Bug#1025286: marked as done (nvidia-graphics-drivers-tesla-510: CVE-2022-34670, CVE-2022-34674, CVE-2022-34675, CVE-2022-34677, CVE-2022-34679, CVE-2022-34680, CVE-2022-34682, CVE-2022-34684, CVE-2022-42254, CVE-2022-42255, CVE-2022-42256, CVE-2022-42257, CVE-2022-42258, CVE-2022-42259, CVE-2022-42260, CVE-2022-42261, CVE-2022-42262, CVE-2022-42263, CVE-2022-42264)

[Debian Bug Tracking System]

Your message dated Mon, 12 Dec 2022 23:50:46 +0000
with message-id <e1p4szk-00hddh...@fasolo.debian.org>
and subject line Bug#1025286: fixed in nvidia-graphics-drivers-tesla-510 
510.108.03-1
has caused the Debian Bug report #1025286,
regarding nvidia-graphics-drivers-tesla-510: CVE-2022-34670, CVE-2022-34674, 
CVE-2022-34675, CVE-2022-34677, CVE-2022-34679, CVE-2022-34680, CVE-2022-34682, 
CVE-2022-34684, CVE-2022-42254, CVE-2022-42255, CVE-2022-42256, CVE-2022-42257, 
CVE-2022-42258, CVE-2022-42259, CVE-2022-42260, CVE-2022-42261, CVE-2022-42262, 
CVE-2022-42263, CVE-2022-42264
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
1025286: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1025286
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

--- Begin Message ---

Source: nvidia-graphics-drivers
Severity: serious
Tags: security upstream
Control: clone -1 -2 -3 -4 -5 -6 -7 -8 -9
Control: reassign -2 src:nvidia-graphics-drivers-legacy-340xx 340.76-6
Control: retitle -2 nvidia-graphics-drivers-legacy-340xx: CVE-2022-34670, 
CVE-2022-34674, CVE-2022-34675, CVE-2022-34677, CVE-2022-34680, CVE-2022-42257, 
CVE-2022-42258, CVE-2022-42259
Control: tag -2 + wontfix
Control: reassign -3 src:nvidia-graphics-drivers-legacy-390xx 390.48-4
Control: retitle -3 nvidia-graphics-drivers-legacy-390xx: CVE-2022-34670, 
CVE-2022-34674, CVE-2022-34675, CVE-2022-34677, CVE-2022-34680, CVE-2022-42257, 
CVE-2022-42258, CVE-2022-42259
Control: reassign -4 src:nvidia-graphics-drivers-tesla-418 418.87.01-1
Control: retitle -4 nvidia-graphics-drivers-tesla-418: CVE-2022-34670, 
CVE-2022-34674, CVE-2022-34675, CVE-2022-34677, CVE-2022-34679, CVE-2022-34680, 
CVE-2022-34682, CVE-2022-42254, CVE-2022-42256, CVE-2022-42257, CVE-2022-42258, 
CVE-2022-42259, CVE-2022-42260, CVE-2022-42261, CVE-2022-42262, CVE-2022-42263, 
CVE-2022-42264
Control: tag -4 + wontfix
Control: reassign -5 src:nvidia-graphics-drivers-tesla-450 450.51.05-1
Control: retitle -5 nvidia-graphics-drivers-tesla-450: CVE-2022-34670, 
CVE-2022-34674, CVE-2022-34675, CVE-2022-34677, CVE-2022-34679, CVE-2022-34680, 
CVE-2022-34682, CVE-2022-42254, CVE-2022-42256, CVE-2022-42257, CVE-2022-42258, 
CVE-2022-42259, CVE-2022-42260, CVE-2022-42261, CVE-2022-42262, CVE-2022-42263, 
CVE-2022-42264
Control: reassign -6 src:nvidia-graphics-drivers-tesla-460 460.32.03-1
Control: retitle -6 nvidia-graphics-drivers-tesla-460: CVE-2022-34670, 
CVE-2022-34674, CVE-2022-34675, CVE-2022-34677, CVE-2022-34679, CVE-2022-34680, 
CVE-2022-34682, CVE-2022-42254, CVE-2022-42255, CVE-2022-42256, CVE-2022-42257, 
CVE-2022-42258, CVE-2022-42259, CVE-2022-42260, CVE-2022-42261, CVE-2022-42262, 
CVE-2022-42263, CVE-2022-42264
Control: tag -6 + wontfix
Control: close -6 460.106.00-3
Control: reassign -7 src:nvidia-graphics-drivers-tesla-470 470.57.02-1
Control: retitle -7 nvidia-graphics-drivers-tesla-470: CVE-2022-34670, 
CVE-2022-34674, CVE-2022-34675, CVE-2022-34677, CVE-2022-34679, CVE-2022-34680, 
CVE-2022-34682, CVE-2022-42254, CVE-2022-42255, CVE-2022-42256, CVE-2022-42257, 
CVE-2022-42258, CVE-2022-42259, CVE-2022-42260, CVE-2022-42261, CVE-2022-42262, 
CVE-2022-42263, CVE-2022-42264
Control: reassign -8 src:nvidia-graphics-drivers-tesla-510 510.47.03-1
Control: retitle -8 nvidia-graphics-drivers-tesla-510: CVE-2022-34670, 
CVE-2022-34674, CVE-2022-34675, CVE-2022-34677, CVE-2022-34679, CVE-2022-34680, 
CVE-2022-34682, CVE-2022-34684, CVE-2022-42254, CVE-2022-42255, CVE-2022-42256, 
CVE-2022-42257, CVE-2022-42258, CVE-2022-42259, CVE-2022-42260, CVE-2022-42261, 
CVE-2022-42262, CVE-2022-42263, CVE-2022-42264
Control: reassign -9 src:nvidia-graphics-drivers-tesla 510.85.02-1
Control: retitle -9 nvidia-graphics-drivers-tesla: CVE-2022-34670, 
CVE-2022-34674, CVE-2022-34675, CVE-2022-34677, CVE-2022-34679, CVE-2022-34680, 
CVE-2022-34682, CVE-2022-34684, CVE-2022-42254, CVE-2022-42255, CVE-2022-42256, 
CVE-2022-42257, CVE-2022-42258, CVE-2022-42259, CVE-2022-42260, CVE-2022-42261, 
CVE-2022-42262, CVE-2022-42263, CVE-2022-42264
Control: found -1 340.24-1
Control: found -1 343.22-1
Control: found -1 396.18-1
Control: found -1 430.14-1
Control: found -1 455.23.04-1
Control: found -1 465.24.02-1
Control: found -1 495.44-1
Control: found -1 515.48.07-1

