Your message dated Fri, 02 May 2025 22:38:31 +0000
with message-id <e1uaz1b-007ozz...@fasolo.debian.org>
and subject line Bug#1093908: fixed in nvidia-graphics-drivers 535.230.02-1
has caused the Debian Bug report #1093908,
regarding nvidia-graphics-drivers: CVE-2024-0150, CVE-2024-0147,
CVE-2024-53869, CVE-2024-0131, CVE-2024-0149
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
1093908: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1093908
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: nvidia-graphics-drivers
Severity: serious
Tags: security upstream
X-Debbugs-Cc: Debian Security Team <t...@security.debian.org>
Control: clone -1 -2 -3 -4 -5 -6 -7 -8 -9 -10
Control: reassign -2 src:nvidia-graphics-drivers-legacy-340xx 340.76-6
Control: retitle -2 nvidia-graphics-drivers-legacy-340xx: CVE-2024-0131,
CVE-2024-0147, CVE-2024-0149, CVE-2024-0150
Control: tag -2 + wontfix
Control: reassign -3 src:nvidia-graphics-drivers-legacy-390xx 390.48-4
Control: retitle -3 nvidia-graphics-drivers-legacy-390xx: CVE-2024-0131,
CVE-2024-0147, CVE-2024-0149, CVE-2024-0150
Control: tag -3 + wontfix
Control: reassign -4 src:nvidia-graphics-drivers-tesla-418 418.87.01-1
Control: retitle -4 nvidia-graphics-drivers-tesla-418: CVE-2024-0131,
CVE-2024-0147, CVE-2024-0149, CVE-2024-0150
Control: tag -4 + wontfix
Control: reassign -5 src:nvidia-graphics-drivers-tesla-450 450.51.05-1
Control: retitle -5 nvidia-graphics-drivers-tesla-450: CVE-2024-0131,
CVE-2024-0147, CVE-2024-0149, CVE-2024-0150
Control: tag -5 + wontfix
Control: close -5 450.248.02-4
Control: reassign -6 src:nvidia-graphics-drivers-tesla-460 460.32.03-1
Control: retitle -6 nvidia-graphics-drivers-tesla-460: CVE-2024-0131,
CVE-2024-0147, CVE-2024-0149, CVE-2024-0150
Control: tag -6 + wontfix
Control: close -6 460.106.00-3
Control: reassign -7 src:nvidia-graphics-drivers-tesla-470 470.57.02-1
Control: retitle -7 nvidia-graphics-drivers-tesla-470: CVE-2024-0131,
CVE-2024-0147, CVE-2024-0149, CVE-2024-0150
Control: tag -7 + wontfix
Control: severity -7 important
Control: reassign -8 src:nvidia-graphics-drivers-tesla 510.85.02-1
Control: retitle -8 nvidia-graphics-drivers-tesla: CVE-2024-0131,
CVE-2024-0147, CVE-2024-0149, CVE-2024-0150
Control: found -8 515.48.07-1
Control: found -8 525.60.13-1
Control: tag -8 + wontfix
Control: close -8 525.147.05-6
Control: reassign -9 src:nvidia-open-gpu-kernel-modules 515.43.04-1
Control: retitle -9 nvidia-open-gpu-kernel-modules: CVE-2024-0131,
CVE-2024-0147, CVE-2024-0149, CVE-2024-0150
Control: found -9 520.56.06-1
Control: found -9 525.85.12-1
Control: found -9 530.30.02-1
Control: found -9 535.43.02-1
Control: found -9 545.23.06-1
Control: found -9 550.40.07-1
Control: found -9 555.42.02-1
Control: found -9 560.28.03-1
Control: found -9 565.57.01-1
Control: reassign -10 src:nvidia-graphics-drivers-tesla-535 535.216.01-1
Control: retitle -10 nvidia-graphics-drivers-tesla-535: CVE-2024-0131,
CVE-2024-0147, CVE-2024-0149, CVE-2024-0150
Control: found -1 340.24-1
Control: found -1 343.22-1
Control: found -1 396.18-1
Control: found -1 430.14-1
Control: found -1 455.23.04-1
Control: found -1 465.24.02-1
Control: found -1 495.44-1
Control: found -1 515.48.07-1
Control: found -1 520.56.06-1
Control: found -1 525.53-1
Control: found -1 530.30.02-1
Control: found -1 535.43.02-1
Control: found -1 545.23.06-1
Control: found -1 550.40.07-1
Control: found -1 555.42.02-1
Control: found -1 560.28.03-1
Control: found -1 565.57.01-1
https://nvidia.custhelp.com/app/answers/detail/a_id/5614
CVE-2024-0150 NVIDIA GPU display driver for Windows and Linux contains
a vulnerability where data is written past the end or before the
beginning of a buffer. A successful exploit of this vulnerability might
lead to information disclosure, denial of service, or data tampering.
