Bug#1033783: marked as done (nvidia-open-gpu-kernel-modules: CVE-2023-0184, CVE-2023-0189, CVE-2023-0180, CVE-2023-0183, CVE-2023-0185, CVE-2023-0187, CVE-2023-0198, CVE-2023-0199, CVE-2023-0188, CVE-2023-0190, CVE-2023-0194, CVE-2023-0195, CVE-2023-0191)

Mon, 17 Apr 2023 09:51:19 -0700 

Your message dated Mon, 17 Apr 2023 16:49:20 +0000
with message-id <e1pos2a-008q5b...@fasolo.debian.org>
and subject line Bug#1033783: fixed in nvidia-open-gpu-kernel-modules 
525.105.17-1
has caused the Debian Bug report #1033783,
regarding nvidia-open-gpu-kernel-modules: CVE-2023-0184, CVE-2023-0189, 
CVE-2023-0180, CVE-2023-0183, CVE-2023-0185, CVE-2023-0187, CVE-2023-0198, 
CVE-2023-0199, CVE-2023-0188, CVE-2023-0190, CVE-2023-0194, CVE-2023-0195, 
CVE-2023-0191
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
1033783: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033783
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message --- 
Source: nvidia-graphics-drivers
Severity: serious
Tags: security upstream
X-Debbugs-Cc: Debian Security Team <t...@security.debian.org>
Control: clone -1 -2 -3 -4 -5 -6 -7 -8 -9 -10
Control: reassign -2 src:nvidia-graphics-drivers-legacy-340xx 340.76-6
Control: retitle -2 nvidia-graphics-drivers-legacy-340xx: CVE-2023-0184, 
CVE-2023-0189, CVE-2023-0180, CVE-2023-0185, CVE-2023-0198, CVE-2023-0199, 
CVE-2023-0188, CVE-2023-0190, CVE-2023-0194, CVE-2023-0195, CVE-2023-0191
Control: tag -2 + wontfix
Control: reassign -3 src:nvidia-graphics-drivers-legacy-390xx 390.48-4
Control: retitle -3 nvidia-graphics-drivers-legacy-390xx: CVE-2023-0184, 
CVE-2023-0189, CVE-2023-0180, CVE-2023-0185, CVE-2023-0198, CVE-2023-0199, 
CVE-2023-0188, CVE-2023-0190, CVE-2023-0194, CVE-2023-0195, CVE-2023-0191
Control: tag -3 + wontfix
Control: reassign -4 src:nvidia-graphics-drivers-tesla-418 418.87.01-1
Control: retitle -4 nvidia-graphics-drivers-tesla-418: CVE-2023-0184, 
CVE-2023-0189, CVE-2023-0180, CVE-2023-0185, CVE-2023-0198, CVE-2023-0199, 
CVE-2023-0188, CVE-2023-0190, CVE-2023-0194, CVE-2023-0195, CVE-2023-0191
Control: tag -4 + wontfix
Control: reassign -5 src:nvidia-graphics-drivers-tesla-450 450.51.05-1
Control: retitle -5 nvidia-graphics-drivers-tesla-450: CVE-2023-0184, 
CVE-2023-0189, CVE-2023-0180, CVE-2023-0185, CVE-2023-0198, CVE-2023-0199, 
CVE-2023-0188, CVE-2023-0190, CVE-2023-0194, CVE-2023-0195, CVE-2023-0191
Control: reassign -6 src:nvidia-graphics-drivers-tesla-460 460.32.03-1
Control: retitle -6 nvidia-graphics-drivers-tesla-460: CVE-2023-0184, 
CVE-2023-0189, CVE-2023-0180, CVE-2023-0185, CVE-2023-0187, CVE-2023-0198, 
CVE-2023-0199, CVE-2023-0188, CVE-2023-0190, CVE-2023-0194, CVE-2023-0195, 
CVE-2023-0191
Control: tag -6 + wontfix
Control: close -6 460.106.00-3
Control: reassign -7 src:nvidia-graphics-drivers-tesla-470 470.57.02-1
Control: retitle -7 nvidia-graphics-drivers-tesla-470: CVE-2023-0184, 
CVE-2023-0189, CVE-2023-0180, CVE-2023-0185, CVE-2023-0187, CVE-2023-0198, 
CVE-2023-0199, CVE-2023-0188, CVE-2023-0190, CVE-2023-0194, CVE-2023-0195, 
CVE-2023-0191
Control: reassign -8 src:nvidia-graphics-drivers-tesla-510 510.47.03-1
Control: retitle -8 nvidia-graphics-drivers-tesla-510: CVE-2023-0184, 
CVE-2023-0189, CVE-2023-0180, CVE-2023-0183, CVE-2023-0185, CVE-2023-0187, 
CVE-2023-0198, CVE-2023-0199, CVE-2023-0188, CVE-2023-0190, CVE-2023-0194, 
CVE-2023-0195, CVE-2023-0191
Control: tag -8 + wontfix
Control: close -8 510.85.02-2
Control: reassign -9 src:nvidia-graphics-drivers-tesla 510.85.02-1
Control: retitle -9 nvidia-graphics-drivers-tesla: CVE-2023-0184, 
CVE-2023-0189, CVE-2023-0180, CVE-2023-0183, CVE-2023-0185, CVE-2023-0187, 
CVE-2023-0198, CVE-2023-0199, CVE-2023-0188, CVE-2023-0190, CVE-2023-0194, 
CVE-2023-0195, CVE-2023-0191
Control: found -9 515.48.07-1
Control: found -9 525.60.13-1
Control: reassign -10 src:nvidia-open-gpu-kernel-modules 515.43.04-1
Control: retitle -10 nvidia-open-gpu-kernel-modules: CVE-2023-0184, 
CVE-2023-0189, CVE-2023-0180, CVE-2023-0183, CVE-2023-0185, CVE-2023-0187, 
CVE-2023-0198, CVE-2023-0199, CVE-2023-0188, CVE-2023-0190, CVE-2023-0194, 
CVE-2023-0195, CVE-2023-0191
Control: found -10 520.56.06-1
Control: found -10 525.85.12-1
Control: found -10 530.30.02-1
Control: found -1 340.24-1
Control: found -1 343.22-1
Control: found -1 396.18-1
Control: found -1 430.14-1
Control: found -1 455.23.04-1
Control: found -1 465.24.02-1
Control: found -1 495.44-1
Control: found -1 515.48.07-1
Control: found -1 520.56.06-1
Control: found -1 525.53-1
Control: found -1 530.30.02-1
Control: fixed -1 530.41.03-1

