Bug#1039678: marked as done (nvidia-graphics-drivers: CVE-2023-25515, CVE-2023-25516)

Debian Bug Tracking System Sat, 15 Jul 2023 09:33:44 -0700

Your message dated Sat, 15 Jul 2023 16:32:11 +0000
with message-id <e1qkibn-0053aq...@fasolo.debian.org>
and subject line Bug#1039678: fixed in nvidia-graphics-drivers-tesla 
525.125.06-1~deb12u1
has caused the Debian Bug report #1039678,
regarding nvidia-graphics-drivers: CVE-2023-25515, CVE-2023-25516
to be marked as done.


This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
1039678: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1039678
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

--- Begin Message ---

Source: nvidia-graphics-drivers
Severity: serious
Tags: security upstream
X-Debbugs-Cc: Debian Security Team <t...@security.debian.org>
Control: clone -1 -2 -3 -4 -5 -6 -7 -8 -9
Control: reassign -2 src:nvidia-graphics-drivers-legacy-340xx 340.76-6
Control: retitle -2 nvidia-graphics-drivers-legacy-340xx: CVE-2023-25515, 
CVE-2023-25516
Control: tag -2 + wontfix
Control: reassign -3 src:nvidia-graphics-drivers-legacy-390xx 390.48-4
Control: retitle -3 nvidia-graphics-drivers-legacy-390xx: CVE-2023-25515, 
CVE-2023-25516
Control: tag -3 + wontfix
Control: reassign -4 src:nvidia-graphics-drivers-tesla-418 418.87.01-1
Control: retitle -4 nvidia-graphics-drivers-tesla-418: CVE-2023-25515, 
CVE-2023-25516
Control: tag -4 + wontfix
Control: reassign -5 src:nvidia-graphics-drivers-tesla-450 450.51.05-1
Control: retitle -5 nvidia-graphics-drivers-tesla-450: CVE-2023-25515, 
CVE-2023-25516
Control: reassign -6 src:nvidia-graphics-drivers-tesla-460 460.32.03-1
Control: retitle -6 nvidia-graphics-drivers-tesla-460: CVE-2023-25515, 
CVE-2023-25516
Control: tag -6 + wontfix
Control: close -6 460.106.00-3
Control: reassign -7 src:nvidia-graphics-drivers-tesla-470 470.57.02-1
Control: retitle -7 nvidia-graphics-drivers-tesla-470: CVE-2023-25515, 
CVE-2023-25516
Control: reassign -8 src:nvidia-graphics-drivers-tesla 510.85.02-1
Control: retitle -8 nvidia-graphics-drivers-tesla: CVE-2023-25515, 
CVE-2023-25516
Control: found -8 515.48.07-1
Control: found -8 525.60.13-1
Control: reassign -9 src:nvidia-open-gpu-kernel-modules 515.43.04-1
Control: retitle -9 nvidia-open-gpu-kernel-modules: CVE-2023-25515, 
CVE-2023-25516
Control: found -9 520.56.06-1
Control: found -9 525.85.12-1
Control: found -9 530.30.02-1
Control: found -1 340.24-1
Control: found -1 343.22-1
Control: found -1 396.18-1
Control: found -1 430.14-1
Control: found -1 455.23.04-1
Control: found -1 465.24.02-1
Control: found -1 495.44-1
Control: found -1 515.48.07-1
Control: found -1 520.56.06-1
Control: found -1 525.53-1
Control: found -1 530.30.02-1

https://nvidia.custhelp.com/app/answers/detail/a_id/5468

CVE-2023-25515  NVIDIA GPU Display Driver for Windows and Linux contains
a vulnerability where unexpected untrusted data is parsed, which may
lead to code execution, denial of service, escalation of privileges,
data tampering, or information disclosure.

CVE-2023-25516  NVIDIA GPU Display Driver for Linux contains a
vulnerability in the kernel mode layer, where an unprivileged user can
cause an integer overflow, which may lead to information disclosure and
denial of service.

