Bug#1025283: marked as done (nvidia-graphics-drivers-tesla-450: CVE-2022-34670, CVE-2022-34674, CVE-2022-34675, CVE-2022-34677, CVE-2022-34679, CVE-2022-34680, CVE-2022-34682, CVE-2022-42254, CVE-2022-42256, CVE-2022-42257, CVE-2022-42258, CVE-2022-42259, CVE-2022-42260, CVE-2022-42261, CVE-2022-42262, CVE-2022-42263, CVE-2022-42264)

[Debian Bug Tracking System]

Your message dated Sat, 10 Dec 2022 19:17:12 +0000
with message-id <e1p45lu-004rdn...@fasolo.debian.org>
and subject line Bug#1025283: fixed in nvidia-graphics-drivers-tesla-450 
450.216.04-1~deb11u1
has caused the Debian Bug report #1025283,
regarding nvidia-graphics-drivers-tesla-450: CVE-2022-34670, CVE-2022-34674, 
CVE-2022-34675, CVE-2022-34677, CVE-2022-34679, CVE-2022-34680, CVE-2022-34682, 
CVE-2022-42254, CVE-2022-42256, CVE-2022-42257, CVE-2022-42258, CVE-2022-42259, 
CVE-2022-42260, CVE-2022-42261, CVE-2022-42262, CVE-2022-42263, CVE-2022-42264
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
1025283: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1025283
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

