 495.44-1

https://nvidia.custhelp.com/app/answers/detail/a_id/5383

CVE-2022-31607  NVIDIA GPU Display Driver for Linux contains a
vulnerability in the kernel mode layer (nvidia.ko), where a local user
with basic capabilities can cause improper input validation, which may
lead to denial of service, escalation of privileges, data tampering, and
limited information disclosure.

CVE-2022-31608  NVIDIA GPU Display Driver for Linux contains a
vulnerability in an optional D-Bus configuration file, where a local
user with basic capabilities can impact protected D-Bus endpoints, which
may lead to code execution, denial of service, escalation of privileges,
information disclosure, and data tampering.

CVE-2022-31615  NVIDIA GPU Display Driver for Linux contains a
vulnerability in the kernel mode layer, where a local user with basic
capabilities can cause a null-pointer dereference, which may lead to
denial of service.

Linux Driver Branch             CVE IDs Addressed
R515, R510, R470, R450, R390    CVE-2022-31607, CVE-2022-31608, CVE-2022-31615


Andreas

--- End Message ---

--- Begin Message ---

Source: nvidia-graphics-drivers-tesla-470
Source-Version: 470.141.03-1~deb11u1
Done: Andreas Beckmann <a...@debian.org>

We believe that the bug you reported is fixed in the latest version of
nvidia-graphics-drivers-tesla-470, which is due to be installed in the Debian 
FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 1016...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Andreas Beckmann <a...@debian.org> (supplier of updated 
nvidia-graphics-drivers-tesla-470 package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Fri, 02 Sep 2022 11:49:52 +0200
Source: nvidia-graphics-drivers-tesla-470
Architecture: source
Version: 470.141.03-1~deb11u1
Distribution: bullseye
Urgency: medium
Maintainer: Debian NVIDIA Maintainers <pkg-nvidia-de...@lists.alioth.debian.org>
Changed-By: Andreas Beckmann <a...@debian.org>
Closes: 1016614 1016620 1016736
Changes:
 nvidia-graphics-drivers-tesla-470 (470.141.03-1~deb11u1) bullseye; 
urgency=medium
 .
   * Rebuild for bullseye.
 .
 nvidia-graphics-drivers-tesla-470 (470.141.03-1) unstable; urgency=medium
 .
   * New upstream Tesla release 470.141.03 (2022-08-02).
     * Fixed CVE-2022-31607, CVE-2022-31608, CVE-2022-31615. (Closes: #1016620)
       https://nvidia.custhelp.com/app/answers/detail/a_id/5383
     - Added support for the following GPU: GeForce RTX 3050 OEM.
     * Improved compatibility with recent Linux kernels.
 .
   [ Andreas Beckmann ]
   * Re-enable autopkgtest on ppc64el, fixed in Linux 5.19.
 .
 nvidia-graphics-drivers (470.141.03-1~deb11u1) bullseye; urgency=medium
 .
   * Rebuild for bullseye.
 .
 nvidia-graphics-drivers (470.141.03-1) unstable; urgency=medium
 .
   * New upstream production branch release 470.141.03 (2022-08-02).
     * Fixed CVE-2022-31607, CVE-2022-31608, CVE-2022-31615. (Closes: #1016614)
       https://nvidia.custhelp.com/app/answers/detail/a_id/5383