https://nvidia.custhelp.com/app/answers/detail/a_id/5415

CVE-2022-34670  NVIDIA GPU Display Driver for Linux contains a
vulnerability in the kernel mode layer handler, where an unprivileged
regular user can cause truncation errors when casting a primitive to a
primitive of smaller size causes data to be lost in the conversion,
which may lead to denial of service or information disclosure.

CVE-2022-42263  NVIDIA GPU Display Driver for Linux contains a
vulnerability in the kernel mode layer handler, where an Integer
overflow may lead to denial of service or information disclosure.

CVE-2022-34676  NVIDIA GPU Display Driver for Linux contains a
vulnerability in the kernel mode layer handler, where an out-of-bounds
read may lead to denial of service, information disclosure, or data
tampering.

CVE-2022-42264  NVIDIA GPU Display Driver for Linux contains a
vulnerability in the kernel mode layer, where an unprivileged regular
user can cause the use of an out-of-range pointer offset, which may lead
to data tampering, data loss, information disclosure, or denial of
service.

CVE-2022-34674  NVIDIA GPU Display Driver for Linux contains a
vulnerability in the kernel mode layer handler, where a helper function
maps more physical pages than were requested, which may lead to
undefined behavior or an information leak.

CVE-2022-34678  NVIDIA GPU Display Driver for Windows and Linux contains
a vulnerability in the kernel mode layer, where an unprivileged user can
cause a null-pointer dereference, which may lead to denial of service.

CVE-2022-34679  NVIDIA GPU Display Driver for Linux contains a
vulnerability in the kernel mode layer handler, where an unhandled
return value can lead to a null-pointer dereference, which may lead to
denial of service.

CVE-2022-34680  NVIDIA GPU Display Driver for Linux contains a
vulnerability in the kernel mode layer handler, where an integer
truncation can lead to an out-of-bounds read, which may lead to denial
of service.

CVE-2022-34677  NVIDIA GPU Display Driver for Linux contains a
vulnerability in the kernel mode layer handler, where an unprivileged
regular user can cause an integer to be truncated, which may lead to
denial of service or data tampering.