Linux Driver Branch     CVE IDs Addressed
R535, R525, R470, R450  CVE-2023-25515, CVE-2023-25516

Driver Branch   Affected Driver Versions                        Updated Driver 
Version
R535            All driver versions prior to 535.54.03          535.54.03
R525            All driver versions prior to 525.125.06         525.125.06
R470            All driver versions prior to 470.199.02         470.199.02
R450            All driver versions prior to 450.248.02         450.248.02

Andreas

--- End Message ---

--- Begin Message ---

Source: nvidia-graphics-drivers-tesla
Source-Version: 525.125.06-1~deb12u1
Done: Andreas Beckmann <a...@debian.org>

We believe that the bug you reported is fixed in the latest version of
nvidia-graphics-drivers-tesla, which is due to be installed in the Debian FTP 
archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 1039...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Andreas Beckmann <a...@debian.org> (supplier of updated 
nvidia-graphics-drivers-tesla package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Wed, 12 Jul 2023 18:07:03 +0200
Source: nvidia-graphics-drivers-tesla
Architecture: source
Version: 525.125.06-1~deb12u1
Distribution: bookworm
Urgency: medium
Maintainer: Debian NVIDIA Maintainers <pkg-nvidia-de...@lists.alioth.debian.org>
Changed-By: Andreas Beckmann <a...@debian.org>
Closes: 1039678 1039685
Changes:
 nvidia-graphics-drivers-tesla (525.125.06-1~deb12u1) bookworm; urgency=medium
 .
   * Rebuild for bookworm.
 .
 nvidia-graphics-drivers-tesla (525.125.06-1) unstable; urgency=medium
 .
   * New upstream production branch release 525.125.06 (2023-05-09).
     * Fixed CVE-2023-25515, CVE-2023-25516.  (Closes: #1039685)
       https://nvidia.custhelp.com/app/answers/detail/a_id/5468
     - Fixed a bug which prevented running a Wayland compositor in headless
       mode on GPUs without display hardware.
 .
   [ Andreas Beckmann ]
   * Update nv-readme.ids.
 .
 nvidia-graphics-drivers (525.125.06-1~deb12u1) bookworm; urgency=medium
 .
   * Rebuild for bookworm.
 .
 nvidia-graphics-drivers (525.125.06-1) unstable; urgency=medium
 .
   * New upstream production branch release 525.125.06 (2023-05-09).
     * Fixed CVE-2023-25515, CVE-2023-25516.  (Closes: #1039678)
       https://nvidia.custhelp.com/app/answers/detail/a_id/5468
     - Fixed a bug which prevented running a Wayland compositor in headless
       mode on GPUs without display hardware.
 .
   [ Andreas Beckmann ]
   * Update nv-readme.ids.
 .
 nvidia-graphics-drivers (525.116.04-1) unstable; urgency=medium
 .
   * New upstream production branch release 525.116.04 (2023-05-09).
   * New upstream production branch release 525.116.03 (2023-04-25).
     - Fixed a regression in Luxmark performance between 525.89.02 and
       525.105.17.