CVE-2024-0147 NVIDIA GPU display driver for Windows and Linux contains
a vulnerability where referencing memory after it has been freed can
lead to denial of service or data tampering.
CVE-2024-53869 NVIDIA Unified Memory driver for Linux contains a
vulnerability where an attacker could leak uninitialized memory. A
successful exploit of this vulnerability might lead to information
disclosure.
CVE-2024-0131 NVIDIA GPU kernel driver for Windows and Linux contains
a vulnerability where a potential user-mode attacker could read a
buffer with an incorrect length. A successful exploit of this
vulnerability might lead to denial of service.
CVE-2024-0149 NVIDIA GPU Display Driver for Linux contains a
vulnerability which could allow an attacker unauthorized access to
files. A successful exploit of this vulnerability might lead to limited
information disclosure.
Linux Driver Branch CVEs Addressed
R550 CVE-2024-0131, CVE-2024-0147, CVE-2024-0149,
CVE-2024-0150, CVE-2024-53869
R535 CVE-2024-0131, CVE-2024-0147, CVE-2024-0149,
CVE-2024-0150
Driver Branch Affected Driver Versions Updated Driver
Version
R550 All driver versions prior to 550.144.03 550.144.03
R535 All driver versions prior to 535.230.02 535.230.02
Andreas
--- End Message ---
--- Begin Message ---
Source: nvidia-graphics-drivers
Source-Version: 535.230.02-1
Done: Andreas Beckmann <a...@debian.org>
We believe that the bug you reported is fixed in the latest version of
nvidia-graphics-drivers, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 1093...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Andreas Beckmann <a...@debian.org> (supplier of updated nvidia-graphics-drivers
package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Fri, 02 May 2025 23:58:29 +0200
Source: nvidia-graphics-drivers
Architecture: source
Version: 535.230.02-1
Distribution: unstable
Urgency: medium
Maintainer: Debian NVIDIA Maintainers <pkg-nvidia-de...@lists.alioth.debian.org>
Changed-By: Andreas Beckmann <a...@debian.org>
Closes: 1093908
Changes:
nvidia-graphics-drivers (535.230.02-1) unstable; urgency=medium
.
* New upstream LTS and Tesla branch release 535.230.02 (2025-01-16).
* Fixed CVE-2024-0150, CVE-2024-0147, CVE-2024-53869, CVE-2024-0131,
CVE-2024-0149. (Closes: #1093908)
https://nvidia.custhelp.com/app/answers/detail/a_id/5614
* Drop ppc64le driver.
* Improved compatibility with recent Linux kernels.
.
[ Andreas Beckmann ]
* Refresh patches.
* Stop building driver packages for ppc64el.
* Stop building nvidia-cuda-mps and nvidia-detect for ppc64el.
