Bug#1033782: marked as done (nvidia-graphics-drivers-tesla: CVE-2023-0184, CVE-2023-0189, CVE-2023-0180, CVE-2023-0183, CVE-2023-0185, CVE-2023-0187, CVE-2023-0198, CVE-2023-0199, CVE-2023-0188, CVE-2023-0190, CVE-2023-0194, CVE-2023-0195, CVE-2023-0191)

Sat, 15 Apr 2023 14:24:27 -0700 

Your message dated Sat, 15 Apr 2023 21:20:05 +0000
with message-id <e1pnnjv-0001gt...@fasolo.debian.org>
and subject line Bug#1033782: fixed in nvidia-graphics-drivers-tesla 
525.105.17-1
has caused the Debian Bug report #1033782,
regarding nvidia-graphics-drivers-tesla: CVE-2023-0184, CVE-2023-0189, 
CVE-2023-0180, CVE-2023-0183, CVE-2023-0185, CVE-2023-0187, CVE-2023-0198, 
CVE-2023-0199, CVE-2023-0188, CVE-2023-0190, CVE-2023-0194, CVE-2023-0195, 
CVE-2023-0191
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
1033782: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033782
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message --- 
Source: nvidia-graphics-drivers
Severity: serious
Tags: security upstream
X-Debbugs-Cc: Debian Security Team <t...@security.debian.org>
Control: clone -1 -2 -3 -4 -5 -6 -7 -8 -9 -10
Control: reassign -2 src:nvidia-graphics-drivers-legacy-340xx 340.76-6
Control: retitle -2 nvidia-graphics-drivers-legacy-340xx: CVE-2023-0184, 
CVE-2023-0189, CVE-2023-0180, CVE-2023-0185, CVE-2023-0198, CVE-2023-0199, 
CVE-2023-0188, CVE-2023-0190, CVE-2023-0194, CVE-2023-0195, CVE-2023-0191
Control: tag -2 + wontfix
Control: reassign -3 src:nvidia-graphics-drivers-legacy-390xx 390.48-4
Control: retitle -3 nvidia-graphics-drivers-legacy-390xx: CVE-2023-0184, 
CVE-2023-0189, CVE-2023-0180, CVE-2023-0185, CVE-2023-0198, CVE-2023-0199, 
CVE-2023-0188, CVE-2023-0190, CVE-2023-0194, CVE-2023-0195, CVE-2023-0191
Control: tag -3 + wontfix
Control: reassign -4 src:nvidia-graphics-drivers-tesla-418 418.87.01-1
Control: retitle -4 nvidia-graphics-drivers-tesla-418: CVE-2023-0184, 
CVE-2023-0189, CVE-2023-0180, CVE-2023-0185, CVE-2023-0198, CVE-2023-0199, 
CVE-2023-0188, CVE-2023-0190, CVE-2023-0194, CVE-2023-0195, CVE-2023-0191
Control: tag -4 + wontfix
Control: reassign -5 src:nvidia-graphics-drivers-tesla-450 450.51.05-1
Control: retitle -5 nvidia-graphics-drivers-tesla-450: CVE-2023-0184, 
CVE-2023-0189, CVE-2023-0180, CVE-2023-0185, CVE-2023-0198, CVE-2023-0199, 
CVE-2023-0188, CVE-2023-0190, CVE-2023-0194, CVE-2023-0195, CVE-2023-0191
Control: reassign -6 src:nvidia-graphics-drivers-tesla-460 460.32.03-1
Control: retitle -6 nvidia-graphics-drivers-tesla-460: CVE-2023-0184, 
CVE-2023-0189, CVE-2023-0180, CVE-2023-0185, CVE-2023-0187, CVE-2023-0198, 
CVE-2023-0199, CVE-2023-0188, CVE-2023-0190, CVE-2023-0194, CVE-2023-0195, 
CVE-2023-0191
Control: tag -6 + wontfix
Control: close -6 460.106.00-3
Control: reassign -7 src:nvidia-graphics-drivers-tesla-470 470.57.02-1
Control: retitle -7 nvidia-graphics-drivers-tesla-470: CVE-2023-0184, 
CVE-2023-0189, CVE-2023-0180, CVE-2023-0185, CVE-2023-0187, CVE-2023-0198, 
CVE-2023-0199, CVE-2023-0188, CVE-2023-0190, CVE-2023-0194, CVE-2023-0195, 
CVE-2023-0191
Control: reassign -8 src:nvidia-graphics-drivers-tesla-510 510.47.03-1
Control: retitle -8 nvidia-graphics-drivers-tesla-510: CVE-2023-0184, 
CVE-2023-0189, CVE-2023-0180, CVE-2023-0183, CVE-2023-0185, CVE-2023-0187, 
CVE-2023-0198, CVE-2023-0199, CVE-2023-0188, CVE-2023-0190, CVE-2023-0194, 
CVE-2023-0195, CVE-2023-0191
Control: tag -8 + wontfix
Control: close -8 510.85.02-2
Control: reassign -9 src:nvidia-graphics-drivers-tesla 510.85.02-1
Control: retitle -9 nvidia-graphics-drivers-tesla: CVE-2023-0184, 
CVE-2023-0189, CVE-2023-0180, CVE-2023-0183, CVE-2023-0185, CVE-2023-0187, 
CVE-2023-0198, CVE-2023-0199, CVE-2023-0188, CVE-2023-0190, CVE-2023-0194, 
CVE-2023-0195, CVE-2023-0191
Control: found -9 515.48.07-1
Control: found -9 525.60.13-1
Control: reassign -10 src:nvidia-open-gpu-kernel-modules 515.43.04-1
Control: retitle -10 nvidia-open-gpu-kernel-modules: CVE-2023-0184, 
CVE-2023-0189, CVE-2023-0180, CVE-2023-0183, CVE-2023-0185, CVE-2023-0187, 
CVE-2023-0198, CVE-2023-0199, CVE-2023-0188, CVE-2023-0190, CVE-2023-0194, 
CVE-2023-0195, CVE-2023-0191
Control: found -10 520.56.06-1
Control: found -10 525.85.12-1
Control: found -10 530.30.02-1
Control: found -1 340.24-1
Control: found -1 343.22-1
Control: found -1 396.18-1
Control: found -1 430.14-1
Control: found -1 455.23.04-1
Control: found -1 465.24.02-1
Control: found -1 495.44-1
Control: found -1 515.48.07-1
Control: found -1 520.56.06-1
Control: found -1 525.53-1
Control: found -1 530.30.02-1
Control: fixed -1 530.41.03-1