     - Fixed a bug that could cause an unexpected
       VK_ERROR_NATIVE_WINDOW_IN_USE_KHR error in certain circumstances when
       recreating Vulkan surfaces.
     - Fixed a regression that caused brightness control to not vary
       smoothly across the range of values.
     * Improved compatibility with recent Linux kernels.
 .
   [ Andreas Beckmann ]
   * Refresh patches.
   * Update nv-readme.ids.
 .
 nvidia-graphics-drivers-tesla (525.105.17-2) unstable; urgency=medium
 .
   * Rebuild as Tesla driver.
 .
 nvidia-graphics-drivers (525.105.17-2) unstable; urgency=medium
 .
   * Backport drm_driver_has_dumb_destroy changes from 525.116.03 to fix kernel
     module build for Linux 6.4.
Checksums-Sha1:
 71ee3be81ca51cace32b54d496ecd3b8e5747a71 7797 
nvidia-graphics-drivers-tesla_525.125.06-1~deb12u1.dsc
 049695913ecf90fde7e34bdc5a57baf075f18e95 219480 
nvidia-graphics-drivers-tesla_525.125.06-1~deb12u1.debian.tar.xz
 f37f05c171e35d445cd97258ba9a276dc5ba1e52 5636 
nvidia-graphics-drivers-tesla_525.125.06-1~deb12u1_source.buildinfo
Checksums-Sha256:
 ae2362a1a5a6dca2d3140bdf71ab003bfb0e0750855570a96cdb902fec1b8bdf 7797 
nvidia-graphics-drivers-tesla_525.125.06-1~deb12u1.dsc
 604d859dd5c3a3d12edb9bc3a07b706bd66700399664dc7f74200a01283ca6c9 219480 
nvidia-graphics-drivers-tesla_525.125.06-1~deb12u1.debian.tar.xz
 3b9a3e7eeaaddda0d3a8185e2833e108187a7afe0da86fcc0a09766fc018d4ce 5636 
nvidia-graphics-drivers-tesla_525.125.06-1~deb12u1_source.buildinfo
Files:
 aa8918675f395e9c83fc07259a7fe878 7797 non-free/libs optional 
nvidia-graphics-drivers-tesla_525.125.06-1~deb12u1.dsc
 09094b04c923cc749384cac25b412bd7 219480 non-free/libs optional 
nvidia-graphics-drivers-tesla_525.125.06-1~deb12u1.debian.tar.xz
 740d4fe3853dc2467996c0e4416fbd1d 5636 non-free/libs optional 
nvidia-graphics-drivers-tesla_525.125.06-1~deb12u1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJEBAEBCAAuFiEE6/MKMKjZxjvaRMaUX7M/k1np7QgFAmSu0lEQHGFuYmVAZGVi
aWFuLm9yZwAKCRBfsz+TWentCLO1EACeBlw6xf5w2Iml5UE5bJVWLoB0iSlXkzg6
HQtcIdb/dv1gs5KHr5Fdv8B3n0Ru4fQoixxlM9WXj88RERnZGes9omv1/h4M7qUi
69/kIDtmPDYJ/uyt6yHm4SOTxp1TqNnYT2mn1tu8hKXnVDTBBwbJF0YgzUWu5cYx
ITuxhDZWTjy31fZBmFsBuOq/4eT5E04qEulTshnZrdlOHz1faFkPXkL/sMm3Ej1z
90uja2yXp3NJp29TnJDtbEX5GVSGA2kp41OWKjEw3EXT84UPAIXms7uqCe1tWI2X
15Df/BT+lcUBGaPXyGIOHjXOBxCUZyXJ30MBhT5qeNqXEWG4TIXihXoTJzYYaEeH
dGUp5gqi6/DoqxPGoMwVMenHsmDQluWgLVengEWm3ngNeNwqwE5gxis4YLXrym+n
XLgyxXXbFlNRGd16zPjWdfn/LP5TozJZE9rKFoV0yhoSw7gFaP5aT8usKs+g10Jw
vqki7je00IgCGteLsV5YHgbGNTka05HFd3TzY4HYLcYHw72e2+uewUDE6hR4jqIv
K6A3kqpB9TnMT/ULiaav3Z13/bKugvCcWqONYoaLrVWa552dz2c0lsQR5etTXcPT
QMkqO35ommrR8LZyKb2gDYo0WQKwyl8ovU3Ke3KOL1VCaW0i+8ZmdwQKEBbdaRDz
Lr6UJFms2g==
=zXIW
-----END PGP SIGNATURE-----

--- End Message ---

Bug#1039678: marked as done (nvidia-graphics-drivers: CVE-2023-25515, CVE-2023-25516)

Reply via email to