CVE-2022-34682  NVIDIA GPU Display Driver for Linux contains a
vulnerability in the kernel mode layer, where an unprivileged regular
user can cause a null-pointer dereference, which may lead to denial of
service.

CVE-2022-42257  NVIDIA GPU Display Driver for Linux contains a
vulnerability in the kernel mode layer (nvidia.ko), where an integer
overflow may lead to information disclosure, data tampering or denial of
service.

CVE-2022-42265  NVIDIA GPU Display Driver for Linux contains a
vulnerability in the kernel mode layer (nvidia.ko), where an integer
overflow may lead to information disclosure or data tampering.

CVE-2022-34684  NVIDIA GPU Display Driver for Linux contains a
vulnerability in the kernel mode layer (nvidia.ko), where an off-by-one
error may lead to data tampering or information disclosure.

CVE-2022-42254  NVIDIA GPU Display Driver for Linux contains a
vulnerability in the kernel mode layer (nvidia.ko), where an
out-of-bounds array access may lead to denial of service, data
tampering, or information disclosure.

CVE-2022-42258  NVIDIA GPU Display Driver for Linux contains a
vulnerability in the kernel mode layer (nvidia.ko), where an integer
overflow may lead to denial of service, data tampering, or information
disclosure.

CVE-2022-42255  NVIDIA GPU Display Driver for Linux contains a
vulnerability in the kernel mode layer (nvidia.ko), where an
out-of-bounds array access may lead to denial of service, information
disclosure, or data tampering.

CVE-2022-42256  NVIDIA GPU Display Driver for Linux contains a
vulnerability in the kernel mode layer (nvidia.ko), where an integer
overflow in index validation may lead to denial of service, information
disclosure, or data tampering.

CVE-2022-34673  NVIDIA GPU Display Driver for Linux contains a
vulnerability in the kernel mode layer (nvidia.ko), where an
out-of-bounds array access may lead to denial of service, information
disclosure, or data tampering.

CVE-2022-42259  NVIDIA GPU Display Driver for Linux contains a
vulnerability in the kernel mode layer (nvidia.ko), where an integer
overflow may lead to denial of service.


Linux Driver Branch     CVE IDs Addressed
R515    CVE-2022-34670, CVE-2022-34673, CVE-2022-34674, CVE-2022-34675,
        CVE-2022-34677, CVE-2022-34679, CVE-2022-34680, CVE-2022-34682,
        CVE-2022-34684, CVE-2022-42254, CVE-2022-42255, CVE-2022-42256,
        CVE-2022-42257, CVE-2022-42258, CVE-2022-42259, CVE-2022-42263,
        CVE-2022-42264, CVE-2022-42265
R510    CVE-2022-34670, CVE-2022-34674, CVE-2022-34675, CVE-2022-34677,
        CVE-2022-34679, CVE-2022-34680, CVE-2022-34682, CVE-2022-34684,
        CVE-2022-42254, CVE-2022-42255, CVE-2022-42256, CVE-2022-42257,
        CVE-2022-42258, CVE-2022-42259, CVE-2022-42260, CVE-2022-42261,
        CVE-2022-42262, CVE-2022-42263, CVE-2022-42264
R470    CVE-2022-34670, CVE-2022-34674, CVE-2022-34675, CVE-2022-34677,
        CVE-2022-34679, CVE-2022-34680, CVE-2022-34682, CVE-2022-42254,
        CVE-2022-42255, CVE-2022-42256, CVE-2022-42257, CVE-2022-42258,
        CVE-2022-42259, CVE-2022-42260, CVE-2022-42261, CVE-2022-42262,
        CVE-2022-42263, CVE-2022-42264
R450    CVE-2022-34670, CVE-2022-34674, CVE-2022-34675, CVE-2022-34677,
        CVE-2022-34679, CVE-2022-34680, CVE-2022-34682, CVE-2022-42254,
        CVE-2022-42256, CVE-2022-42257, CVE-2022-42258, CVE-2022-42259,
        CVE-2022-42260, CVE-2022-42261, CVE-2022-42262, CVE-2022-42263,
        CVE-2022-42264
R390    CVE-2022-34670, CVE-2022-34674, CVE-2022-34675, CVE-2022-34677,
        CVE-2022-34680, CVE-2022-42257, CVE-2022-42258, CVE-2022-42259


Andreas

--- End Message ---

--- Begin Message ---

Source: nvidia-graphics-drivers-tesla-510
Source-Version: 510.108.03-1
Done: Andreas Beckmann <a...@debian.org>