https://nvidia.custhelp.com/app/answers/detail/a_id/5452

CVE-2023-0189   NVIDIA GPU Display Driver for Linux contains a
vulnerability in the kernel mode layer handler, which may lead to code
execution, denial of service, escalation of privileges, information
disclosure, and data tampering.

CVE-2023-0184   NVIDIA GPU Display Driver for Windows and Linux contains
a vulnerability in the kernel mode layer handler, which may lead to
denial of service, escalation of privileges, information disclosure, and
data tampering.

CVE-2023-0181   NVIDIA GPU Display Driver for Windows and Linux contains
a vulnerability in a kernel mode layer handler, where memory permissions
are not correctly checked, which may lead to denial of service and data
tampering.

CVE-2023-0191   NVIDIA GPU Display Driver for Windows and Linux contains
a vulnerability in the kernel mode layer handler, where an out-of-bounds
access may lead to denial of service or data tampering.

CVE-2023-0183   NVIDIA GPU Display Driver for Linux contains a
vulnerability in the kernel mode layer where an out-of-bounds write can
lead to denial of service and data tampering.

CVE-2023-0180   NVIDIA GPU Display Driver for Linux contains a
vulnerability in a kernel mode layer handler, which may lead to denial
of service or information disclosure.

CVE-2023-0185   NVIDIA GPU Display Driver for Linux contains a
vulnerability in the kernel mode layer, where sign conversion issues may
lead to denial of service or information disclosure.

CVE-2023-0198   NVIDIA GPU Display Driver for Linux contains a
vulnerability in the kernel mode layer, where improper restriction of
operations within the bounds of a memory buffer can lead to denial of
service, information disclosure, and data tampering.

CVE-2023-0187   NVIDIA GPU Display Driver for Windows and Linux contains
a vulnerability in the kernel mode layer handler, where an out-of-bounds
read can lead to denial of service.

CVE-2023-0199   NVIDIA GPU Display Driver for Windows and Linux contains
a vulnerability in the kernel mode layer handler, where an out-of-bounds
write can lead to denial of service and data tampering.

CVE-2023-0190   NVIDIA GPU Display Driver for Linux contains a
vulnerability in the kernel mode layer, where a NULL pointer dereference
may lead to denial of service.

CVE-2023-0188   NVIDIA GPU Display Driver for Windows and Linux contains
a vulnerability in the kernel mode layer handler, where an unprivileged
user can cause an out-of-bounds read, which may lead to denial of
service.

CVE-2023-0194   NVIDIA GPU Display Driver for Windows and Linux contains
a vulnerability in the kernel mode layer driver, where an invalid
display configuration may lead to denial of service.

CVE-2023-0195   NVIDIA GPU Display Driver for Windows and Linux contains
a vulnerability in the kernel mode layer driver, where an invalid
display configuration may lead to information disclosure.


