Your message dated Sun, 05 May 2024 19:18:20 +0000
with message-id <[email protected]>
and subject line Bug#1064989: fixed in nvidia-graphics-drivers-tesla-470
470.239.06-1~deb11u1
has caused the Debian Bug report #1064989,
regarding nvidia-graphics-drivers-tesla-470: CVE-2024-0074, CVE-2022-42265,
CVE-2024-0078
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
1064989: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1064989
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: nvidia-graphics-drivers
Severity: serious
Tags: security upstream
X-Debbugs-Cc: Debian Security Team <[email protected]>
Control: clone -1 -2 -3 -4 -5 -6 -7 -8 -9
Control: reassign -2 src:nvidia-graphics-drivers-legacy-340xx 340.76-6
Control: retitle -2 nvidia-graphics-drivers-legacy-340xx: CVE-2024-0074,
CVE-2022-42265, CVE-2024-0078
Control: tag -2 + wontfix
Control: reassign -3 src:nvidia-graphics-drivers-legacy-390xx 390.48-4
Control: retitle -3 nvidia-graphics-drivers-legacy-390xx: CVE-2024-0074,
CVE-2022-42265, CVE-2024-0078
Control: tag -3 + wontfix
Control: reassign -4 src:nvidia-graphics-drivers-tesla-418 418.87.01-1
Control: retitle -4 nvidia-graphics-drivers-tesla-418: CVE-2024-0074,
CVE-2022-42265, CVE-2024-0078
Control: tag -4 + wontfix
Control: reassign -5 src:nvidia-graphics-drivers-tesla-450 450.51.05-1
Control: retitle -5 nvidia-graphics-drivers-tesla-450: CVE-2024-0074,
CVE-2022-42265, CVE-2024-0078
Control: tag -5 + wontfix
Control: close -5 450.248.02-4
Control: reassign -6 src:nvidia-graphics-drivers-tesla-460 460.32.03-1
Control: retitle -6 nvidia-graphics-drivers-tesla-460: CVE-2024-0074,
CVE-2022-42265, CVE-2024-0078
Control: tag -6 + wontfix
Control: close -6 460.106.00-3
Control: reassign -7 src:nvidia-graphics-drivers-tesla-470 470.57.02-1
Control: retitle -7 nvidia-graphics-drivers-tesla-470: CVE-2024-0074,
CVE-2022-42265, CVE-2024-0078
Control: reassign -8 src:nvidia-graphics-drivers-tesla 510.85.02-1
Control: retitle -8 nvidia-graphics-drivers-tesla: CVE-2024-0074,
CVE-2024-0075, CVE-2024-0078
Control: found -8 515.48.07-1
Control: found -8 525.60.13-1
Control: tag -8 + wontfix
Control: close -8 525.147.05-6
Control: reassign -9 src:nvidia-open-gpu-kernel-modules 515.43.04-1
Control: retitle -9 nvidia-open-gpu-kernel-modules: CVE-2024-0074,
CVE-2024-0075, CVE-2024-0078
Control: found -9 520.56.06-1
Control: found -9 525.85.12-1
Control: found -9 530.30.02-1
Control: found -9 535.43.02-1
Control: found -9 545.23.06-1
Control: found -9 550.40.07-1
Control: found -1 340.24-1
Control: found -1 343.22-1
Control: found -1 396.18-1
Control: found -1 430.14-1
Control: found -1 455.23.04-1
Control: found -1 465.24.02-1
Control: found -1 495.44-1
Control: found -1 515.48.07-1
Control: found -1 520.56.06-1
Control: found -1 525.53-1
Control: found -1 530.30.02-1
Control: found -1 535.43.02-1
Control: found -1 545.23.06-1
Control: found -1 550.40.07-1
Control: fixed -7 470.239.06-1
https://nvidia.custhelp.com/app/answers/detail/a_id/5520
CVE-2024-0074 NVIDIA GPU Display Driver for Linux contains a
vulnerability where an attacker may access a memory location after the
end of the buffer. A successful exploit of this vulnerability may lead
to denial of service and data tampering.
CVE-2024-0075 NVIDIA GPU Display Driver for Windows and Linux contains
a vulnerability where a user may cause a NULL-pointer dereference by
accessing passed parameters the validity of which has not been checked.
