Source: nvidia-graphics-drivers Severity: serious Tags: security upstream X-Debbugs-Cc: Debian Security Team <t...@security.debian.org> Control: clone -1 -2 -3 -4 -5 -6 -7 -8 -9 -10 Control: reassign -2 src:nvidia-graphics-drivers-legacy-340xx 340.76-6 Control: retitle -2 nvidia-graphics-drivers-legacy-340xx: CVE-2023-0184, CVE-2023-0189, CVE-2023-0180, CVE-2023-0185, CVE-2023-0198, CVE-2023-0199, CVE-2023-0188, CVE-2023-0190, CVE-2023-0194, CVE-2023-0195, CVE-2023-0191 Control: tag -2 + wontfix Control: reassign -3 src:nvidia-graphics-drivers-legacy-390xx 390.48-4 Control: retitle -3 nvidia-graphics-drivers-legacy-390xx: CVE-2023-0184, CVE-2023-0189, CVE-2023-0180, CVE-2023-0185, CVE-2023-0198, CVE-2023-0199, CVE-2023-0188, CVE-2023-0190, CVE-2023-0194, CVE-2023-0195, CVE-2023-0191 Control: tag -3 + wontfix Control: reassign -4 src:nvidia-graphics-drivers-tesla-418 418.87.01-1 Control: retitle -4 nvidia-graphics-drivers-tesla-418: CVE-2023-0184, CVE-2023-0189, CVE-2023-0180, CVE-2023-0185, CVE-2023-0198, CVE-2023-0199, CVE-2023-0188, CVE-2023-0190, CVE-2023-0194, CVE-2023-0195, CVE-2023-0191 Control: tag -4 + wontfix Control: reassign -5 src:nvidia-graphics-drivers-tesla-450 450.51.05-1 Control: retitle -5 nvidia-graphics-drivers-tesla-450: CVE-2023-0184, CVE-2023-0189, CVE-2023-0180, CVE-2023-0185, CVE-2023-0198, CVE-2023-0199, CVE-2023-0188, CVE-2023-0190, CVE-2023-0194, CVE-2023-0195, CVE-2023-0191 Control: reassign -6 src:nvidia-graphics-drivers-tesla-460 460.32.03-1 Control: retitle -6 nvidia-graphics-drivers-tesla-460: CVE-2023-0184, CVE-2023-0189, CVE-2023-0180, CVE-2023-0185, CVE-2023-0187, CVE-2023-0198, CVE-2023-0199, CVE-2023-0188, CVE-2023-0190, CVE-2023-0194, CVE-2023-0195, CVE-2023-0191 Control: tag -6 + wontfix Control: close -6 460.106.00-3 Control: reassign -7 src:nvidia-graphics-drivers-tesla-470 470.57.02-1 Control: retitle -7 nvidia-graphics-drivers-tesla-470: CVE-2023-0184, CVE-2023-0189, CVE-2023-0180, CVE-2023-0185, CVE-2023-0187, CVE-2023-0198, CVE-2023-0199, CVE-2023-0188, CVE-2023-0190, CVE-2023-0194, CVE-2023-0195, CVE-2023-0191 Control: reassign -8 src:nvidia-graphics-drivers-tesla-510 510.47.03-1 Control: retitle -8 nvidia-graphics-drivers-tesla-510: CVE-2023-0184, CVE-2023-0189, CVE-2023-0180, CVE-2023-0183, CVE-2023-0185, CVE-2023-0187, CVE-2023-0198, CVE-2023-0199, CVE-2023-0188, CVE-2023-0190, CVE-2023-0194, CVE-2023-0195, CVE-2023-0191 Control: tag -8 + wontfix Control: close -8 510.85.02-2 Control: reassign -9 src:nvidia-graphics-drivers-tesla 510.85.02-1 Control: retitle -9 nvidia-graphics-drivers-tesla: CVE-2023-0184, CVE-2023-0189, CVE-2023-0180, CVE-2023-0183, CVE-2023-0185, CVE-2023-0187, CVE-2023-0198, CVE-2023-0199, CVE-2023-0188, CVE-2023-0190, CVE-2023-0194, CVE-2023-0195, CVE-2023-0191 Control: found -9 515.48.07-1 Control: found -9 525.60.13-1 Control: reassign -10 src:nvidia-open-gpu-kernel-modules 515.43.04-1 Control: retitle -10 nvidia-open-gpu-kernel-modules: CVE-2023-0184, CVE-2023-0189, CVE-2023-0180, CVE-2023-0183, CVE-2023-0185, CVE-2023-0187, CVE-2023-0198, CVE-2023-0199, CVE-2023-0188, CVE-2023-0190, CVE-2023-0194, CVE-2023-0195, CVE-2023-0191 Control: found -10 520.56.06-1 Control: found -10 525.85.12-1 Control: found -10 530.30.02-1 Control: found -1 340.24-1 Control: found -1 343.22-1 Control: found -1 396.18-1 Control: found -1 430.14-1 Control: found -1 455.23.04-1 Control: found -1 465.24.02-1 Control: found -1 495.44-1 Control: found -1 515.48.07-1 Control: found -1 520.56.06-1 Control: found -1 525.53-1 Control: found -1 530.30.02-1 Control: fixed -1 530.41.03-1