--- Begin Message ---

Source: nvidia-graphics-drivers
Severity: serious
Tags: security upstream
Control: clone -1 -2 -3 -4 -5 -6 -7 -8 -9
Control: reassign -2 src:nvidia-graphics-drivers-legacy-340xx 340.76-6
Control: retitle -2 nvidia-graphics-drivers-legacy-340xx: CVE-2022-34670, 
CVE-2022-34674, CVE-2022-34675, CVE-2022-34677, CVE-2022-34680, CVE-2022-42257, 
CVE-2022-42258, CVE-2022-42259
Control: tag -2 + wontfix
Control: reassign -3 src:nvidia-graphics-drivers-legacy-390xx 390.48-4
Control: retitle -3 nvidia-graphics-drivers-legacy-390xx: CVE-2022-34670, 
CVE-2022-34674, CVE-2022-34675, CVE-2022-34677, CVE-2022-34680, CVE-2022-42257, 
CVE-2022-42258, CVE-2022-42259
Control: reassign -4 src:nvidia-graphics-drivers-tesla-418 418.87.01-1
Control: retitle -4 nvidia-graphics-drivers-tesla-418: CVE-2022-34670, 
CVE-2022-34674, CVE-2022-34675, CVE-2022-34677, CVE-2022-34679, CVE-2022-34680, 
CVE-2022-34682, CVE-2022-42254, CVE-2022-42256, CVE-2022-42257, CVE-2022-42258, 
CVE-2022-42259, CVE-2022-42260, CVE-2022-42261, CVE-2022-42262, CVE-2022-42263, 
CVE-2022-42264
Control: tag -4 + wontfix
Control: reassign -5 src:nvidia-graphics-drivers-tesla-450 450.51.05-1
Control: retitle -5 nvidia-graphics-drivers-tesla-450: CVE-2022-34670, 
CVE-2022-34674, CVE-2022-34675, CVE-2022-34677, CVE-2022-34679, CVE-2022-34680, 
CVE-2022-34682, CVE-2022-42254, CVE-2022-42256, CVE-2022-42257, CVE-2022-42258, 
CVE-2022-42259, CVE-2022-42260, CVE-2022-42261, CVE-2022-42262, CVE-2022-42263, 
CVE-2022-42264
Control: reassign -6 src:nvidia-graphics-drivers-tesla-460 460.32.03-1
Control: retitle -6 nvidia-graphics-drivers-tesla-460: CVE-2022-34670, 
CVE-2022-34674, CVE-2022-34675, CVE-2022-34677, CVE-2022-34679, CVE-2022-34680, 
CVE-2022-34682, CVE-2022-42254, CVE-2022-42255, CVE-2022-42256, CVE-2022-42257, 
CVE-2022-42258, CVE-2022-42259, CVE-2022-42260, CVE-2022-42261, CVE-2022-42262, 
CVE-2022-42263, CVE-2022-42264
Control: tag -6 + wontfix
Control: close -6 460.106.00-3
Control: reassign -7 src:nvidia-graphics-drivers-tesla-470 470.57.02-1
Control: retitle -7 nvidia-graphics-drivers-tesla-470: CVE-2022-34670, 
CVE-2022-34674, CVE-2022-34675, CVE-2022-34677, CVE-2022-34679, CVE-2022-34680, 
CVE-2022-34682, CVE-2022-42254, CVE-2022-42255, CVE-2022-42256, CVE-2022-42257, 
CVE-2022-42258, CVE-2022-42259, CVE-2022-42260, CVE-2022-42261, CVE-2022-42262, 
CVE-2022-42263, CVE-2022-42264
Control: reassign -8 src:nvidia-graphics-drivers-tesla-510 510.47.03-1
Control: retitle -8 nvidia-graphics-drivers-tesla-510: CVE-2022-34670, 
CVE-2022-34674, CVE-2022-34675, CVE-2022-34677, CVE-2022-34679, CVE-2022-34680, 
CVE-2022-34682, CVE-2022-34684, CVE-2022-42254, CVE-2022-42255, CVE-2022-42256, 
CVE-2022-42257, CVE-2022-42258, CVE-2022-42259, CVE-2022-42260, CVE-2022-42261, 
CVE-2022-42262, CVE-2022-42263, CVE-2022-42264
Control: reassign -9 src:nvidia-graphics-drivers-tesla 510.85.02-1
Control: retitle -9 nvidia-graphics-drivers-tesla: CVE-2022-34670, 
CVE-2022-34674, CVE-2022-34675, CVE-2022-34677, CVE-2022-34679, CVE-2022-34680, 
CVE-2022-34682, CVE-2022-34684, CVE-2022-42254, CVE-2022-42255, CVE-2022-42256, 
CVE-2022-42257, CVE-2022-42258, CVE-2022-42259, CVE-2022-42260, CVE-2022-42261, 
CVE-2022-42262, CVE-2022-42263, CVE-2022-42264
Control: found -1 340.24-1
Control: found -1 343.22-1
Control: found -1 396.18-1
Control: found -1 430.14-1
Control: found -1 455.23.04-1
Control: found -1 465.24.02-1
Control: found -1 495.44-1
Control: found -1 515.48.07-1

https://nvidia.custhelp.com/app/answers/detail/a_id/5415

CVE-2022-34670  NVIDIA GPU Display Driver for Linux contains a
vulnerability in the kernel mode layer handler, where an unprivileged
regular user can cause truncation errors when casting a primitive to a
primitive of smaller size causes data to be lost in the conversion,
which may lead to denial of service or information disclosure.

CVE-2022-42263  NVIDIA GPU Display Driver for Linux contains a
vulnerability in the kernel mode layer handler, where an Integer
overflow may lead to denial of service or information disclosure.

CVE-2022-34676  NVIDIA GPU Display Driver for Linux contains a
vulnerability in the kernel mode layer handler, where an out-of-bounds
read may lead to denial of service, information disclosure, or data
tampering.

CVE-2022-42264  NVIDIA GPU Display Driver for Linux contains a
vulnerability in the kernel mode layer, where an unprivileged regular
user can cause the use of an out-of-range pointer offset, which may lead
to data tampering, data loss, information disclosure, or denial of
service.

CVE-2022-34674  NVIDIA GPU Display Driver for Linux contains a
vulnerability in the kernel mode layer handler, where a helper function
maps more physical pages than were requested, which may lead to
undefined behavior or an information leak.

