Bug#1064989: marked as done (nvidia-graphics-drivers-tesla-470: CVE-2024-0074, CVE-2022-42265, CVE-2024-0078)

Mon, 25 Mar 2024 12:21:16 -0700 

Your message dated Mon, 25 Mar 2024 19:18:16 +0000
with message-id <e1roppo-00eipg...@fasolo.debian.org>
and subject line Bug#1064989: fixed in nvidia-graphics-drivers-tesla-470 
470.239.06-1~deb12u1
has caused the Debian Bug report #1064989,
regarding nvidia-graphics-drivers-tesla-470: CVE-2024-0074, CVE-2022-42265, 
CVE-2024-0078
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
1064989: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1064989
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message --- 
Source: nvidia-graphics-drivers
Severity: serious
Tags: security upstream
X-Debbugs-Cc: Debian Security Team <t...@security.debian.org>
Control: clone -1 -2 -3 -4 -5 -6 -7 -8 -9
Control: reassign -2 src:nvidia-graphics-drivers-legacy-340xx 340.76-6
Control: retitle -2 nvidia-graphics-drivers-legacy-340xx: CVE-2024-0074, 
CVE-2022-42265, CVE-2024-0078
Control: tag -2 + wontfix
Control: reassign -3 src:nvidia-graphics-drivers-legacy-390xx 390.48-4
Control: retitle -3 nvidia-graphics-drivers-legacy-390xx: CVE-2024-0074, 
CVE-2022-42265, CVE-2024-0078
Control: tag -3 + wontfix
Control: reassign -4 src:nvidia-graphics-drivers-tesla-418 418.87.01-1
Control: retitle -4 nvidia-graphics-drivers-tesla-418: CVE-2024-0074, 
CVE-2022-42265, CVE-2024-0078
Control: tag -4 + wontfix
Control: reassign -5 src:nvidia-graphics-drivers-tesla-450 450.51.05-1
Control: retitle -5 nvidia-graphics-drivers-tesla-450: CVE-2024-0074, 
CVE-2022-42265, CVE-2024-0078
Control: tag -5 + wontfix
Control: close -5 450.248.02-4
Control: reassign -6 src:nvidia-graphics-drivers-tesla-460 460.32.03-1
Control: retitle -6 nvidia-graphics-drivers-tesla-460: CVE-2024-0074, 
CVE-2022-42265, CVE-2024-0078
Control: tag -6 + wontfix
Control: close -6 460.106.00-3
Control: reassign -7 src:nvidia-graphics-drivers-tesla-470 470.57.02-1
Control: retitle -7 nvidia-graphics-drivers-tesla-470: CVE-2024-0074, 
CVE-2022-42265, CVE-2024-0078
Control: reassign -8 src:nvidia-graphics-drivers-tesla 510.85.02-1
Control: retitle -8 nvidia-graphics-drivers-tesla: CVE-2024-0074, 
CVE-2024-0075, CVE-2024-0078
Control: found -8 515.48.07-1
Control: found -8 525.60.13-1
Control: tag -8 + wontfix
Control: close -8 525.147.05-6
Control: reassign -9 src:nvidia-open-gpu-kernel-modules 515.43.04-1
Control: retitle -9 nvidia-open-gpu-kernel-modules: CVE-2024-0074, 
CVE-2024-0075, CVE-2024-0078
Control: found -9 520.56.06-1
Control: found -9 525.85.12-1
Control: found -9 530.30.02-1
Control: found -9 535.43.02-1
Control: found -9 545.23.06-1
Control: found -9 550.40.07-1
Control: found -1 340.24-1
Control: found -1 343.22-1
Control: found -1 396.18-1
Control: found -1 430.14-1
Control: found -1 455.23.04-1
Control: found -1 465.24.02-1
Control: found -1 495.44-1
Control: found -1 515.48.07-1
Control: found -1 520.56.06-1
Control: found -1 525.53-1
Control: found -1 530.30.02-1
Control: found -1 535.43.02-1
Control: found -1 545.23.06-1
Control: found -1 550.40.07-1
Control: fixed -7 470.239.06-1

https://nvidia.custhelp.com/app/answers/detail/a_id/5520

CVE-2024-0074   NVIDIA GPU Display Driver for Linux contains a
vulnerability where an attacker may access a memory location after the
end of the buffer. A successful exploit of this vulnerability may lead
to denial of service and data tampering.