https://nvidia.custhelp.com/app/answers/detail/a_id/5452

CVE-2023-0189   NVIDIA GPU Display Driver for Linux contains a
vulnerability in the kernel mode layer handler, which may lead to code
execution, denial of service, escalation of privileges, information
disclosure, and data tampering.

CVE-2023-0184   NVIDIA GPU Display Driver for Windows and Linux contains
a vulnerability in the kernel mode layer handler, which may lead to
denial of service, escalation of privileges, information disclosure, and
data tampering.

CVE-2023-0181   NVIDIA GPU Display Driver for Windows and Linux contains
a vulnerability in a kernel mode layer handler, where memory permissions
are not correctly checked, which may lead to denial of service and data
tampering.

CVE-2023-0191   NVIDIA GPU Display Driver for Windows and Linux contains
a vulnerability in the kernel mode layer handler, where an out-of-bounds
access may lead to denial of service or data tampering.

CVE-2023-0183   NVIDIA GPU Display Driver for Linux contains a
vulnerability in the kernel mode layer where an out-of-bounds write can
lead to denial of service and data tampering.

CVE-2023-0180   NVIDIA GPU Display Driver for Linux contains a
vulnerability in a kernel mode layer handler, which may lead to denial
of service or information disclosure.

CVE-2023-0185   NVIDIA GPU Display Driver for Linux contains a
vulnerability in the kernel mode layer, where sign conversion issues may
lead to denial of service or information disclosure.

CVE-2023-0198   NVIDIA GPU Display Driver for Linux contains a
vulnerability in the kernel mode layer, where improper restriction of
operations within the bounds of a memory buffer can lead to denial of
service, information disclosure, and data tampering.

