Bug#1033774: marked as done (nvidia-graphics-drivers: CVE-2023-0184, CVE-2023-0189, CVE-2023-0180, CVE-2023-0183, CVE-2023-0185, CVE-2023-0187, CVE-2023-0198, CVE-2023-0199, CVE-2023-0188, CVE-2023-0190, CVE-2023-0194, CVE-2023-0195, CVE-2023-0191)

Sat, 15 Apr 2023 02:09:16 -0700 

Your message dated Sat, 15 Apr 2023 09:04:49 +0000
with message-id <e1pnbpx-00f4d4...@fasolo.debian.org>
and subject line Bug#1033774: fixed in nvidia-graphics-drivers 525.105.17-1
has caused the Debian Bug report #1033774,
regarding nvidia-graphics-drivers: CVE-2023-0184, CVE-2023-0189, CVE-2023-0180, 
CVE-2023-0183, CVE-2023-0185, CVE-2023-0187, CVE-2023-0198, CVE-2023-0199, 
CVE-2023-0188, CVE-2023-0190, CVE-2023-0194, CVE-2023-0195, CVE-2023-0191
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
1033774: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033774
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message --- 
Source: nvidia-graphics-drivers
Severity: serious
Tags: security upstream
X-Debbugs-Cc: Debian Security Team <t...@security.debian.org>
Control: clone -1 -2 -3 -4 -5 -6 -7 -8 -9 -10
Control: reassign -2 src:nvidia-graphics-drivers-legacy-340xx 340.76-6
Control: retitle -2 nvidia-graphics-drivers-legacy-340xx: CVE-2023-0184, 
CVE-2023-0189, CVE-2023-0180, CVE-2023-0185, CVE-2023-0198, CVE-2023-0199, 
CVE-2023-0188, CVE-2023-0190, CVE-2023-0194, CVE-2023-0195, CVE-2023-0191
Control: tag -2 + wontfix
Control: reassign -3 src:nvidia-graphics-drivers-legacy-390xx 390.48-4
Control: retitle -3 nvidia-graphics-drivers-legacy-390xx: CVE-2023-0184, 
CVE-2023-0189, CVE-2023-0180, CVE-2023-0185, CVE-2023-0198, CVE-2023-0199, 
CVE-2023-0188, CVE-2023-0190, CVE-2023-0194, CVE-2023-0195, CVE-2023-0191
Control: tag -3 + wontfix
Control: reassign -4 src:nvidia-graphics-drivers-tesla-418 418.87.01-1
Control: retitle -4 nvidia-graphics-drivers-tesla-418: CVE-2023-0184, 
CVE-2023-0189, CVE-2023-0180, CVE-2023-0185, CVE-2023-0198, CVE-2023-0199, 
CVE-2023-0188, CVE-2023-0190, CVE-2023-0194, CVE-2023-0195, CVE-2023-0191
Control: tag -4 + wontfix
Control: reassign -5 src:nvidia-graphics-drivers-tesla-450 450.51.05-1
Control: retitle -5 nvidia-graphics-drivers-tesla-450: CVE-2023-0184, 
CVE-2023-0189, CVE-2023-0180, CVE-2023-0185, CVE-2023-0198, CVE-2023-0199, 
CVE-2023-0188, CVE-2023-0190, CVE-2023-0194, CVE-2023-0195, CVE-2023-0191
Control: reassign -6 src:nvidia-graphics-drivers-tesla-460 460.32.03-1
Control: retitle -6 nvidia-graphics-drivers-tesla-460: CVE-2023-0184, 
CVE-2023-0189, CVE-2023-0180, CVE-2023-0185, CVE-2023-0187, CVE-2023-0198, 
CVE-2023-0199, CVE-2023-0188, CVE-2023-0190, CVE-2023-0194, CVE-2023-0195, 
CVE-2023-0191
Control: tag -6 + wontfix
Control: close -6 460.106.00-3
Control: reassign -7 src:nvidia-graphics-drivers-tesla-470 470.57.02-1
Control: retitle -7 nvidia-graphics-drivers-tesla-470: CVE-2023-0184, 
CVE-2023-0189, CVE-2023-0180, CVE-2023-0185, CVE-2023-0187, CVE-2023-0198, 
CVE-2023-0199, CVE-2023-0188, CVE-2023-0190, CVE-2023-0194, CVE-2023-0195, 
CVE-2023-0191
Control: reassign -8 src:nvidia-graphics-drivers-tesla-510 510.47.03-1
Control: retitle -8 nvidia-graphics-drivers-tesla-510: CVE-2023-0184, 
CVE-2023-0189, CVE-2023-0180, CVE-2023-0183, CVE-2023-0185, CVE-2023-0187, 
CVE-2023-0198, CVE-2023-0199, CVE-2023-0188, CVE-2023-0190, CVE-2023-0194, 
CVE-2023-0195, CVE-2023-0191
Control: tag -8 + wontfix
Control: close -8 510.85.02-2
Control: reassign -9 src:nvidia-graphics-drivers-tesla 510.85.02-1
Control: retitle -9 nvidia-graphics-drivers-tesla: CVE-2023-0184, 
CVE-2023-0189, CVE-2023-0180, CVE-2023-0183, CVE-2023-0185, CVE-2023-0187, 
CVE-2023-0198, CVE-2023-0199, CVE-2023-0188, CVE-2023-0190, CVE-2023-0194, 
CVE-2023-0195, CVE-2023-0191
Control: found -9 515.48.07-1
Control: found -9 525.60.13-1
Control: reassign -10 src:nvidia-open-gpu-kernel-modules 515.43.04-1
Control: retitle -10 nvidia-open-gpu-kernel-modules: CVE-2023-0184, 
CVE-2023-0189, CVE-2023-0180, CVE-2023-0183, CVE-2023-0185, CVE-2023-0187, 
CVE-2023-0198, CVE-2023-0199, CVE-2023-0188, CVE-2023-0190, CVE-2023-0194, 
CVE-2023-0195, CVE-2023-0191
Control: found -10 520.56.06-1
Control: found -10 525.85.12-1
Control: found -10 530.30.02-1
Control: found -1 340.24-1
Control: found -1 343.22-1
Control: found -1 396.18-1
Control: found -1 430.14-1
Control: found -1 455.23.04-1
Control: found -1 465.24.02-1
Control: found -1 495.44-1
Control: found -1 515.48.07-1
Control: found -1 520.56.06-1
Control: found -1 525.53-1
Control: found -1 530.30.02-1
Control: fixed -1 530.41.03-1

