Bug#1072792: marked as done (nvidia-graphics-drivers: CVE-2024-0090, CVE-2024-0091, CVE-2024-0092)

Debian Bug Tracking System Thu, 20 Jun 2024 11:34:14 -0700

Your message dated Thu, 20 Jun 2024 18:32:32 +0000
with message-id <e1skmag-00brdm...@fasolo.debian.org>
and subject line Bug#1072792: fixed in nvidia-graphics-drivers-tesla-470 
470.256.02-1~deb12u1
has caused the Debian Bug report #1072792,
regarding nvidia-graphics-drivers: CVE-2024-0090, CVE-2024-0091, CVE-2024-0092
to be marked as done.


This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
1072792: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1072792
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

--- Begin Message ---

Source: nvidia-graphics-drivers
Severity: serious
Tags: security upstream
X-Debbugs-Cc: Debian Security Team <t...@security.debian.org>
Control: clone -1 -2 -3 -4 -5 -6 -7 -8 -9
Control: reassign -2 src:nvidia-graphics-drivers-legacy-340xx 340.76-6
Control: retitle -2 nvidia-graphics-drivers-legacy-340xx: CVE-2024-0090, 
CVE-2024-0092
Control: tag -2 + wontfix
Control: reassign -3 src:nvidia-graphics-drivers-legacy-390xx 390.48-4
Control: retitle -3 nvidia-graphics-drivers-legacy-390xx: CVE-2024-0090, 
CVE-2024-0092
Control: tag -3 + wontfix
Control: reassign -4 src:nvidia-graphics-drivers-tesla-418 418.87.01-1
Control: retitle -4 nvidia-graphics-drivers-tesla-418: CVE-2024-0090, 
CVE-2024-0092
Control: tag -4 + wontfix
Control: reassign -5 src:nvidia-graphics-drivers-tesla-450 450.51.05-1
Control: retitle -5 nvidia-graphics-drivers-tesla-450: CVE-2024-0090, 
CVE-2024-0092
Control: tag -5 + wontfix
Control: close -5 450.248.02-4
Control: reassign -6 src:nvidia-graphics-drivers-tesla-460 460.32.03-1
Control: retitle -6 nvidia-graphics-drivers-tesla-460: CVE-2024-0090, 
CVE-2024-0092
Control: tag -6 + wontfix
Control: close -6 460.106.00-3
Control: reassign -7 src:nvidia-graphics-drivers-tesla-470 470.57.02-1
Control: retitle -7 nvidia-graphics-drivers-tesla-470: CVE-2024-0090, 
CVE-2024-0092
Control: reassign -8 src:nvidia-graphics-drivers-tesla 510.85.02-1
Control: retitle -8 nvidia-graphics-drivers-tesla: CVE-2024-0090, CVE-2024-0092
Control: found -8 515.48.07-1
Control: found -8 525.60.13-1
Control: tag -8 + wontfix
Control: close -8 525.147.05-6
Control: reassign -9 src:nvidia-open-gpu-kernel-modules 515.43.04-1
Control: retitle -9 nvidia-open-gpu-kernel-modules: CVE-2024-0090, 
CVE-2024-0091, CVE-2024-0092
Control: found -9 520.56.06-1
Control: found -9 525.85.12-1
Control: found -9 530.30.02-1
Control: found -9 535.43.02-1
Control: found -9 545.23.06-1
Control: found -9 550.40.07-1
Control: found -9 555.42.02-1
Control: found -1 340.24-1
Control: found -1 343.22-1
Control: found -1 396.18-1
Control: found -1 430.14-1
Control: found -1 455.23.04-1
Control: found -1 465.24.02-1
Control: found -1 495.44-1
Control: found -1 515.48.07-1
Control: found -1 520.56.06-1
Control: found -1 525.53-1
Control: found -1 530.30.02-1
Control: found -1 535.43.02-1
Control: found -1 545.23.06-1
Control: found -1 550.40.07-1
Control: found -1 555.42.02-1

https://nvidia.custhelp.com/app/answers/detail/a_id/5551

CVE-2024-0090   NVIDIA GPU driver for Windows and Linux contains a
vulnerability where a user can cause an out-of-bounds write. A
successful exploit of this vulnerability might lead to code execution,
denial of service, escalation of privileges, information disclosure, and
data tampering.

