Bug#1011144: marked as done (nvidia-graphics-drivers-tesla-450: CVE-2022-28181, CVE-2022-28185, CVE-2022-28192)

Sat, 02 Jul 2022 10:18:59 -0700 

Your message dated Sat, 02 Jul 2022 17:17:10 +0000
with message-id <e1o7gk2-000dad...@fasolo.debian.org>
and subject line Bug#1011144: fixed in nvidia-graphics-drivers-tesla-450 
450.191.01-2~deb11u1
has caused the Debian Bug report #1011144,
regarding nvidia-graphics-drivers-tesla-450: CVE-2022-28181, CVE-2022-28185, 
CVE-2022-28192
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
1011144: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1011144
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message --- 
Source: nvidia-graphics-drivers
Severity: serious
Tags: security upstream
Control: clone -1 -2 -3 -4 -5 -6 -7 -8
Control: reassign -2 src:nvidia-graphics-drivers-legacy-340xx 340.76-6
Control: retitle -2 nvidia-graphics-drivers-legacy-340xx: CVE-2022-28181, 
CVE-2022-28185
Control: tag -2 + wontfix
Control: reassign -3 src:nvidia-graphics-drivers-legacy-390xx 390.48-4
Control: retitle -3 nvidia-graphics-drivers-legacy-390xx: CVE-2022-28181, 
CVE-2022-28185
Control: reassign -4 src:nvidia-graphics-drivers-tesla-418 418.87.01-1
Control: retitle -4 nvidia-graphics-drivers-tesla-418: CVE-2022-28181, 
CVE-2022-28185, CVE-2022-28192
Control: tag -4 + wontfix
Control: reassign -5 src:nvidia-graphics-drivers-tesla-450 450.51.05-1
Control: retitle -5 nvidia-graphics-drivers-tesla-450: CVE-2022-28181, 
CVE-2022-28185, CVE-2022-28192
Control: reassign -6 src:nvidia-graphics-drivers-tesla-460 460.32.03-1
Control: retitle -6 nvidia-graphics-drivers-tesla-460: CVE-2022-28181, 
CVE-2022-28183, CVE-2022-28184, CVE-2022-28185, CVE-2022-28191, CVE-2022-28192
Control: tag -6 + wontfix
Control: reassign -7 src:nvidia-graphics-drivers-tesla-470 470.57.02-1
Control: retitle -7 nvidia-graphics-drivers-tesla-470: CVE-2022-28181, 
CVE-2022-28183, CVE-2022-28184, CVE-2022-28185, CVE-2022-28191, CVE-2022-28192
Control: reassign -8 src:nvidia-graphics-drivers-tesla-510 510.47.03-1
Control: retitle -8 nvidia-graphics-drivers-tesla-510: CVE-2022-28181, 
CVE-2022-28183, CVE-2022-28184, CVE-2022-28185, CVE-2022-28191, CVE-2022-28192
Control: found -1 340.24-1
Control: found -1 343.22-1
Control: found -1 396.18-1
Control: found -1 430.14-1
Control: found -1 455.23.04-1
Control: found -1 465.24.02-1
Control: found -1 495.44-1

https://nvidia.custhelp.com/app/answers/detail/a_id/5353

CVE-2022-28181  NVIDIA GPU Display Driver for Windows and Linux contains
a vulnerability in the kernel mode layer, where an unprivileged regular
user on the network can cause an out-of-bounds write through a specially
crafted shader, which may lead to code execution, denial of service,
escalation of privileges, information disclosure, and data tampering.
The scope of the impact may extend to other components.

CVE-2022-28183  NVIDIA GPU Display Driver for Windows and Linux contains
a vulnerability in the kernel mode layer, where an unprivileged regular
user can cause an out-of-bounds read, which may lead to denial of
service and information disclosure.

CVE-2022-28184  NVIDIA GPU Display Driver for Windows and Linux contains
a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for
DxgkDdiEscape, where an unprivileged regular user can access
administrator- privileged registers, which may lead to denial of
service, information disclosure, and data tampering.

CVE-2022-28185 NVIDIA GPU Display Driver for Windows and Linux contains
a vulnerability in the ECC layer, where an unprivileged regular user can
cause an out-of-bounds write, which may lead to denial of service and
data tampering.

CVE-2022-28191  NVIDIA vGPU software contains a vulnerability in the
Virtual GPU Manager (nvidia.ko), where uncontrolled resource consumption
can be triggered by an unprivileged regular user, which may lead to
denial of service.

CVE-2022-28192  NVIDIA vGPU software contains a vulnerability in the
Virtual GPU Manager (nvidia.ko), where it may lead to a use-after-free,
which in turn may cause denial of service. This attack is complex to
carry out because the attacker needs to have control over freeing some
host side resources out of sequence, which requires elevated privileges.

Driver Branch   CVE IDs Addressed
R510 and R470   CVE-2022-28181, CVE-2022-28183, CVE-2022-28184, CVE-2022-28185, 
CVE-2022-28191, CVE-2022-28192
R450            CVE-2022-28181, CVE-2022-28185, CVE-2022-28192
R390            CVE-2022-28181, CVE-2022-28185

Andreas

--- End Message ---
--- Begin Message --- 
Source: nvidia-graphics-drivers-tesla-450
Source-Version: 450.191.01-2~deb11u1
Done: Andreas Beckmann <a...@debian.org>