CVE-2024-0075   NVIDIA GPU Display Driver for Windows and Linux contains
a vulnerability where a user may cause a NULL-pointer dereference by
accessing passed parameters the validity of which has not been checked.
A successful exploit of this vulnerability may lead to denial of service
and limited information disclosure.

CVE-2024-0078   NVIDIA GPU Display Driver for Windows and Linux contains
a vulnerability in the kernel mode layer, where a user in a guest can
cause a NULL-pointer dereference in the host, which may lead to denial
of service.

CVE-2022-42265  NVIDIA GPU Display Driver for Windows and Linux contains
a vulnerability in the kernel mode layer handler, where an unprivileged
regular user can cause integer overflow, which may lead to denial of
service, information disclosure, and data tampering.

Linux Driver Branch     CVE IDs Addressed
R550, R545, R535        CVE-2024-0074, CVE-2024-0075
R470                    CVE-2024-0074, CVE-2022-42265

Driver Branch   Affected Driver Versions                        Updated Driver 
Version
R550            All driver versions prior to 550.54.14          550.54.14
R535            All driver versions prior to 535.161.07         535.161.07
R470            All driver versions prior to 470.239.06         470.239.06
R470            All driver versions prior to 470.223.02         470.223.02


Security Updates for NVIDIA vGPU Software
Security Updates for NVIDIA Cloud Gaming

Linux Driver Branch     CVE IDs Addressed
R535                    CVE-2024-0074, CVE-2024-0075, CVE-2024-0078
R470                    CVE-2024-0074, CVE-2024-0078, CVE-2022-42265

Andreas

--- End Message ---
--- Begin Message --- 
Source: nvidia-graphics-drivers-tesla-470
Source-Version: 470.239.06-1~deb12u1
Done: Andreas Beckmann <a...@debian.org>