https://nvidia.custhelp.com/app/answers/detail/a_id/5452

CVE-2023-0189   NVIDIA GPU Display Driver for Linux contains a
vulnerability in the kernel mode layer handler, which may lead to code
execution, denial of service, escalation of privileges, information
disclosure, and data tampering.

CVE-2023-0184   NVIDIA GPU Display Driver for Windows and Linux contains
a vulnerability in the kernel mode layer handler, which may lead to
denial of service, escalation of privileges, information disclosure, and
data tampering.

CVE-2023-0181   NVIDIA GPU Display Driver for Windows and Linux contains
a vulnerability in a kernel mode layer handler, where memory permissions
are not correctly checked, which may lead to denial of service and data
tampering.

CVE-2023-0191   NVIDIA GPU Display Driver for Windows and Linux contains
a vulnerability in the kernel mode layer handler, where an out-of-bounds
access may lead to denial of service or data tampering.

CVE-2023-0183   NVIDIA GPU Display Driver for Linux contains a
vulnerability in the kernel mode layer where an out-of-bounds write can
lead to denial of service and data tampering.

CVE-2023-0180   NVIDIA GPU Display Driver for Linux contains a
vulnerability in a kernel mode layer handler, which may lead to denial
of service or information disclosure.

CVE-2023-0185   NVIDIA GPU Display Driver for Linux contains a
vulnerability in the kernel mode layer, where sign conversion issues may
lead to denial of service or information disclosure.

CVE-2023-0198   NVIDIA GPU Display Driver for Linux contains a
vulnerability in the kernel mode layer, where improper restriction of
operations within the bounds of a memory buffer can lead to denial of
service, information disclosure, and data tampering.

CVE-2023-0187   NVIDIA GPU Display Driver for Windows and Linux contains
a vulnerability in the kernel mode layer handler, where an out-of-bounds
read can lead to denial of service.

CVE-2023-0199   NVIDIA GPU Display Driver for Windows and Linux contains
a vulnerability in the kernel mode layer handler, where an out-of-bounds
write can lead to denial of service and data tampering.

CVE-2023-0190   NVIDIA GPU Display Driver for Linux contains a
vulnerability in the kernel mode layer, where a NULL pointer dereference
may lead to denial of service.

CVE-2023-0188   NVIDIA GPU Display Driver for Windows and Linux contains
a vulnerability in the kernel mode layer handler, where an unprivileged
user can cause an out-of-bounds read, which may lead to denial of
service.