Checksums-Sha1:
ae5ef5942a9fc10d8b254c66e802f691c4e31329 7241
nvidia-graphics-drivers_535.230.02-1.dsc
4da6e19b08cfe5181b35890ef33661747e2c8ca0 340475118
nvidia-graphics-drivers_535.230.02.orig-amd64.tar.gz
f4f25c588369ef0dca3c0b71a0114c702efc8e0c 269470028
nvidia-graphics-drivers_535.230.02.orig-arm64.tar.gz
f7d49b83e751053feb076ccc0bd0f813f085d24d 140
nvidia-graphics-drivers_535.230.02.orig.tar.gz
50fd59c780505fffd07918a1c0f3fe647054c3f8 237348
nvidia-graphics-drivers_535.230.02-1.debian.tar.xz
f5f6b355441dcfe92d82ff033c8b2f3a54fcaac0 5443
nvidia-graphics-drivers_535.230.02-1_source.buildinfo
Checksums-Sha256:
1f45fc0d72b85a3d763c29d8009542265cfdf56b257547d917eb6d52c5cebfa4 7241
nvidia-graphics-drivers_535.230.02-1.dsc
1d21aa427ab4fd311007428275bca712bfbd74831f4824db3eda4a624ec1fa73 340475118
nvidia-graphics-drivers_535.230.02.orig-amd64.tar.gz
7c7236345971151d0656042b7e6d4f92d721eb2af2ddebd758a613330304afe3 269470028
nvidia-graphics-drivers_535.230.02.orig-arm64.tar.gz
c66ce98da52cfdb1c86446fdd1821956f4b3c73667117b3b241fff54f6b4d6f7 140
nvidia-graphics-drivers_535.230.02.orig.tar.gz
7a3bc5b29c944f53eb1122b659265ed699dece61ba0b46b58c83e55a3f82320f 237348
nvidia-graphics-drivers_535.230.02-1.debian.tar.xz
6919987f1dd627de4c6f7f829dd056729e9971a35bf224fa851905192d149f09 5443
nvidia-graphics-drivers_535.230.02-1_source.buildinfo
Files:
eb97eb6ace8ee524db7bb130ff6fb6c2 7241 non-free/libs optional
nvidia-graphics-drivers_535.230.02-1.dsc
6cc6498891acd6609cd9f9f870199e67 340475118 non-free/libs optional
nvidia-graphics-drivers_535.230.02.orig-amd64.tar.gz
83c17a463a179c69ec4a6d2d9a2f973e 269470028 non-free/libs optional
nvidia-graphics-drivers_535.230.02.orig-arm64.tar.gz
e5ff1f94c4903bdc5066d030b0dabd79 140 non-free/libs optional
nvidia-graphics-drivers_535.230.02.orig.tar.gz
3cf4515304ddba67d8133c0aa2107016 237348 non-free/libs optional
nvidia-graphics-drivers_535.230.02-1.debian.tar.xz
7d85cab9f6aac303fbb3d55df70e570c 5443 non-free/libs optional
nvidia-graphics-drivers_535.230.02-1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQJEBAEBCAAuFiEE6/MKMKjZxjvaRMaUX7M/k1np7QgFAmgVQwwQHGFuYmVAZGVi
aWFuLm9yZwAKCRBfsz+TWentCM7pD/9FZzt+A5Fz/ysRf0v7c3aUc3HxyjvQCOJU
BnrY6rb1rPg3Ty2exAL1GtbzGElpa9PVKowz8+9Ek7QNiJlzlB8vG00pzLzxABz+
yF7dx3YsOpvz9c1iEBsqmww/mlui/cZzL3J1R+FfxKtJ01+HfH7A8KAiWndOU8Dw
B1xhrxosj8hxM1brW2iuc9m/9pfl0e0hsKsMDxiYczOHB7vDZTV1hFUBWEf2LzKb
RzTWEgqTYaVXaX3RwMoUjb0MLCpxRoy5nfvO3aDl/ncUv8HHlePlY++Tz0T/OUta
q0L/vY8eRVUY+gkqUngccZdpFoLBiaztNymFA7DbMGSCXVF+bXIm4uggtnq9rlSh
/8GJYiOIt8kDsY0bkwNIwKFJvGY5rj09ud26EymIYRY2hQ+pGHX7vuWN/xetZUsA
irc1QGic4fW86KCeCZSdsFBgHAez2EXYJXpaJcNFB2kepf/lyFfKhoEIsyzAFWHw
TA3QdDdwlOwzYbSqG8nAQj+wSy9c+9+7JSYMRRKv9fOPPWBYyTQF4bRz5mhIgtYC
XKBiG5aUupIg+ve7p3s3PBkxvucitQQqBCIt4o8FgL5mX7D5/0Si6BW2m8wiM/3f
SJTymkH6sSvPIPPkt64NnqwNXGivVclz4Qt1YERccL0pGfASlxs0vwrdWKcaeGt8
idGhpCBVXQ==
=Pe0c
-----END PGP SIGNATURE-----
pgp90lrJuls09.pgp
Description: PGP signature
--- End Message ---