CVE-2024-0091   NVIDIA GPU Display Driver for Windows and Linux contains
a vulnerability where a user can cause an untrusted pointer dereference
by executing a driver API. A successful exploit of this vulnerability
might lead to denial of service, information disclosure, and data
tampering.

CVE-2024-0092   NVIDIA GPU Driver for Windows and Linux contains a
vulnerability where an improper check or improper handling of exception
conditions might lead to denial of service.

Linux Driver Branch     CVE IDs Addressed
R555, R550              CVE-2024-0090, CVE-2024-0091, CVE-2024-0092
R535, R470              CVE-2024-0090, CVE-2024-0092

Driver Branch   Affected Driver Versions                        Updated Driver 
Version
R555            All driver versions prior to 555.52.04          555.52.04
R550            All driver versions prior to 550.90.07          550.90.07
R535            All driver versions prior to 535.183.01         535.183.01
R470            All driver versions prior to 470.256.02         470.256.02


Andreas

--- End Message ---

--- Begin Message ---

Source: nvidia-graphics-drivers-tesla-470
Source-Version: 470.256.02-1~deb12u1
Done: Andreas Beckmann <a...@debian.org>

We believe that the bug you reported is fixed in the latest version of
nvidia-graphics-drivers-tesla-470, which is due to be installed in the Debian 
FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 1072...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Andreas Beckmann <a...@debian.org> (supplier of updated 
nvidia-graphics-drivers-tesla-470 package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Mon, 17 Jun 2024 23:06:22 +0200
Source: nvidia-graphics-drivers-tesla-470
Architecture: source
Version: 470.256.02-1~deb12u1
Distribution: bookworm
Urgency: medium
Maintainer: Debian NVIDIA Maintainers <pkg-nvidia-de...@lists.alioth.debian.org>
Changed-By: Andreas Beckmann <a...@debian.org>
Closes: 1072792 1072798
Changes:
 nvidia-graphics-drivers-tesla-470 (470.256.02-1~deb12u1) bookworm; 
urgency=medium
 .
   * Rebuild for bookworm.
 .
 nvidia-graphics-drivers-tesla-470 (470.256.02-1) unstable; urgency=medium
 .
   * New upstream LTS and Tesla branch release 470.256.02 (2024-06-04).
     * Fixed CVE-2024-0090, CVE-2024-0092.  (Closes: #1072798)
       https://nvidia.custhelp.com/app/answers/detail/a_id/5551
     - Fixed a bug that could cause the X server to crash when graphics
       applications requested single-buffered drawables while certain
       features (such as Vulkan sharpening) are enabled.
 .
   [ Andreas Beckmann ]
   * Refresh patches.
 .
 nvidia-graphics-drivers (470.256.02-1) bullseye; urgency=medium
 .
   * New upstream LTS and Tesla branch release 470.256.02 (2024-06-04).
     * Fixed CVE-2024-0090, CVE-2024-0092.  (Closes: #1072792)
       https://nvidia.custhelp.com/app/answers/detail/a_id/5551