We believe that the bug you reported is fixed in the latest version of
nvidia-graphics-drivers-tesla-510, which is due to be installed in the Debian 
FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 1025...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Andreas Beckmann <a...@debian.org> (supplier of updated 
nvidia-graphics-drivers-tesla-510 package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Tue, 13 Dec 2022 00:15:54 +0100
Source: nvidia-graphics-drivers-tesla-510
Architecture: source
Version: 510.108.03-1
Distribution: unstable
Urgency: medium
Maintainer: Debian NVIDIA Maintainers <pkg-nvidia-de...@lists.alioth.debian.org>
Changed-By: Andreas Beckmann <a...@debian.org>
Closes: 1021958 1025279 1025286 1025382
Changes:
 nvidia-graphics-drivers-tesla-510 (510.108.03-1) unstable; urgency=medium
 .
   * Rebuild as Tesla 510 driver.
     (Closes: #1025286, #1025382)
 .
 nvidia-graphics-drivers (510.108.03-1) unstable; urgency=medium
 .
   * New upstream production branch release 510.108.03 (2022-11-22).
     * Fixed CVE-2022-34670, CVE-2022-34674, CVE-2022-34675, CVE-2022-34677,
       CVE-2022-34679, CVE-2022-34680, CVE-2022-34682, CVE-2022-34684,
       CVE-2022-42254, CVE-2022-42255, CVE-2022-42256, CVE-2022-42257,
       CVE-2022-42258, CVE-2022-42259, CVE-2022-42260, CVE-2022-42261,
       CVE-2022-42262, CVE-2022-42263, CVE-2022-42264.  (Closes: #1025279)
       https://nvidia.custhelp.com/app/answers/detail/a_id/5415
     * Improved compatibility with recent Linux kernels.
 .
   [ Andreas Beckmann ]
   * Refresh patches.
   * Update nv-readme.ids.
   * Add missing #includes to fix kernel module build for ppc64el.
   * Rename the internally used ARCH variable which might clash on externally
     set values.
   * Use substitutions for ${nvidia-kernel} and friends.
   * Try to compile a kernel module at package build time.
 .
 nvidia-graphics-drivers (510.85.02-6) unstable; urgency=medium
 .
   * Split firmware-nvidia-gsp from nvidia-kernel-support.
 .
 nvidia-graphics-drivers (510.85.02-5) unstable; urgency=medium
 .
   * Restrict nvidia-legacy-check dependency to driver architectures.
   * Backport nv-acpi.c changes from 515.65.01 and drm_frambuffer.h changes
     from 515.76 to fix kernel module build for Linux 6.0.  (Closes: #1021958)
 .
 nvidia-graphics-drivers (510.85.02-4) unstable; urgency=medium
 .
   * Set BUILD_EXCLUSIVE_CONFIG="!CONFIG_PREEMPT_RT" for
     module-assistant-autopkgtest, too.
Checksums-Sha1:
 32cb130b6224f2cfe1c2f1648f4712d74322a978 7630 
nvidia-graphics-drivers-tesla-510_510.108.03-1.dsc
 eccb76b359e345ca31ad3ac8d45f6c542cb38165 329586519 
nvidia-graphics-drivers-tesla-510_510.108.03.orig-amd64.tar.gz
 d5144bed730975a2f10f85b13b4cd29b4fa07d83 211446103 
nvidia-graphics-drivers-tesla-510_510.108.03.orig-arm64.tar.gz
 ff84a38e81176ed301bad56083f16237c90ab709 72732659 
nvidia-graphics-drivers-tesla-510_510.108.03.orig-ppc64el.tar.gz
 50eb57e8cc8d66bce92783493455aedac0517018 140 