A successful exploit of this vulnerability may lead to denial of service
and limited information disclosure.
CVE-2024-0078 NVIDIA GPU Display Driver for Windows and Linux contains
a vulnerability in the kernel mode layer, where a user in a guest can
cause a NULL-pointer dereference in the host, which may lead to denial
of service.
CVE-2022-42265 NVIDIA GPU Display Driver for Windows and Linux contains
a vulnerability in the kernel mode layer handler, where an unprivileged
regular user can cause integer overflow, which may lead to denial of
service, information disclosure, and data tampering.
Linux Driver Branch CVE IDs Addressed
R550, R545, R535 CVE-2024-0074, CVE-2024-0075
R470 CVE-2024-0074, CVE-2022-42265
Driver Branch Affected Driver Versions Updated Driver
Version
R550 All driver versions prior to 550.54.14 550.54.14
R535 All driver versions prior to 535.161.07 535.161.07
R470 All driver versions prior to 470.239.06 470.239.06
R470 All driver versions prior to 470.223.02 470.223.02
Security Updates for NVIDIA vGPU Software
Security Updates for NVIDIA Cloud Gaming
Linux Driver Branch CVE IDs Addressed
R535 CVE-2024-0074, CVE-2024-0075, CVE-2024-0078
R470 CVE-2024-0074, CVE-2024-0078, CVE-2022-42265
Andreas
--- End Message ---
--- Begin Message ---
Source: nvidia-graphics-drivers-tesla-470
Source-Version: 470.239.06-1~deb11u1
Done: Andreas Beckmann <[email protected]>
We believe that the bug you reported is fixed in the latest version of
nvidia-graphics-drivers-tesla-470, which is due to be installed in the Debian
FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Andreas Beckmann <[email protected]> (supplier of updated
nvidia-graphics-drivers-tesla-470 package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Wed, 24 Apr 2024 05:18:12 +0200
Source: nvidia-graphics-drivers-tesla-470
Architecture: source
Version: 470.239.06-1~deb11u1
Distribution: bullseye
Urgency: medium
Maintainer: Debian NVIDIA Maintainers <[email protected]>
Changed-By: Andreas Beckmann <[email protected]>
Closes: 1063361 1064983 1064989
Changes:
nvidia-graphics-drivers-tesla-470 (470.239.06-1~deb11u1) bullseye;
urgency=medium
.
* Rebuild for bullseye.
.
nvidia-graphics-drivers-tesla-470 (470.239.06-1~deb12u1) bookworm;
urgency=medium
.
* Rebuild for bookworm.
.
nvidia-graphics-drivers-tesla-470 (470.239.06-1) unstable; urgency=medium
.
* New upstream long term support branch release 470.239.06 (2024-02-22).
* Fixed CVE-2024-0074, CVE-2024-0078, CVE-2022-42265. (Closes: #1064989)
https://nvidia.custhelp.com/app/answers/detail/a_id/5520
* Improved compatibility with recent Linux kernels.
.
[ Andreas Beckmann ]
* Refresh patches.
.
nvidia-graphics-drivers (470.239.06-1) bullseye; urgency=medium
.
* New upstream long term support branch release 470.239.06 (2024-02-22).
* Fixed CVE-2024-0074, CVE-2024-0078, CVE-2022-42265. (Closes: #1064983)
https://nvidia.custhelp.com/app/answers/detail/a_id/5520
* Improved compatibility with recent Linux kernels.
.
[ Andreas Beckmann ]
* Refresh patches.
* Upload to bullseye.
.
nvidia-graphics-drivers-tesla-470 (470.223.02-4~deb12u1) bookworm;
urgency=medium
.
* Rebuild for bookworm.
.
nvidia-graphics-drivers-tesla-470 (470.223.02-4) unstable; urgency=medium
.
* Apply pfn_valid patch from gentoo to fix kernel module build for
Linux 6.1.76, 6.6.15, 6.7.3, 6.8. (Closes: #1063361)
* Update lintian overrides.
.
nvidia-graphics-drivers-tesla-470 (470.223.02-3) unstable; urgency=medium
.