CVE-2023-0194   NVIDIA GPU Display Driver for Windows and Linux contains
a vulnerability in the kernel mode layer driver, where an invalid
display configuration may lead to denial of service.

CVE-2023-0195   NVIDIA GPU Display Driver for Windows and Linux contains
a vulnerability in the kernel mode layer driver, where an invalid
display configuration may lead to information disclosure.


Linux Driver Branch     CVE IDs Addressed

R530, R525, R515        CVE-2023-0184, CVE-2023-0189, CVE-2023-0180,
                        CVE-2023-0183, CVE-2023-0185, CVE-2023-0187,
                        CVE-2023-0198, CVE-2023-0199, CVE-2023-0188,
                        CVE-2023-0190, CVE-2023-0194, CVE-2023-0195,
                        CVE-2023-0191

R470                    CVE-2023-0184, CVE-2023-0189, CVE-2023-0180,
                        CVE-2023-0185, CVE-2023-0187, CVE-2023-0198,
                        CVE-2023-0199, CVE-2023-0188, CVE-2023-0190,
                        CVE-2023-0194, CVE-2023-0195, CVE-2023-0191

R450                    CVE-2023-0184, CVE-2023-0189, CVE-2023-0180,
                        CVE-2023-0185, CVE-2023-0198, CVE-2023-0199,
                        CVE-2023-0188, CVE-2023-0190, CVE-2023-0194,
                        CVE-2023-0195, CVE-2023-0191


Driver Branch   Affected Driver Versions                        Updated Driver 
Version
R530            All driver versions prior to 530.41.03          530.41.03
R525            All driver versions prior to 525.105.17         525.105.17
R515            All driver versions prior to 515.105.01         515.105.01
R470            All driver versions prior to 470.182.03         470.182.03
R450            All driver versions prior to 450.236.01         450.236.01


Andreas

--- End Message ---
--- Begin Message --- 
Source: nvidia-graphics-drivers
Source-Version: 525.105.17-1
Done: Andreas Beckmann <a...@debian.org>