nvidia-graphics-drivers-tesla-510_510.108.03.orig.tar.gz
 3bc2f46daf205fc506596b0aece2596b2a0f5399 212648 
nvidia-graphics-drivers-tesla-510_510.108.03-1.debian.tar.xz
 0dbe35bcde6be3470383c950c7bc645063c43259 5792 
nvidia-graphics-drivers-tesla-510_510.108.03-1_source.buildinfo
Checksums-Sha256:
 b3a5c0d8a04f54031cf9d0033a4e395c622dea84bc8b4e748877a3dd0746a97b 7630 
nvidia-graphics-drivers-tesla-510_510.108.03-1.dsc
 ccd9c04ff14c059c10a802783b3933d439f67ca38f64ff57aab76bfccccde97b 329586519 
nvidia-graphics-drivers-tesla-510_510.108.03.orig-amd64.tar.gz
 a898d383cec2ef2397b9107a9b41b03e304a93c1fe477f6c0373f1852b142e42 211446103 
nvidia-graphics-drivers-tesla-510_510.108.03.orig-arm64.tar.gz
 89ff2bd88597f29ddb374478b2b417b04fcb930b908f2b2e75ba0a27736ffb29 72732659 
nvidia-graphics-drivers-tesla-510_510.108.03.orig-ppc64el.tar.gz
 2ca5c56cb2a2c4002fdd4393293ec82f75f19914af6b84415f3c3331697d0c10 140 
nvidia-graphics-drivers-tesla-510_510.108.03.orig.tar.gz
 3614b214f9ab0e3c9041a8b1d92ce0588793b9470f467b730b09b67a6ca8018d 212648 
nvidia-graphics-drivers-tesla-510_510.108.03-1.debian.tar.xz
 538cc862932b8ca4badf74f00ffe15943f1e2e5f85d430bf2983ad989db3cb24 5792 
nvidia-graphics-drivers-tesla-510_510.108.03-1_source.buildinfo
Files:
 315d32ce16c4c76068b4c1a9eaa798a5 7630 non-free/libs optional 
nvidia-graphics-drivers-tesla-510_510.108.03-1.dsc
 c4b2c19d23899bd5a5ffb166b00382a5 329586519 non-free/libs optional 
nvidia-graphics-drivers-tesla-510_510.108.03.orig-amd64.tar.gz
 eb9c95baefecde57f1398361a63c15b9 211446103 non-free/libs optional 
nvidia-graphics-drivers-tesla-510_510.108.03.orig-arm64.tar.gz
 4908ea343bfea7059baef4c4bd808f62 72732659 non-free/libs optional 
nvidia-graphics-drivers-tesla-510_510.108.03.orig-ppc64el.tar.gz
 082e49a566b88ee5156557b4c0333b41 140 non-free/libs optional 
nvidia-graphics-drivers-tesla-510_510.108.03.orig.tar.gz
 03bf12a8eb03121516a8781ad7c7036f 212648 non-free/libs optional 
nvidia-graphics-drivers-tesla-510_510.108.03-1.debian.tar.xz
 c21d982aa9de9a7e690d5864e3e5093f 5792 non-free/libs optional 
nvidia-graphics-drivers-tesla-510_510.108.03-1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJEBAEBCAAuFiEE6/MKMKjZxjvaRMaUX7M/k1np7QgFAmOXuBoQHGFuYmVAZGVi
aWFuLm9yZwAKCRBfsz+TWentCMMXD/47Par8euiTz/Vsm+op0PoF9FER8nxA4b3k
mmSkrTPJhZOFhpaPQ1q2zd48KsQI/0rdWMXfs0/762M58xDM+Pjk8kQvjkTveSIe
oZJCHyqnnEJ2KJVbAK+d6tHIvWIAIBsx3AGgmglXzmU+vC8xsxds+5U8PrBEnnN8
5q66x5otXCD72QK87a4ndP45NTr/TW3lcw9qlVHm7LuzhlDxaA4L1SrUBvMwg7yR
hnHkdqQrSZzSa3usY1G7MIAFDRC5s/W2mX8ZxtWyvQabdAunKdfOPMjT0RnIXLG+
cx2zC2Kix+EzAxCeBB4UPnUIsynWZacXhqo7+1wQMWvoFWZ8mWCuALGCKuoUWNd1
0jAN5MPSizwAilGUOFySqonwxrUbkJVujbx2oRbhC44rIXj32HvP5D1q0RKbJmJw
jeWtx4pZnNIM7Xe56ENlJLcW6oY4S6CxMbji+SzBOQOL9WbGpyYyaH3I/99sFo65
GjhDlQyJm8EcQq7l7rQRMD23EJu8bE8SDs02WoBgQjiSLqOqC2GKBnItVr+J4gV1
d/A3pbHmsYjV5v+IFmg/flfGlj+K5z8AWXjEccbpJ9wHpSk+mYmO1Wznk7w9EiMH
OYA/mldq/iawAUaYjB/+YHneGKGySXAxscBKnnQZhJMevTVCAb98fx7UUvFL5W7/
ysOxA2YRVA==
=st2+
-----END PGP SIGNATURE-----

--- End Message ---