We believe that the bug you reported is fixed in the latest version of
nvidia-graphics-drivers-tesla-450, which is due to be installed in the Debian 
FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 1011...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Andreas Beckmann <a...@debian.org> (supplier of updated 
nvidia-graphics-drivers-tesla-450 package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Sat, 02 Jul 2022 13:57:27 +0200
Source: nvidia-graphics-drivers-tesla-450
Architecture: source
Version: 450.191.01-2~deb11u1
Distribution: bullseye
Urgency: medium
Maintainer: Debian NVIDIA Maintainers <pkg-nvidia-de...@lists.alioth.debian.org>
Changed-By: Andreas Beckmann <a...@debian.org>
Closes: 976901 1009740 1011144 1013130
Changes:
 nvidia-graphics-drivers-tesla-450 (450.191.01-2~deb11u1) bullseye; 
urgency=medium
 .
   * Rebuild for bullseye.
 .
 nvidia-graphics-drivers-tesla-450 (450.191.01-2) unstable; urgency=medium
 .
   * Backport pci/dma, iosys_map, dma_set_coherent_mask, acpi_bus_get_device
     and cc_mkdec changes from 470.129.06 to fix kernel module build for
     Linux 5.18.  (Closes: #1013130)
   * Minor packaging sync and cleanup (470.129.06-6).
   * Update lintian overrides.
 .
 nvidia-graphics-drivers-tesla-450 (450.191.01-1) unstable; urgency=medium
 .
   * New upstream Tesla release 450.191.01 (2022-05-16).
     * Fixed CVE-2022-28181, CVE-2022-28185, CVE-2022-28192. (Closes: #1011144)
       https://nvidia.custhelp.com/app/answers/detail/a_id/5353
 .
   [ Andreas Beckmann ]
   * Refresh patches.
   * Bump Standards-Version to 4.6.1. No changes needed.
 .
 nvidia-graphics-drivers-tesla-450 (450.172.01-3) unstable; urgency=medium
 .
   * Update 0003-fix-conftest-includes.patch to fix kernel module build for
     ppc64el.  (Closes: #976901)
   * Backport mt_device_gre changes from 510.39.01 to fix kernel module build
     for arm64.  (Closes: #1009740)
   * Refresh patches.
Checksums-Sha1:
 4f869151c9dfc2876b80ff6c8b16e365b12ea924 7471 
nvidia-graphics-drivers-tesla-450_450.191.01-2~deb11u1.dsc
 647594d3386bcba6459a426e15b36a840a51961d 204976 
nvidia-graphics-drivers-tesla-450_450.191.01-2~deb11u1.debian.tar.xz
 cfd214f26c6e1124bf718e5d48694fab5ce99f13 8153 
nvidia-graphics-drivers-tesla-450_450.191.01-2~deb11u1_source.buildinfo
Checksums-Sha256:
 ef4dda30700a6af1b24ca17555b9f55aa31bb8b9f08beeb29c9af55765ebeeac 7471 
nvidia-graphics-drivers-tesla-450_450.191.01-2~deb11u1.dsc
 7285c6eafcdeb64c49b2008ea1ae9ae1faaafd99b7f786766a2b2055893f667c 204976 
nvidia-graphics-drivers-tesla-450_450.191.01-2~deb11u1.debian.tar.xz
 2347f40691292fe12aeb760350da6c636b547529619df2dbac019296bb32cec8 8153 
nvidia-graphics-drivers-tesla-450_450.191.01-2~deb11u1_source.buildinfo
Files:
 e9e8e62852d7321c8e02876c4c78b3d3 7471 non-free/libs optional 
nvidia-graphics-drivers-tesla-450_450.191.01-2~deb11u1.dsc
 f0b71351efbbc317ef72da5e54b7a901 204976 non-free/libs optional 
nvidia-graphics-drivers-tesla-450_450.191.01-2~deb11u1.debian.tar.xz
 756a1720a42c45cf831a0ee2b29699bf 8153 non-free/libs optional 
nvidia-graphics-drivers-tesla-450_450.191.01-2~deb11u1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJEBAEBCAAuFiEE6/MKMKjZxjvaRMaUX7M/k1np7QgFAmLAM7IQHGFuYmVAZGVi
aWFuLm9yZwAKCRBfsz+TWentCClAD/9Z0kX3+i4e0XVQxGwO+S3qMe3AkSatHexL
3z6AO65aZgybs6AcxkMUmnIYyeBDyc75PSFTw5CfdQNWkhCVmYI5BUbMGhqKcX0K
wYewaZ+gpRr4ic/6y01Ri9RW9w2DkpqE0s9URzMarwcj1vXTT0kr24RTuLrOHnMh
ZMdExmas0Z3RWcfL/mn4MppAdAB8CXbQFAuMUuC0MY26EFxUo96uLhE5wZTve1V8
rEOVxTHv4Z6jJN8E7DJDJnJgAIyb8uhgv7M9P9aGh4v3OVs2V3JCndITmdJ2u1H+
1ESiDJg1n8qpR7Ck/6hJCP5txGm7n5+6dMwM05wJD8FL5c8UGwzaWV0ddRcIGkRY
BYL9fyS9JuqX67HbIGfZjRb42S/RynWcZRP/RFCbjONzYrcUDZHuef4PJl3DV0lb
1aHUo4UQn3RG9w8/uAnyNXDvWjKrWpzoE/HPn37ZlHVPXBIIspdF8zwHj/O9JM1E
GV7ubWJI2p9PA0jiPSlOYL/uqcrtNqm8vTwO4ByixeQMahLLdkUPG6XKIazLz63l
t+TpExMEIpRtAPEchoVLUodBmCAXltJ3UyM+8JjXHU3IIKqeVub89dOIdqqyb8wj
UPtJIZsYqXeA7iiE/h5F+/97gzPXImZBKgJdyVMJPbXes2fq4K0Y/LCgUhlcUvwP
bM2g03TtGA==
=p3TM
-----END PGP SIGNATURE-----

--- End Message ---

Reply via email to