     - Added support for the following GPU: GeForce RTX 3050 OEM.
     * Improved compatibility with recent Linux kernels.  (Closes: #1016736)
 .
   [ Andreas Beckmann ]
   * Replace obsolete pci_*() functions with their dma_*() counterparts in
     ppc64el specific code paths to fix kernel module build for ppc64el.
   * Refresh patches.
   * Update nv-readme.ids.
   * More generic handling of architectures with gsp firmware.
   * Drop references to kernel-package and make-kpkg, gone since stretch.
   * Overhaul build-module-packages.sh.
   * Add module-assistant based autopkgtest for the *-source package.
   * Simplify changelog management for the *-source package.
   * Copy the Source stanza from d/control to the module control file.
Checksums-Sha1:
 c8ecefd4a4aae321786c438ab3432d9ce3a43446 8051 
nvidia-graphics-drivers-tesla-470_470.141.03-1~deb11u1.dsc
 c79ac9bcefc816dafde784a7b26b9fee4ebc9505 211036 
nvidia-graphics-drivers-tesla-470_470.141.03-1~deb11u1.debian.tar.xz
 46289e44205c87420eb5018e0e7037bf82b91bc8 8221 
nvidia-graphics-drivers-tesla-470_470.141.03-1~deb11u1_source.buildinfo
Checksums-Sha256:
 85c66c7c4f54f26d841d76a2aa9f1582fdb817d5bb265345baf3aecc0dac3e39 8051 
nvidia-graphics-drivers-tesla-470_470.141.03-1~deb11u1.dsc
 43e49b98124e53180299dc0c266c730fb27bbe0da875d5d81a4bdcb87700dfcc 211036 
nvidia-graphics-drivers-tesla-470_470.141.03-1~deb11u1.debian.tar.xz
 ef01983dc9c58561fa8c24f060eb57a757ee6759f66d3b94decb5efe7613adb2 8221 
nvidia-graphics-drivers-tesla-470_470.141.03-1~deb11u1_source.buildinfo
Files:
 e313d14b6ae5dce25dec39bd7f310560 8051 non-free/libs optional 
nvidia-graphics-drivers-tesla-470_470.141.03-1~deb11u1.dsc
 3190845a716813f2a5c816d2d5d95dcd 211036 non-free/libs optional 
nvidia-graphics-drivers-tesla-470_470.141.03-1~deb11u1.debian.tar.xz
 894540e4bb40a2eeda80386ea9787d4c 8221 non-free/libs optional 
nvidia-graphics-drivers-tesla-470_470.141.03-1~deb11u1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJEBAEBCAAuFiEE6/MKMKjZxjvaRMaUX7M/k1np7QgFAmMR0wwQHGFuYmVAZGVi
aWFuLm9yZwAKCRBfsz+TWentCGgQEACrIj73J3MrdGKDzujiviKzg2fopDvUJwJw
8KSiVku0J7tCE8kVwlD5oYq3wA17SIsxM/0UNSRJZxdp4qPH44Gi92Xe1LimMqmG
qnHs0u/P+3qcS49GQGIQggqrhyDwLlBlGcRpdJH8q35pkjstq391srUevF0cg/oQ
dA9BuSBrGD833xnYSR6gOdR60K6T5KioG0x6X9bZAYQ5L5fZhpyU+cwm0uCEgMni
+FRgZ/3UmMzcgYt9QONM2gJ1msSlXFuchkRSer0qY+mf7SYwjRtMT6SwSOzA1j65
rDGEJwHdlyvD/+w371fWGUilS3nNio72311VlBNxpfMOBcUCGhlmKRSowac4O/lk
C/aYCJk2b7ylJWp2YOa5/W8OfSctc8s1FmqDkJumw2WQFbMG7iqSyTyjniqWJQ1O
TcjZt7UXDnIXk0Z7J/oc563HRFn7Wym9pT5NsWN7Ayr3FCMuSVC9nxc+Z8chsoJC
HSsh8PaqCRpV2uty7/dGRoovGm3xfnGwyNElfU62j+9yYUgtxZiftNOOrjAmfInr
K+xjg0oTP3wX0PP8/Kwai8ihwZFrjkVHr2kvh6+IXhQqd+3o4B62rOhtNjmulO8D
VvtfwjBMRyRs8KjEdj1AS/6emlM2k1D1tP66DtHCbF8Mwx7Fu68x07B141elp7mV
+4K0VKj9Kw==
=e5Yb
-----END PGP SIGNATURE-----

--- End Message ---

Bug#1016614: marked as done (nvidia-graphics-drivers: CVE-2022-31607, CVE-2022-31608, CVE-2022-31615)

Reply via email to