CVE-2023-0187   NVIDIA GPU Display Driver for Windows and Linux contains
a vulnerability in the kernel mode layer handler, where an out-of-bounds
read can lead to denial of service.

CVE-2023-0199   NVIDIA GPU Display Driver for Windows and Linux contains
a vulnerability in the kernel mode layer handler, where an out-of-bounds
write can lead to denial of service and data tampering.

CVE-2023-0190   NVIDIA GPU Display Driver for Linux contains a
vulnerability in the kernel mode layer, where a NULL pointer dereference
may lead to denial of service.

CVE-2023-0188   NVIDIA GPU Display Driver for Windows and Linux contains
a vulnerability in the kernel mode layer handler, where an unprivileged
user can cause an out-of-bounds read, which may lead to denial of
service.

CVE-2023-0194   NVIDIA GPU Display Driver for Windows and Linux contains
a vulnerability in the kernel mode layer driver, where an invalid
display configuration may lead to denial of service.

CVE-2023-0195   NVIDIA GPU Display Driver for Windows and Linux contains
a vulnerability in the kernel mode layer driver, where an invalid
display configuration may lead to information disclosure.


Linux Driver Branch     CVE IDs Addressed

R530, R525, R515        CVE-2023-0184, CVE-2023-0189, CVE-2023-0180,
                        CVE-2023-0183, CVE-2023-0185, CVE-2023-0187,
                        CVE-2023-0198, CVE-2023-0199, CVE-2023-0188,
                        CVE-2023-0190, CVE-2023-0194, CVE-2023-0195,
                        CVE-2023-0191

R470                    CVE-2023-0184, CVE-2023-0189, CVE-2023-0180,
                        CVE-2023-0185, CVE-2023-0187, CVE-2023-0198,
                        CVE-2023-0199, CVE-2023-0188, CVE-2023-0190,
                        CVE-2023-0194, CVE-2023-0195, CVE-2023-0191

R450                    CVE-2023-0184, CVE-2023-0189, CVE-2023-0180,
                        CVE-2023-0185, CVE-2023-0198, CVE-2023-0199,
                        CVE-2023-0188, CVE-2023-0190, CVE-2023-0194,
                        CVE-2023-0195, CVE-2023-0191


Driver Branch   Affected Driver Versions                        Updated Driver 
Version
R530            All driver versions prior to 530.41.03          530.41.03
R525            All driver versions prior to 525.105.17         525.105.17
R515            All driver versions prior to 515.105.01         515.105.01
R470            All driver versions prior to 470.182.03         470.182.03
R450            All driver versions prior to 450.236.01         450.236.01


Andreas

--- End Message ---
--- Begin Message --- 
Source: nvidia-open-gpu-kernel-modules
Source-Version: 525.105.17-1
Done: Andreas Beckmann <a...@debian.org>

