Bug#1064983: marked as done (nvidia-graphics-drivers: CVE-2024-0074, CVE-2024-0075, CVE-2022-42265, CVE-2024-0078)

Debian Bug Tracking System Tue, 29 Apr 2025 00:54:19 -0700

Your message dated Tue, 29 Apr 2025 07:50:09 +0000
with message-id <e1u9fjf-006fwf...@fasolo.debian.org>
and subject line Bug#1064983: fixed in nvidia-graphics-drivers 550.54.15-1
has caused the Debian Bug report #1064983,
regarding nvidia-graphics-drivers: CVE-2024-0074, CVE-2024-0075, 
CVE-2022-42265, CVE-2024-0078
to be marked as done.


This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
1064983: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1064983
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

--- Begin Message ---

Source: nvidia-graphics-drivers
Severity: serious
Tags: security upstream
X-Debbugs-Cc: Debian Security Team <t...@security.debian.org>
Control: clone -1 -2 -3 -4 -5 -6 -7 -8 -9
Control: reassign -2 src:nvidia-graphics-drivers-legacy-340xx 340.76-6
Control: retitle -2 nvidia-graphics-drivers-legacy-340xx: CVE-2024-0074, 
CVE-2022-42265, CVE-2024-0078
Control: tag -2 + wontfix
Control: reassign -3 src:nvidia-graphics-drivers-legacy-390xx 390.48-4
Control: retitle -3 nvidia-graphics-drivers-legacy-390xx: CVE-2024-0074, 
CVE-2022-42265, CVE-2024-0078
Control: tag -3 + wontfix
Control: reassign -4 src:nvidia-graphics-drivers-tesla-418 418.87.01-1
Control: retitle -4 nvidia-graphics-drivers-tesla-418: CVE-2024-0074, 
CVE-2022-42265, CVE-2024-0078
Control: tag -4 + wontfix
Control: reassign -5 src:nvidia-graphics-drivers-tesla-450 450.51.05-1
Control: retitle -5 nvidia-graphics-drivers-tesla-450: CVE-2024-0074, 
CVE-2022-42265, CVE-2024-0078
Control: tag -5 + wontfix
Control: close -5 450.248.02-4
Control: reassign -6 src:nvidia-graphics-drivers-tesla-460 460.32.03-1
Control: retitle -6 nvidia-graphics-drivers-tesla-460: CVE-2024-0074, 
CVE-2022-42265, CVE-2024-0078
Control: tag -6 + wontfix
Control: close -6 460.106.00-3
Control: reassign -7 src:nvidia-graphics-drivers-tesla-470 470.57.02-1
Control: retitle -7 nvidia-graphics-drivers-tesla-470: CVE-2024-0074, 
CVE-2022-42265, CVE-2024-0078
Control: reassign -8 src:nvidia-graphics-drivers-tesla 510.85.02-1
Control: retitle -8 nvidia-graphics-drivers-tesla: CVE-2024-0074, 
CVE-2024-0075, CVE-2024-0078
Control: found -8 515.48.07-1
Control: found -8 525.60.13-1
Control: tag -8 + wontfix
Control: close -8 525.147.05-6
Control: reassign -9 src:nvidia-open-gpu-kernel-modules 515.43.04-1
Control: retitle -9 nvidia-open-gpu-kernel-modules: CVE-2024-0074, 
CVE-2024-0075, CVE-2024-0078
Control: found -9 520.56.06-1
Control: found -9 525.85.12-1
Control: found -9 530.30.02-1
Control: found -9 535.43.02-1
Control: found -9 545.23.06-1
Control: found -9 550.40.07-1
Control: found -1 340.24-1
Control: found -1 343.22-1
Control: found -1 396.18-1
Control: found -1 430.14-1
Control: found -1 455.23.04-1
Control: found -1 465.24.02-1
Control: found -1 495.44-1
Control: found -1 515.48.07-1
Control: found -1 520.56.06-1
Control: found -1 525.53-1
Control: found -1 530.30.02-1
Control: found -1 535.43.02-1
Control: found -1 545.23.06-1
Control: found -1 550.40.07-1
Control: fixed -7 470.239.06-1

https://nvidia.custhelp.com/app/answers/detail/a_id/5520

CVE-2024-0074   NVIDIA GPU Display Driver for Linux contains a
vulnerability where an attacker may access a memory location after the
end of the buffer. A successful exploit of this vulnerability may lead
to denial of service and data tampering.

CVE-2024-0075   NVIDIA GPU Display Driver for Windows and Linux contains
a vulnerability where a user may cause a NULL-pointer dereference by
accessing passed parameters the validity of which has not been checked.
A successful exploit of this vulnerability may lead to denial of service
and limited information disclosure.

CVE-2024-0078   NVIDIA GPU Display Driver for Windows and Linux contains
a vulnerability in the kernel mode layer, where a user in a guest can
cause a NULL-pointer dereference in the host, which may lead to denial
of service.