https://nvidia.custhelp.com/app/answers/detail/a_id/5452 CVE-2023-0189 NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, which may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering. CVE-2023-0184 NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer handler, which may lead to denial of service, escalation of privileges, information disclosure, and data tampering. CVE-2023-0181 NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in a kernel mode layer handler, where memory permissions are not correctly checked, which may lead to denial of service and data tampering. CVE-2023-0191 NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer handler, where an out-of-bounds access may lead to denial of service or data tampering. CVE-2023-0183 NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer where an out-of-bounds write can lead to denial of service and data tampering. CVE-2023-0180 NVIDIA GPU Display Driver for Linux contains a vulnerability in a kernel mode layer handler, which may lead to denial of service or information disclosure. CVE-2023-0185 NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer, where sign conversion issues may lead to denial of service or information disclosure. CVE-2023-0198 NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer, where improper restriction of operations within the bounds of a memory buffer can lead to denial of service, information disclosure, and data tampering. CVE-2023-0187 NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer handler, where an out-of-bounds read can lead to denial of service. CVE-2023-0199 NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer handler, where an out-of-bounds write can lead to denial of service and data tampering. CVE-2023-0190 NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer, where a NULL pointer dereference may lead to denial of service. CVE-2023-0188 NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer handler, where an unprivileged user can cause an out-of-bounds read, which may lead to denial of service. CVE-2023-0194 NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer driver, where an invalid display configuration may lead to denial of service. CVE-2023-0195 NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer driver, where an invalid display configuration may lead to information disclosure. Linux Driver Branch CVE IDs Addressed R530, R525, R515 CVE-2023-0184, CVE-2023-0189, CVE-2023-0180, CVE-2023-0183, CVE-2023-0185, CVE-2023-0187, CVE-2023-0198, CVE-2023-0199, CVE-2023-0188, CVE-2023-0190, CVE-2023-0194, CVE-2023-0195, CVE-2023-0191 R470 CVE-2023-0184, CVE-2023-0189, CVE-2023-0180, CVE-2023-0185, CVE-2023-0187, CVE-2023-0198, CVE-2023-0199, CVE-2023-0188, CVE-2023-0190, CVE-2023-0194, CVE-2023-0195, CVE-2023-0191 R450 CVE-2023-0184, CVE-2023-0189, CVE-2023-0180, CVE-2023-0185, CVE-2023-0198, CVE-2023-0199, CVE-2023-0188, CVE-2023-0190, CVE-2023-0194, CVE-2023-0195, CVE-2023-0191 Driver Branch Affected Driver Versions Updated Driver Version R530 All driver versions prior to 530.41.03 530.41.03 R525 All driver versions prior to 525.105.17 525.105.17 R515 All driver versions prior to 515.105.01 515.105.01 R470 All driver versions prior to 470.182.03 470.182.03 R450 All driver versions prior to 450.236.01 450.236.01 Andreas