CVE-2022-34678  NVIDIA GPU Display Driver for Windows and Linux contains
a vulnerability in the kernel mode layer, where an unprivileged user can
cause a null-pointer dereference, which may lead to denial of service.

CVE-2022-34679  NVIDIA GPU Display Driver for Linux contains a
vulnerability in the kernel mode layer handler, where an unhandled
return value can lead to a null-pointer dereference, which may lead to
denial of service.

CVE-2022-34680  NVIDIA GPU Display Driver for Linux contains a
vulnerability in the kernel mode layer handler, where an integer
truncation can lead to an out-of-bounds read, which may lead to denial
of service.

CVE-2022-34677  NVIDIA GPU Display Driver for Linux contains a
vulnerability in the kernel mode layer handler, where an unprivileged
regular user can cause an integer to be truncated, which may lead to
denial of service or data tampering.

CVE-2022-34682  NVIDIA GPU Display Driver for Linux contains a
vulnerability in the kernel mode layer, where an unprivileged regular
user can cause a null-pointer dereference, which may lead to denial of
service.

CVE-2022-42257  NVIDIA GPU Display Driver for Linux contains a
vulnerability in the kernel mode layer (nvidia.ko), where an integer
overflow may lead to information disclosure, data tampering or denial of
service.

CVE-2022-42265  NVIDIA GPU Display Driver for Linux contains a
vulnerability in the kernel mode layer (nvidia.ko), where an integer
overflow may lead to information disclosure or data tampering.

CVE-2022-34684  NVIDIA GPU Display Driver for Linux contains a
vulnerability in the kernel mode layer (nvidia.ko), where an off-by-one
error may lead to data tampering or information disclosure.

CVE-2022-42254  NVIDIA GPU Display Driver for Linux contains a
vulnerability in the kernel mode layer (nvidia.ko), where an
out-of-bounds array access may lead to denial of service, data
tampering, or information disclosure.

CVE-2022-42258  NVIDIA GPU Display Driver for Linux contains a
vulnerability in the kernel mode layer (nvidia.ko), where an integer
overflow may lead to denial of service, data tampering, or information
disclosure.

CVE-2022-42255  NVIDIA GPU Display Driver for Linux contains a
vulnerability in the kernel mode layer (nvidia.ko), where an
out-of-bounds array access may lead to denial of service, information
disclosure, or data tampering.

CVE-2022-42256  NVIDIA GPU Display Driver for Linux contains a
vulnerability in the kernel mode layer (nvidia.ko), where an integer
overflow in index validation may lead to denial of service, information
disclosure, or data tampering.

CVE-2022-34673  NVIDIA GPU Display Driver for Linux contains a
vulnerability in the kernel mode layer (nvidia.ko), where an
out-of-bounds array access may lead to denial of service, information
disclosure, or data tampering.

CVE-2022-42259  NVIDIA GPU Display Driver for Linux contains a
vulnerability in the kernel mode layer (nvidia.ko), where an integer
overflow may lead to denial of service.