CVE-2022-42265  NVIDIA GPU Display Driver for Windows and Linux contains
a vulnerability in the kernel mode layer handler, where an unprivileged
regular user can cause integer overflow, which may lead to denial of
service, information disclosure, and data tampering.

Linux Driver Branch     CVE IDs Addressed
R550, R545, R535        CVE-2024-0074, CVE-2024-0075
R470                    CVE-2024-0074, CVE-2022-42265

Driver Branch   Affected Driver Versions                        Updated Driver 
Version
R550            All driver versions prior to 550.54.14          550.54.14
R535            All driver versions prior to 535.161.07         535.161.07
R470            All driver versions prior to 470.239.06         470.239.06
R470            All driver versions prior to 470.223.02         470.223.02


Security Updates for NVIDIA vGPU Software
Security Updates for NVIDIA Cloud Gaming

Linux Driver Branch     CVE IDs Addressed
R535                    CVE-2024-0074, CVE-2024-0075, CVE-2024-0078
R470                    CVE-2024-0074, CVE-2024-0078, CVE-2022-42265

Andreas

--- End Message ---

--- Begin Message ---

Source: nvidia-graphics-drivers
Source-Version: 550.54.15-1
Done: Andreas Beckmann <a...@debian.org>

We believe that the bug you reported is fixed in the latest version of
nvidia-graphics-drivers, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 1064...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Andreas Beckmann <a...@debian.org> (supplier of updated nvidia-graphics-drivers 
package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Tue, 29 Apr 2025 09:15:30 +0200
Source: nvidia-graphics-drivers
Architecture: source
Version: 550.54.15-1
Distribution: experimental
Urgency: medium
Maintainer: Debian NVIDIA Maintainers <pkg-nvidia-de...@lists.alioth.debian.org>
Changed-By: Andreas Beckmann <a...@debian.org>
Closes: 1064983 1072722
Changes:
 nvidia-graphics-drivers (550.54.15-1) experimental; urgency=medium
 .
   * New upstream Tesla branch release 550.54.15 (2024-03-18).
     * This is the last driver release supporting the ppc64el architecture.
   * New upstream production and Tesla branch release 550.54.14 (2024-02-23).
     * Fixed CVE-2024-0074, CVE-2024-0075, CVE-2024-0078.  (Closes: #1064983)
       https://nvidia.custhelp.com/app/answers/detail/a_id/5520
     - Fixed a bug that caused HDMI FRL displays to flicker or blank when
       enabling VRR with 8 bits per color channel.
     - Fixed a regression introduced with the 550.40.07 beta driver which
       caused corrupted window decorations in some applications when running
       on GNOME.
     - Fixed a bug where vkAcquireNextImageKHR() was not returning
       VK_ERROR_OUT_OF_DATE_KHR when it should with WSI X11 swapchains.
     - Fixed a bug where fences passed to VkSwapchainPresentFenceInfoEXT could
       signal earlier than expected when a WSI X11 swapchain becomes out of 
date.
     - Fixed Xid errors on Hogwarts Legacy and Forza Horizon 4.
     * Improved compatibility with recent Linux kernels.
   * New upstream release 535 series.
     - Fixed a regression which prevented some Vulkan applications from
       receiving VK_DEVICE_LOST upon a VT switch, which could lead to the
       application hanging or behaving incorrectly.
 .
   [ Andreas Beckmann ]
   * Merge changes from 535.161.08-3.  (Closes: #1072722)
   * Refresh patches.
   * Update nv-readme.ids.
   * Update symbols files.
   * libcuda1: Add Provides: libcuda-12.4-1.