* nvidia-cuda-mps is again built from src:nvidia-graphics-drivers.
.
nvidia-graphics-drivers (470.223.02-3) UNRELEASED; urgency=medium
.
* Switch src:nvidia-graphics-drivers to the Tesla 470 driver series.
* Build for ppc64el.
* Build all unversioned packages from src:nvidia-graphics-drivers.
* New Romanian (ro) debconf translations by Remus-Gabriel Chelu.
Checksums-Sha1:
5ff1aae2cbe26c0737c76cf55653a24881852591 8024
nvidia-graphics-drivers-tesla-470_470.239.06-1~deb11u1.dsc
1ddcae04997861617b6186703cece51d02464e28 214044
nvidia-graphics-drivers-tesla-470_470.239.06-1~deb11u1.debian.tar.xz
b1cc961c210f78f88f3c5d8708618c83cae36975 8567
nvidia-graphics-drivers-tesla-470_470.239.06-1~deb11u1_source.buildinfo
Checksums-Sha256:
285d6709e136664fa15636ea1ac22345b1d4e98a94a6e8f2c8cc0c92b02d3474 8024
nvidia-graphics-drivers-tesla-470_470.239.06-1~deb11u1.dsc
b6ce374f033fb4f5c7cccb16ae71404d81344f6a0e444b6e8e93cce35d0709a3 214044
nvidia-graphics-drivers-tesla-470_470.239.06-1~deb11u1.debian.tar.xz
16b4343ddd8d78269c436c6b5d9403af44bec27e22b9a166802d597d22dbc125 8567
nvidia-graphics-drivers-tesla-470_470.239.06-1~deb11u1_source.buildinfo
Files:
dee351461779dfdad91493f36bf62356 8024 non-free/libs optional
nvidia-graphics-drivers-tesla-470_470.239.06-1~deb11u1.dsc
a99ac688f74bbe2b9d9b862cabd39fea 214044 non-free/libs optional
nvidia-graphics-drivers-tesla-470_470.239.06-1~deb11u1.debian.tar.xz
ef063d00cef5e8d2007cab8968021134 8567 non-free/libs optional
nvidia-graphics-drivers-tesla-470_470.239.06-1~deb11u1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQJEBAEBCAAuFiEE6/MKMKjZxjvaRMaUX7M/k1np7QgFAmYoe0MQHGFuYmVAZGVi
aWFuLm9yZwAKCRBfsz+TWentCDfOD/9FHJTf47Fw6rji4vXM9zp2h7EAJxClmxEq
zwjI8SSe4iY9TOBd6kdEdog+uAR57Mo4Qlf2U7upwKk34OgcfvLb8kbxFlsitH9c
rUBCOG2OpcOXKjzuiQ5a1h76NlH44NWAOUxOpHbz5wHoWNBwAM1blCwWTGXiByMX
7kVrupl+TyCPnGKoPh/H0JddgBrljD9G8vtq7M2LCMFkIT1dxOk3nnX+Lcnm46uZ
HG8yf8qfc1zBQKWKScxAqb0vcBOWbX2MkurMDRUbIDal3NC9HRzuijOe6dzJ/1yx
80B4B7YXKLMTkHUJUAsV9u2dKHYFhMnoI29N62+LNperOm4CLbQF7nNe7yxl9OYL
77Fcau5wemQKMrU23QZKd810gvaBPJZOQdUkmNvGeMLfUrsWIhumJNQGw1IU57Gr
5lkasdqV8db9a/W48fo511ZxgHtqfp2x4JMa8AkMzqIXSjB5dCxiH259O/MTlK8U
F08yvmIycAxswdqmrgNqojPEDLIQZ7AphbWbKf80A1RcExZ8hGpun0COOJ3C7EiW
mFas2EsWrrDJ+2RoUfQ/Xt4o76SSXnAxcrpocedwqK3fpsBunT5dtQB88/oOVsbk
MJrMUxCuVUD9xykxT2tkkw6KK99LQKNG7fqMw0fuWqxo9OZFKyU+0Et6CwJ3hydO
2QGiYDLHJw==
=X+8N
-----END PGP SIGNATURE-----
pgpM4NibQ4SCr.pgp
Description: PGP signature
--- End Message ---