We believe that the bug you reported is fixed in the latest version of
nvidia-open-gpu-kernel-modules, which is due to be installed in the Debian FTP 
archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 1033...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Andreas Beckmann <a...@debian.org> (supplier of updated 
nvidia-open-gpu-kernel-modules package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Mon, 17 Apr 2023 18:23:16 +0200
Source: nvidia-open-gpu-kernel-modules
Architecture: source
Version: 525.105.17-1
Distribution: unstable
Urgency: medium
Maintainer: Debian NVIDIA Maintainers <pkg-nvidia-de...@lists.alioth.debian.org>
Changed-By: Andreas Beckmann <a...@debian.org>
Closes: 1033783
Changes:
 nvidia-open-gpu-kernel-modules (525.105.17-1) unstable; urgency=medium
 .
   * New upstream production branch release 525.105.17 (2023-03-30).
     * Fixed CVE-2023-0184, CVE-2023-0189, CVE-2023-0180, CVE-2023-0183,
       CVE-2023-0185, CVE-2023-0187, CVE-2023-0198, CVE-2023-0199,
       CVE-2023-0188, CVE-2023-0190, CVE-2023-0194, CVE-2023-0195,
       CVE-2023-0191.  (Closes: #1033783)
       https://nvidia.custhelp.com/app/answers/detail/a_id/5452
   * Refresh patches.
Checksums-Sha1:
 ad4004d73bd72fe73956db9593167726d4cbc95e 2729 
nvidia-open-gpu-kernel-modules_525.105.17-1.dsc
 0d555978d9696cbafbab7627fa146b79d1566cc3 10120440 
nvidia-open-gpu-kernel-modules_525.105.17.orig.tar.xz
 b1aa3aaf982f506c687e461430566a12800f4578 19388 
nvidia-open-gpu-kernel-modules_525.105.17-1.debian.tar.xz
 8013464ef9e726a61cafa0655444cc069c0031b3 5671 
nvidia-open-gpu-kernel-modules_525.105.17-1_source.buildinfo
Checksums-Sha256:
 7086ee2d52fc20f0374a0ae6659749be2ba60857368f45b3bcea3e61e973eabe 2729 
nvidia-open-gpu-kernel-modules_525.105.17-1.dsc
 639774b02efe872638295402d14fcda91f6e90b71273b04a62caf8733794b14f 10120440 
nvidia-open-gpu-kernel-modules_525.105.17.orig.tar.xz
 a0eac064003de294f6218260009c32d0bcbcd689326aabb149eb4e40877c2148 19388 
nvidia-open-gpu-kernel-modules_525.105.17-1.debian.tar.xz
 9e08585fd6ccf1b89007a8082a343b0b038057f18f124c1a0a123d047e68016b 5671 
nvidia-open-gpu-kernel-modules_525.105.17-1_source.buildinfo
Files:
 ea499415fcbbef4fca83cf12d356eff4 2729 contrib/kernel optional 
nvidia-open-gpu-kernel-modules_525.105.17-1.dsc
 cc21d10239d05326fec4bb31cd647821 10120440 contrib/kernel optional 
nvidia-open-gpu-kernel-modules_525.105.17.orig.tar.xz
 1725413bb3f6398956fed54ef8e67e05 19388 contrib/kernel optional 
nvidia-open-gpu-kernel-modules_525.105.17-1.debian.tar.xz
 e3e6a618cd24e3cd6213da6daa8824f5 5671 contrib/kernel optional 
nvidia-open-gpu-kernel-modules_525.105.17-1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJEBAEBCAAuFiEE6/MKMKjZxjvaRMaUX7M/k1np7QgFAmQ9c9YQHGFuYmVAZGVi
aWFuLm9yZwAKCRBfsz+TWentCEfOEACFa0XrV6G2YWO+Iu1QQX3LkMpc7Kpa+v7B
fE61qA/20RUR4hLbHkLU0oc9QzPcE3ZYgEXNDbGaFivzNMaw/TKuCixxOcHyku2O
T0N882NKf7sboY7lXq33BYPrysGctsNiMe21z0T9MMrrraFPqMgxq+c+WkBmIFln
GU3aSVQOYe4PwbmYPX0G1PwqlrROGp6bvIZFH0jLY8BtvJ2ilX6xwaM7yfP+pkYA
GiuP5I9DlTpbiM2J8bikTJrGExGJModqI8dlRwV2k1BlG+v7bjk55uF4Yn97vEut
xrYgDj/ZiKOmRvoVfqjPKU3DK35al3Iu/85/rw0oP+Ej1WE7FerFrqH1ovlhzMN6
rnNMz6eybAPgKg5A35FhYw6qvVdwIQOtNXOUE0M7YuTXsTTDo2O9Kyq87Bs61GSD
yqRzixYLkZPCx1O8W1QgOVpx4hrDGv+zrOcPGHhNZBJpdxvbyghfVcmWOHrbc0Kb
wFdDsxv2M0sZhzx+akK4kEMg/LKu4fXU99Grn0ekuyA8zrQqVA4yg9OcOrTgwnC6
YizkbIrcGrc3E0mtcKQl33t9DNRX2wf2Iz7vy5pQm0O7Tv6xNRRlcJeBxHqV8F20
A9BQlY8lTFg0SFYmpynVzF7BnX3Ofck+2vvvvxwKPXiM0iIeLZfcZxbKta8QZ/sy
ERBPyl+C0A==
=0D+G
-----END PGP SIGNATURE-----

--- End Message ---

Reply via email to