Linux Driver Branch     CVE IDs Addressed
R515    CVE-2022-34670, CVE-2022-34673, CVE-2022-34674, CVE-2022-34675,
        CVE-2022-34677, CVE-2022-34679, CVE-2022-34680, CVE-2022-34682,
        CVE-2022-34684, CVE-2022-42254, CVE-2022-42255, CVE-2022-42256,
        CVE-2022-42257, CVE-2022-42258, CVE-2022-42259, CVE-2022-42263,
        CVE-2022-42264, CVE-2022-42265
R510    CVE-2022-34670, CVE-2022-34674, CVE-2022-34675, CVE-2022-34677,
        CVE-2022-34679, CVE-2022-34680, CVE-2022-34682, CVE-2022-34684,
        CVE-2022-42254, CVE-2022-42255, CVE-2022-42256, CVE-2022-42257,
        CVE-2022-42258, CVE-2022-42259, CVE-2022-42260, CVE-2022-42261,
        CVE-2022-42262, CVE-2022-42263, CVE-2022-42264
R470    CVE-2022-34670, CVE-2022-34674, CVE-2022-34675, CVE-2022-34677,
        CVE-2022-34679, CVE-2022-34680, CVE-2022-34682, CVE-2022-42254,
        CVE-2022-42255, CVE-2022-42256, CVE-2022-42257, CVE-2022-42258,
        CVE-2022-42259, CVE-2022-42260, CVE-2022-42261, CVE-2022-42262,
        CVE-2022-42263, CVE-2022-42264
R450    CVE-2022-34670, CVE-2022-34674, CVE-2022-34675, CVE-2022-34677,
        CVE-2022-34679, CVE-2022-34680, CVE-2022-34682, CVE-2022-42254,
        CVE-2022-42256, CVE-2022-42257, CVE-2022-42258, CVE-2022-42259,
        CVE-2022-42260, CVE-2022-42261, CVE-2022-42262, CVE-2022-42263,
        CVE-2022-42264
R390    CVE-2022-34670, CVE-2022-34674, CVE-2022-34675, CVE-2022-34677,
        CVE-2022-34680, CVE-2022-42257, CVE-2022-42258, CVE-2022-42259


Andreas

--- End Message ---

--- Begin Message ---

Source: nvidia-graphics-drivers-tesla-450
Source-Version: 450.216.04-1~deb11u1
Done: Andreas Beckmann <a...@debian.org>