Linux Driver Branch     CVE IDs Addressed

R530, R525, R515        CVE-2023-0184, CVE-2023-0189, CVE-2023-0180,
                        CVE-2023-0183, CVE-2023-0185, CVE-2023-0187,
                        CVE-2023-0198, CVE-2023-0199, CVE-2023-0188,
                        CVE-2023-0190, CVE-2023-0194, CVE-2023-0195,
                        CVE-2023-0191

R470                    CVE-2023-0184, CVE-2023-0189, CVE-2023-0180,
                        CVE-2023-0185, CVE-2023-0187, CVE-2023-0198,
                        CVE-2023-0199, CVE-2023-0188, CVE-2023-0190,
                        CVE-2023-0194, CVE-2023-0195, CVE-2023-0191

R450                    CVE-2023-0184, CVE-2023-0189, CVE-2023-0180,
                        CVE-2023-0185, CVE-2023-0198, CVE-2023-0199,
                        CVE-2023-0188, CVE-2023-0190, CVE-2023-0194,
                        CVE-2023-0195, CVE-2023-0191


Driver Branch   Affected Driver Versions                        Updated Driver 
Version
R530            All driver versions prior to 530.41.03          530.41.03
R525            All driver versions prior to 525.105.17         525.105.17
R515            All driver versions prior to 515.105.01         515.105.01
R470            All driver versions prior to 470.182.03         470.182.03
R450            All driver versions prior to 450.236.01         450.236.01


Andreas

--- End Message ---
--- Begin Message --- 
Source: nvidia-graphics-drivers-tesla
Source-Version: 525.105.17-1
Done: Andreas Beckmann <a...@debian.org>