     - Fixed a bug that could cause the X server to crash when graphics
       applications requested single-buffered drawables while certain
       features (such as Vulkan sharpening) are enabled.
 .
   [ Andreas Beckmann ]
   * Refresh patches.
   * xserver-xorg-video-nvidia: Recommend nvidia-vulkan-icd.
   * Move the libnvidia-glvkspirv dependency to libnvidia-(e)glcore.
     (Cf. #1064194)
   * Bump Standards-Version to 4.7.0. No changes needed.
   * Upload to bullseye.
 .
 nvidia-graphics-drivers-tesla-470 (470.239.06-1~deb11u1) bullseye; 
urgency=medium
 .
   * Rebuild for bullseye.
Checksums-Sha1:
 17a2064e460232b0608ce7ae60f8357f97b7d60b 8024 
nvidia-graphics-drivers-tesla-470_470.256.02-1~deb12u1.dsc
 af81fb37ee6e908fcd19b106f1698c8905a517ad 214468 
nvidia-graphics-drivers-tesla-470_470.256.02-1~deb12u1.debian.tar.xz
 5741f28beadc0e40c78e49df2cfccf56bbb14858 8052 
nvidia-graphics-drivers-tesla-470_470.256.02-1~deb12u1_source.buildinfo
Checksums-Sha256:
 488ba5d97f21eec8fbff2d31439ba7b06cfafedf7f5d5653418d305a6a6e910c 8024 
nvidia-graphics-drivers-tesla-470_470.256.02-1~deb12u1.dsc
 0e41eb5096b01a3ead48f2f5502b52007b36f9740d70ce6fd8c468eabbca135b 214468 
nvidia-graphics-drivers-tesla-470_470.256.02-1~deb12u1.debian.tar.xz
 25bbe510d2f563c8e970bf203d802fdca502fb4d14e26b9d553836ba29b4264a 8052 
nvidia-graphics-drivers-tesla-470_470.256.02-1~deb12u1_source.buildinfo
Files:
 913d5ef03836329fafdabc5bcdffe3f4 8024 non-free/libs optional 
nvidia-graphics-drivers-tesla-470_470.256.02-1~deb12u1.dsc
 c72a9d2fc1c1e6008160f57630c8d16c 214468 non-free/libs optional 
nvidia-graphics-drivers-tesla-470_470.256.02-1~deb12u1.debian.tar.xz
 af30d404c0af2080de9d4d03e872eb00 8052 non-free/libs optional 
nvidia-graphics-drivers-tesla-470_470.256.02-1~deb12u1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJEBAEBCAAuFiEE6/MKMKjZxjvaRMaUX7M/k1np7QgFAmZwpfkQHGFuYmVAZGVi
aWFuLm9yZwAKCRBfsz+TWentCAMrD/9/OFDBM+QENaoBcTKt8KJJ5Pr6fZqAujks
VhMqiW1ruYyf4f9URu8o56MxP4nMToT2enEOVLWciiRjnGz1gy9eYO8syPMOUmCa
H+AVtD7TfaYrf5ioSTS26orNNfd9xrcy02sPGhjg3WMvtvmr6oQdR/FO4kTo4zTN
LevgqVMJ2HW4tkdw5znsqkZvIyGXunRQpxUegU5WsYOzkfjZCAt6TFeiEmS6uh6Q
s82CGVho/s/0xwyB3yxoqaXEuM+GhIDO6oCFzucwUfYAQ6g+R+W8hoaprpULFg48
EbqvCg6NHc32ulqoKe6AONcfPMugRGH4DMVloWA4nAWyTGxj1t4EhrW1NhqXWeR4
qpjkWTclp5GJI0LMekv8oE18GXeGG3BA2qax36RgHdcktiQZ5exPuTYittdeGkOd
11M5nlXI4TsbI03t8YZke+W9/z3wjEdCcRTpbA0VkeJCDrezGMy+4OSTmdIEAaPH
c4ZtXaWvy4mZ8XxE45gPIve/4OKgxTdF2KAPyhKVxCIcQ9ddauJqDalmPJ1olgdX
UdOjidFJyBMkvFKlVc2VE98tWzsGO7K4xULJ3t82iISbmeJjY0K9yqJyX9LYFPdL
Z+JbkmK0mB/OgiXpEcY9uKYRnubZhSNlHL7sf0YpvtJBRpGuUI5CIjqpQMbSGM+1
g3AoBWnULA==
=fHWe
-----END PGP SIGNATURE-----

pgpdlfKlWIDnM.pgp
Description: PGP signature

--- End Message ---

Bug#1072792: marked as done (nvidia-graphics-drivers: CVE-2024-0090, CVE-2024-0091, CVE-2024-0092)

Reply via email to