We believe that the bug you reported is fixed in the latest version of
nvidia-graphics-drivers-tesla-470, which is due to be installed in the Debian 
FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 1064...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Andreas Beckmann <a...@debian.org> (supplier of updated 
nvidia-graphics-drivers-tesla-470 package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Sun, 03 Mar 2024 22:10:45 +0100
Source: nvidia-graphics-drivers-tesla-470
Architecture: source
Version: 470.239.06-1~deb12u1
Distribution: bookworm
Urgency: medium
Maintainer: Debian NVIDIA Maintainers <pkg-nvidia-de...@lists.alioth.debian.org>
Changed-By: Andreas Beckmann <a...@debian.org>
Closes: 1064983 1064989
Changes:
 nvidia-graphics-drivers-tesla-470 (470.239.06-1~deb12u1) bookworm; 
urgency=medium
 .
   * Rebuild for bookworm.
 .
 nvidia-graphics-drivers-tesla-470 (470.239.06-1) unstable; urgency=medium
 .
   * New upstream long term support branch release 470.239.06 (2024-02-22).
     * Fixed CVE-2024-0074, CVE-2024-0078, CVE-2022-42265.  (Closes: #1064989)
       https://nvidia.custhelp.com/app/answers/detail/a_id/5520
     * Improved compatibility with recent Linux kernels.
 .
   [ Andreas Beckmann ]
   * Refresh patches.
 .
 nvidia-graphics-drivers (470.239.06-1) bullseye; urgency=medium
 .
   * New upstream long term support branch release 470.239.06 (2024-02-22).
     * Fixed CVE-2024-0074, CVE-2024-0078, CVE-2022-42265.  (Closes: #1064983)
       https://nvidia.custhelp.com/app/answers/detail/a_id/5520
     * Improved compatibility with recent Linux kernels.
 .
   [ Andreas Beckmann ]
   * Refresh patches.
   * Upload to bullseye.
Checksums-Sha1:
 f170fc671c769ea26f0f02d3f8cb28a431b5de80 8024 
nvidia-graphics-drivers-tesla-470_470.239.06-1~deb12u1.dsc
 b4e0c31ca6de60b4cfd034b1f93e08e7d467e8ee 214032 
nvidia-graphics-drivers-tesla-470_470.239.06-1~deb12u1.debian.tar.xz
 00bc459e8118ee710859dd88bed132500a260fed 8012 
nvidia-graphics-drivers-tesla-470_470.239.06-1~deb12u1_source.buildinfo
Checksums-Sha256:
 6a6b13544d3b1f4532b26a6891a53e702fa978d3ab8ce50548d59143fbba9421 8024 
nvidia-graphics-drivers-tesla-470_470.239.06-1~deb12u1.dsc
 7d74ff043e5292ab12249120f736060ad212966fcd78623d860f8a5636661a4b 214032 
nvidia-graphics-drivers-tesla-470_470.239.06-1~deb12u1.debian.tar.xz
 e177b1d7eb7d7977ae4ddbe2230bd3f8e6a918cd9121081ab20ee029ac5cea84 8012 
nvidia-graphics-drivers-tesla-470_470.239.06-1~deb12u1_source.buildinfo
Files:
 deb0c9f3d412b360077cfef64956716c 8024 non-free/libs optional 
nvidia-graphics-drivers-tesla-470_470.239.06-1~deb12u1.dsc
 c6bd40a1907dd6a5c748fed67765b889 214032 non-free/libs optional 
nvidia-graphics-drivers-tesla-470_470.239.06-1~deb12u1.debian.tar.xz
 7cec1e1a9f320c8bd9bac319443d23db 8012 non-free/libs optional 
nvidia-graphics-drivers-tesla-470_470.239.06-1~deb12u1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJEBAEBCAAuFiEE6/MKMKjZxjvaRMaUX7M/k1np7QgFAmXk6VEQHGFuYmVAZGVi
aWFuLm9yZwAKCRBfsz+TWentCILVD/wKvhHdycUO2wlqi7fHdo2xLZ7EK1K/CXzS
R01X5LPNF/kuHpyBtOnSTEwpbxCR2CnPUFLeAebDBzzKCyQeLo1oKvjuwoOc0rdt
PQBXFF+pnis1409F1/AmRhstaVu+LoV/hdIwuVhg4xAfqcGx8FC55fFCfxzB5QDc
oE3tywdraseQoGjfrq3n89+3lE02G95ebpLGQSaZviYF9A1wdLvLVpAlPlom9EUg
cs8Fe57t6otgRGntPjVk/GUZ1A9EOLb47e5Ww6xrETVCPk8QL9G2wE9d1GiQ7MRI
Q+9koEUoH9T8RMYo3+dIaoHKhXta1tmKiUB7v26Frn7snYQdPEB6nAk1yolNAYv7
WtDDA2whC88r+MMZa6Ct0xlT/qVGeAiOia8OSrnBR/eesyxe1kVQG1c5UPr7i/wV
5nGYe2pLdhfBCAljH1UodyW8cE7wYFw2l86O3oarljth5qCWiEF8PYNBTng9uc2q
zq+J6pXrWF1usKGrTrvIjm6H/i8mBK6Hhxk8Ot7AzomGa0/uevs9S1V4CGZBL0UF
NKgDC7G3+R5QKUtvBaVpGXVYxYb5nuXGZP10aSn4NwuxyrgCNovKlKNH5K6MekbK
V3RKgh1SvD1iSAUu6Nmgzk3ulPVLw/asfmaRM4bkPm91shZn+f0VBAtOAeWnFCwm
Rc1h73OTaQ==
=8/RR
-----END PGP SIGNATURE-----

Attachment: pgpHTWIAF6vqj.pgp
Description: PGP signature


--- End Message ---

Reply via email to