We believe that the bug you reported is fixed in the latest version of
nvidia-graphics-drivers-tesla, which is due to be installed in the Debian FTP 
archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 1033...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Andreas Beckmann <a...@debian.org> (supplier of updated 
nvidia-graphics-drivers-tesla package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Sat, 15 Apr 2023 22:33:13 +0200
Source: nvidia-graphics-drivers-tesla
Architecture: source
Version: 525.105.17-1
Distribution: unstable
Urgency: medium
Maintainer: Debian NVIDIA Maintainers <pkg-nvidia-de...@lists.alioth.debian.org>
Changed-By: Andreas Beckmann <a...@debian.org>
Closes: 1033782
Changes:
 nvidia-graphics-drivers-tesla (525.105.17-1) unstable; urgency=medium
 .
   * New upstream production branch release 525.105.17 (2023-03-30).
     * Fixed CVE-2023-0184, CVE-2023-0189, CVE-2023-0180, CVE-2023-0183,
       CVE-2023-0185, CVE-2023-0187, CVE-2023-0198, CVE-2023-0199,
       CVE-2023-0188, CVE-2023-0190, CVE-2023-0194, CVE-2023-0195,
       CVE-2023-0191.  (Closes: #1033782)
       https://nvidia.custhelp.com/app/answers/detail/a_id/5452
     - Fixed a bug that could cause excessive GPU power consumption at idle
       when driving multiple displays with a high refresh rate.
     - Fixed a bug in nvidia-powerd which could cause excessive CPU usage.
     - Fixed an issue which could cause applications to run at 1 FPS when
       using an NVIDIA PRIME Display Offload sink as the only active display.
     - Added compatibility for Linux kernels with Indirect Branch Tracking
       (IBT).
 .
   [ Andreas Beckmann ]
   * Refresh patches.
   * Update nv-readme.ids.
Checksums-Sha1:
 9cc99894060392ede0201d91a108836333d9f1c6 7765 
nvidia-graphics-drivers-tesla_525.105.17-1.dsc
 541acbad87c2416be1d9a6b8830b7e8e328bc989 414584730 
nvidia-graphics-drivers-tesla_525.105.17.orig-amd64.tar.gz
 0a5b16360d479598e575d6befd1aa950db4d86e3 263002927 
nvidia-graphics-drivers-tesla_525.105.17.orig-arm64.tar.gz
 75eeb4566c18cdb26cdbbe3b456eb4281464efe8 97420923 
nvidia-graphics-drivers-tesla_525.105.17.orig-ppc64el.tar.gz
 534a2da00a69cac8aada69b87d48e6bbe2298d62 140 
nvidia-graphics-drivers-tesla_525.105.17.orig.tar.gz
 4809ad3dada823ad6a2d642912405962889e8cf7 218860 
nvidia-graphics-drivers-tesla_525.105.17-1.debian.tar.xz
 49dd9a99e12e68b425ead5164d16fedf55dc1285 5666 
nvidia-graphics-drivers-tesla_525.105.17-1_source.buildinfo
Checksums-Sha256:
 20a5c16e44af1427aed5d2d4a3d83606b2c6cc7708d37e374e601aca6608ba5d 7765 
nvidia-graphics-drivers-tesla_525.105.17-1.dsc
 d67db89191c3650cadde44e6f949b696c4948d4e33c2ac25716935fbb9a24dc4 414584730 
nvidia-graphics-drivers-tesla_525.105.17.orig-amd64.tar.gz
 0b9a88a568f7b0a03f0d10bbdd844616a19b225c0b49f203122577039fe4a313 263002927 
nvidia-graphics-drivers-tesla_525.105.17.orig-arm64.tar.gz
 3899c50d5dbfab0a101593ae52f9e3a6eedd31a84866b0115732d7da0929e667 97420923 
nvidia-graphics-drivers-tesla_525.105.17.orig-ppc64el.tar.gz
 502f0ffc54b85beda75ad2b26310715661de0e0826c136c0874c9315b3bae2fc 140 
nvidia-graphics-drivers-tesla_525.105.17.orig.tar.gz
 d2547c8954b4276a42eca90f2ab9885ca9e4d1bf32ad215a94e7e632c464ee9f 218860 
nvidia-graphics-drivers-tesla_525.105.17-1.debian.tar.xz
 007bbef784801dff426d855e23db00654301777ecf52222041f16b4dac170564 5666 
nvidia-graphics-drivers-tesla_525.105.17-1_source.buildinfo
Files:
 27ec14cf5e12f2362f9fafc27e1650b9 7765 non-free/libs optional 
nvidia-graphics-drivers-tesla_525.105.17-1.dsc
 9ebba7b9d6989f96d6983f3a20908ea4 414584730 non-free/libs optional 
nvidia-graphics-drivers-tesla_525.105.17.orig-amd64.tar.gz
 3984936fdc8b02676cf7426b269db3a2 263002927 non-free/libs optional 
nvidia-graphics-drivers-tesla_525.105.17.orig-arm64.tar.gz
 e0ba7cbf1a1a87f2ed00d423e28382f9 97420923 non-free/libs optional 
nvidia-graphics-drivers-tesla_525.105.17.orig-ppc64el.tar.gz
 4d5d29f2520137824ef368dea2776a9b 140 non-free/libs optional 
nvidia-graphics-drivers-tesla_525.105.17.orig.tar.gz
 ec01acbf917a01c7bf327fd7481a4c61 218860 non-free/libs optional 
nvidia-graphics-drivers-tesla_525.105.17-1.debian.tar.xz
 c4ec191763c9aa1d26474654a9d04450 5666 non-free/libs optional 
nvidia-graphics-drivers-tesla_525.105.17-1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJEBAEBCAAuFiEE6/MKMKjZxjvaRMaUX7M/k1np7QgFAmQ7EBYQHGFuYmVAZGVi
aWFuLm9yZwAKCRBfsz+TWentCHYqD/9Z+EO1IobroUWmEmu7iKECL7wKhPZ3rSJy
n42m66qb/gt31owUowC00Q9tBjGoJfZMA+XL7C7iPyKGGLGuoYPBrw4YE3MJX2YA
/gJaTkvaAMmgXif6sNjbpv9toZJaYVFFLbY3W3VtvCuzVieh99C5pZXmVPguSXL3
uJ4yaO3p2rM7XgLf7hn0aTdtOSDH4iN83h1kwguh38W7bWUscpbICGmW7GSiLe74
gylvEj0h72o0DFBaOl4mXV2evK5stGxkoUXLG9ylaY1aPmPZMetol6LLR4IYptBq
MwU52vIy0k7yR+fXi8b8fhMW8IBQiaWX0KH9VKc2kZy3yzO2Bmf3qdN0TQ0JY0nb
30BodkOHvmGRLhqMjFACv8pmJF+Y4q6kXLab8WdCL0fKUNkL4PceRcxfEmvhm1eN
t1bo6p5R+woAiKYj8fJMjr6cME3z+a+ctIBsnn1nWI4CHyzJAKkeHTbU7+/S96j8
01ZpwHXI4InhbXR+dMGfH0rkSTSpCa4QufmJu4WbetMff3RJ3BurhWUbGeNi46+C
SigSnX+JRe40CZicd19xaD0fdPOS5lcD/tuNmliyUA6SYxrM7zyiy8/Fc8ShFco3
Jgw8dtJQpSCR51bsd+cGLgHfj7OTIzsSsDES+M7vBobUCQesdR2t9hyrZVeIUY4b
56/MKC6Ckw==
=p2Rm
-----END PGP SIGNATURE-----

--- End Message ---

Reply via email to