We believe that the bug you reported is fixed in the latest version of
nvidia-graphics-drivers-tesla-450, which is due to be installed in the Debian 
FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 1025...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Andreas Beckmann <a...@debian.org> (supplier of updated 
nvidia-graphics-drivers-tesla-450 package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Sat, 10 Dec 2022 01:53:07 +0100
Source: nvidia-graphics-drivers-tesla-450
Architecture: source
Version: 450.216.04-1~deb11u1
Distribution: bullseye
Urgency: medium
Maintainer: Debian NVIDIA Maintainers <pkg-nvidia-de...@lists.alioth.debian.org>
Changed-By: Andreas Beckmann <a...@debian.org>
Closes: 1025283
Changes:
 nvidia-graphics-drivers-tesla-450 (450.216.04-1~deb11u1) bullseye; 
urgency=medium
 .
   * Rebuild for bullseye.
 .
 nvidia-graphics-drivers-tesla-450 (450.216.04-1) unstable; urgency=medium
 .
   * New upstream Tesla release 450.203.03 (2022-11-22).
     * Fixed CVE-2022-34670, CVE-2022-34674, CVE-2022-34675, CVE-2022-34677,
       CVE-2022-34679, CVE-2022-34680, CVE-2022-34682, CVE-2022-42254,
       CVE-2022-42256, CVE-2022-42257, CVE-2022-42258, CVE-2022-42259,
       CVE-2022-42260, CVE-2022-42261, CVE-2022-42262, CVE-2022-42263,
       CVE-2022-42264.  (Closes: #1025283)
       https://nvidia.custhelp.com/app/answers/detail/a_id/5415
     - Improved performance on GPUs which are experiencing a high number
       of correctable ECC memory errors.
     * Improved compatibility with recent Linux kernels.
   * New upstream Tesla release (amd64 only) 450.203.08 (2022-10-19).
 .
   [ Andreas Beckmann ]
   * Refresh patches.
   * Add missing #includes to fix kernel module build for ppc64el.
   * Rename the internally used ARCH variable which might clash on externally
     set values.
   * Use substitutions for ${nvidia-kernel} and friends (510.108.03-1).
   * Try to compile a kernel module at package build time (510.108.03-1).
 .
 nvidia-graphics-drivers-tesla-450 (450.203.03-2) unstable; urgency=medium
 .
   * Backport acpi changes from 510.85.02 and 515.65.01, drm_frambuffer.h
     changes from 515.76 to fix kernel module build for Linux 6.0.
   * Add support for unversioned Tesla packages (tesla 510.85.02-1).
Checksums-Sha1:
 1db19b193f9135d6caddd308c95d6a46e75217a6 7968 
nvidia-graphics-drivers-tesla-450_450.216.04-1~deb11u1.dsc
 9ba29776e4016ebcc0f093523eeae027c17342c5 201356 
nvidia-graphics-drivers-tesla-450_450.216.04-1~deb11u1.debian.tar.xz
 c9a0e3c5e2814df98e42ccf21e4937d32585811b 8416 
nvidia-graphics-drivers-tesla-450_450.216.04-1~deb11u1_source.buildinfo
Checksums-Sha256:
 97d8cae5c586701da660dedf7d2bc81b77d521e8de36fab5a355dc16a13ebc20 7968 
nvidia-graphics-drivers-tesla-450_450.216.04-1~deb11u1.dsc
 86709c281af212c68b40a91d45e405c31aef12401c450d26e066fe334ed9f2e8 201356 
nvidia-graphics-drivers-tesla-450_450.216.04-1~deb11u1.debian.tar.xz
 28f27995fc1501b9e3da761d2e3ef40dbdfb859772dded35ee2ef1c640958727 8416 
nvidia-graphics-drivers-tesla-450_450.216.04-1~deb11u1_source.buildinfo
Files:
 37a1fdd9049716d2597d3cb24baca087 7968 non-free/libs optional 
nvidia-graphics-drivers-tesla-450_450.216.04-1~deb11u1.dsc
 fc417c7e7f222d1c798e0fdb48a33259 201356 non-free/libs optional 
nvidia-graphics-drivers-tesla-450_450.216.04-1~deb11u1.debian.tar.xz
 7056b69dc8e8ba558e425ec88ab1e101 8416 non-free/libs optional 
nvidia-graphics-drivers-tesla-450_450.216.04-1~deb11u1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJEBAEBCAAuFiEE6/MKMKjZxjvaRMaUX7M/k1np7QgFAmOT2TYQHGFuYmVAZGVi
aWFuLm9yZwAKCRBfsz+TWentCAPuD/48CDZmAeL56oNN9b0pp706Bvmkz8JCeym3
vRNq5+9eyZniEXz0bI6dZQDpnOJQOMoLB2hd++LIDauJcVaOkDUvWzyaFfdhJp6g
8mGWebwWuiYbO7s/Mv9uFFIsyigtqWHMcCXk3xeEQ3lRG2ThfY0S7iQGUDOwtCmN
oCYkyi1OWCu9DG/6T/uQP/alNkNTGFIEwQJW7wglcBNK/vAGiJcBev+5cLDYgDQs
r2QztZ/zPmo/eif6jxWkjuhn269RCUM2vJtfUM4/ieQwqrMQrZpx6ZvdIcKmKUkP
BC4AE+vdcBab3dF64ok9yxlG5RVQlRFKivTahoNUTm/5/8aSLyz0kjOOnEI31sdn
MUutn/HYFNJRf2UInUu81vv7ksukvo45lcztpi2x3mouwXxb0rEQ/g/tNmy3b9Qj
jdiZdKEM9fHwp/4rFixRjZG3YH6OvsDBd095WzxyfMfR7e9ZGV8CFQ+ijpz8FUTu
rhf63xWLGzWEtEF774ajPm8OugxugeOdo68PyZYzCLFYvD/9vA4iQPgD+90vKDZI
76K1LbwG+gpNZXRmUvnAc4Ich/egol7jvNDHhMl4ltkI3aE08IZcKj7hU37DF43w
aLEMgogRSb+J08wqyWNstOqVqLJ7GlrD+RT9HJ+kdDMacbeLL5ZH61AKCQW+5600
lTjIrSDo9Q==
=+3h7
-----END PGP SIGNATURE-----

--- End Message ---