We believe that the bug you reported is fixed in the latest version of
nvidia-graphics-drivers, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 1033...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Andreas Beckmann <a...@debian.org> (supplier of updated nvidia-graphics-drivers 
package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Sat, 15 Apr 2023 10:33:15 +0200
Source: nvidia-graphics-drivers
Architecture: source
Version: 525.105.17-1
Distribution: unstable
Urgency: medium
Maintainer: Debian NVIDIA Maintainers <pkg-nvidia-de...@lists.alioth.debian.org>
Changed-By: Andreas Beckmann <a...@debian.org>
Closes: 1033774
Changes:
 nvidia-graphics-drivers (525.105.17-1) unstable; urgency=medium
 .
   * New upstream production branch release 525.105.17 (2023-03-30).
     * Fixed CVE-2023-0184, CVE-2023-0189, CVE-2023-0180, CVE-2023-0183,
       CVE-2023-0185, CVE-2023-0187, CVE-2023-0198, CVE-2023-0199,
       CVE-2023-0188, CVE-2023-0190, CVE-2023-0194, CVE-2023-0195,
       CVE-2023-0191.  (Closes: #1033774)
       https://nvidia.custhelp.com/app/answers/detail/a_id/5452
     - Fixed a bug that could cause excessive GPU power consumption at idle
       when driving multiple displays with a high refresh rate.
     - Fixed a bug in nvidia-powerd which could cause excessive CPU usage.
     - Fixed an issue which could cause applications to run at 1 FPS when
       using an NVIDIA PRIME Display Offload sink as the only active display.
     - Added compatibility for Linux kernels with Indirect Branch Tracking
       (IBT).
 .
   [ Andreas Beckmann ]
   * Refresh patches.
   * Update nv-readme.ids.
   * Updated Turkish (tr) debconf translations by Atila KOÇ.
Checksums-Sha1:
 686ff99bd46862aa7a5ce5e13554ab6829ab8f51 6948 
nvidia-graphics-drivers_525.105.17-1.dsc
 541acbad87c2416be1d9a6b8830b7e8e328bc989 414584730 
nvidia-graphics-drivers_525.105.17.orig-amd64.tar.gz
 0a5b16360d479598e575d6befd1aa950db4d86e3 263002927 
nvidia-graphics-drivers_525.105.17.orig-arm64.tar.gz
 534a2da00a69cac8aada69b87d48e6bbe2298d62 140 
nvidia-graphics-drivers_525.105.17.orig.tar.gz
 3fa9faae5f160bae6e85ac9075b8b24fc0c2c66b 216616 
nvidia-graphics-drivers_525.105.17-1.debian.tar.xz
 bfa3992b42f6439c6f644dd64ef56a1dda008058 5636 
nvidia-graphics-drivers_525.105.17-1_source.buildinfo
Checksums-Sha256:
 aaf0aef3d8f4291611c7a15a0e0576d64e5a8c76039f64b09333f6e59286fcf2 6948 
nvidia-graphics-drivers_525.105.17-1.dsc
 d67db89191c3650cadde44e6f949b696c4948d4e33c2ac25716935fbb9a24dc4 414584730 
nvidia-graphics-drivers_525.105.17.orig-amd64.tar.gz
 0b9a88a568f7b0a03f0d10bbdd844616a19b225c0b49f203122577039fe4a313 263002927 
nvidia-graphics-drivers_525.105.17.orig-arm64.tar.gz
 502f0ffc54b85beda75ad2b26310715661de0e0826c136c0874c9315b3bae2fc 140 
nvidia-graphics-drivers_525.105.17.orig.tar.gz
 6bc67f9da9c261b4f1e55ca50c97fc2c0252ca4ca7b0e92a639596c1e0a47713 216616 
nvidia-graphics-drivers_525.105.17-1.debian.tar.xz
 96a616220ace8988a80a53344a4c14ab3810146b568e72655bfce37e154cfd40 5636 
nvidia-graphics-drivers_525.105.17-1_source.buildinfo
Files:
 7562c2e7aec6b951ca628f7641f743a4 6948 non-free/libs optional 
nvidia-graphics-drivers_525.105.17-1.dsc
 9ebba7b9d6989f96d6983f3a20908ea4 414584730 non-free/libs optional 
nvidia-graphics-drivers_525.105.17.orig-amd64.tar.gz
 3984936fdc8b02676cf7426b269db3a2 263002927 non-free/libs optional 
nvidia-graphics-drivers_525.105.17.orig-arm64.tar.gz
 4d5d29f2520137824ef368dea2776a9b 140 non-free/libs optional 
nvidia-graphics-drivers_525.105.17.orig.tar.gz
 58741a2eea9f95a4a8a5fc69d58140f0 216616 non-free/libs optional 
nvidia-graphics-drivers_525.105.17-1.debian.tar.xz
 423c80f2973924afcbcdac91fafb83be 5636 non-free/libs optional 
nvidia-graphics-drivers_525.105.17-1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJEBAEBCAAuFiEE6/MKMKjZxjvaRMaUX7M/k1np7QgFAmQ6YfgQHGFuYmVAZGVi
aWFuLm9yZwAKCRBfsz+TWentCO/KD/4zFmvcLClLovQS0AjM+G/N9n0b44cWoVkU
rxZNSMITnPudabENEhnJsN/vLV2KRiiK6TiBa3AVIFEH3PdDHNIUctDMnilRnvln
qmUJjx80qHIB0dR9jm4I+GG/GockQtcZ5cWFGNlRV2/dXL6fg7cPoJNq01jwAEa9
j+xv/gwuHMiu/NgsR/YHUPs9pICVBPZY5VJG0tISlec0NGsEmzZDDrH+tMFu5tmy
iKk/nBucUB9AXohXvo7Oy4+R22QF2TfZGqDZOjKDZTTVUWvYnkbPk+Zp0rBT2/Xi
vXymnkt9KlBCED9KMphtuyZNt6iSImJv0TNlB9HItWlHV1eVkbii3EFTK534d9Ec
YjfKkZ6tKWDC2rBgpA/CZVJdllyb9dJeW7gshHMbYONE++O9monsOXDKksU0n4vl
cNcKSLUxtSpigWpTUaMF3v4VUEpWMKoXEzV5DRBSwsy+2vEpDfUG1p9qWM3D1nvx
6+yavS08zTKHHgbz8WulzkNiX3MXEivFUxjzEga/x15ZtapF89IcBfClyzS0KuwU
odzV2DeM0OxF0EhVJpCgpbEvOWZxGvqHi4qG+mjG8sdETWS3yjNht8CAAOxz1trS
zJ9rS8BuPNA+lkv5AEFT0YdZ3um3Cj7GCArIZkLdYUB+HnL8gc5ADqM+H5w6wCR8
1t930w4GmA==
=7xQg
-----END PGP SIGNATURE-----

--- End Message ---

Reply via email to