Checksums-Sha1:
 c9cd32ee870b1ac7ed50ff9e9db4863e9f65ecc1 8004 
nvidia-graphics-drivers_550.54.15-1.dsc
 9ba4069635e82b73ac5e21a84fb8b18349c7f3d5 305592449 
nvidia-graphics-drivers_550.54.15.orig-amd64.tar.gz
 6d8928eb8c728dd2b329163ceb453ef8bde5edfa 235555719 
nvidia-graphics-drivers_550.54.15.orig-arm64.tar.gz
 4b98ca93bc6425b0f481af680875b8d9a53c6cbe 98523127 
nvidia-graphics-drivers_550.54.15.orig-ppc64el.tar.gz
 97540c8d3017832a6b2e1a0613c7e39835601301 138 
nvidia-graphics-drivers_550.54.15.orig.tar.gz
 d1bd11e8808700b25f502378645b5edaa9f9e8e3 240864 
nvidia-graphics-drivers_550.54.15-1.debian.tar.xz
 db34fb7363e4e5f5dc6bc48104d448c0802200df 5438 
nvidia-graphics-drivers_550.54.15-1_source.buildinfo
Checksums-Sha256:
 23470e159991bff4a47c6e39d14f5ca79b6d9a994c726814441ba5ec66819dd1 8004 
nvidia-graphics-drivers_550.54.15-1.dsc
 f5ffbcd97466972e6222f297da7cb711305766a0a8f01e88aee01db9eb6e2a19 305592449 
nvidia-graphics-drivers_550.54.15.orig-amd64.tar.gz
 a51c77be2c09b29b95d99232a4e99f85f8c9f5be961cbe769cfa0aa15b190028 235555719 
nvidia-graphics-drivers_550.54.15.orig-arm64.tar.gz
 ca481ce3df5dcffcb5de8fd1f33d87c91e2025ad8f6be878aa92bed17ba6da63 98523127 
nvidia-graphics-drivers_550.54.15.orig-ppc64el.tar.gz
 bd8a69bc6f34b46951b43bb2c9c60017b27b24a43157d3485e24df119e114ca2 138 
nvidia-graphics-drivers_550.54.15.orig.tar.gz
 ae0cfda88d7e5286ab48ef47aca98a4e80ceb963bfbfc4f22ef930dbab42313b 240864 
nvidia-graphics-drivers_550.54.15-1.debian.tar.xz
 ca3be809d1f3f2b7dacbe179dbe1dfb91022709df7e3618bd5509e88d6fc2e4d 5438 
nvidia-graphics-drivers_550.54.15-1_source.buildinfo
Files:
 0a8e6018a1f522a0ab6d0d8cb9c638c3 8004 non-free/libs optional 
nvidia-graphics-drivers_550.54.15-1.dsc
 e76a75317d1fe9963202cabcf470a66f 305592449 non-free/libs optional 
nvidia-graphics-drivers_550.54.15.orig-amd64.tar.gz
 50402a0f6d2e6d9582598c6abfb79358 235555719 non-free/libs optional 
nvidia-graphics-drivers_550.54.15.orig-arm64.tar.gz
 2e038e65db3c399c01a955fb42d7ad4c 98523127 non-free/libs optional 
nvidia-graphics-drivers_550.54.15.orig-ppc64el.tar.gz
 65aade5a6de87a0fa53f98c2d0f77874 138 non-free/libs optional 
nvidia-graphics-drivers_550.54.15.orig.tar.gz
 70375074f4f2aaa7101373dfcb45a921 240864 non-free/libs optional 
nvidia-graphics-drivers_550.54.15-1.debian.tar.xz
 43daa87118e4f38b73c392307616b590 5438 non-free/libs optional 
nvidia-graphics-drivers_550.54.15-1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJEBAEBCAAuFiEE6/MKMKjZxjvaRMaUX7M/k1np7QgFAmgQgFsQHGFuYmVAZGVi
aWFuLm9yZwAKCRBfsz+TWentCC7xD/97tADRUZHnlAv0qogbOYLiB7D/mQTMWzvx
ebqbnS1Udc5vvAOsQCbgCiq09650jhnBExSi4c2/YlfQHO6oV/2QhLbMPv9Xvx5B
VjvoWAxrKyJ7I/CHHoGN/xVtxCAHMsy0/pm9f0lttwCJdKGvbib6Q9fOSS9q+4zO
oxpQdIDm+czvpKMb365usxcoSBx/VdUoTG3FntY79JUkBZdrx4CQq+I++dqviIIP
LRcBgjIkqD1xE3sgu7M8jRiQI8JlMgkjemWUG+Ev/aIEunsvEnQqbw9KCCXRZVib
4pfPlS8snlYqRUYZUeBa7oJywJPJdBtHJfN7jfb7U3x9ek5pdZpI0bKSimKmcste
qcJ+d3ixCqXa2l1TY6pAkGvRCct25DfwglAFl+tW2XTpyx4tcI0IcYlAzIY0MPLg
kqzoa5y4Q6Q1MbZ0jqKnSxZQ1z4Dvx2gO6Gjwa6raR4E6s5JW471gHejMHxwImFp
wN4XYFesqipvMdeSvZ55wKLhTCFVVFxMZJDfTAVfD3ZQuXQ+eeaGGK2KU9GK6rir
ybfUfOmKu5h94msdaoF/vECY+BCqGi/V3Udap/CW/vqn3O5qD/PMKPIN4f10oflZ
2YzNR6QMz8pHW6yOa8Rlv1OFie3UKALVmcqHewMDGgGGzXOalGZ6+sXU3joQQ+Kd
TBoiflxY+g==
=5/Y9
-----END PGP SIGNATURE-----

pgpvfLKNT2fKL.pgp
Description: PGP signature

--- End Message ---

Bug#1064983: marked as done (nvidia-graphics-drivers: CVE-2024-0074, CVE-2024-0075, CVE-2022-42265, CVE-2024-0078)

Reply via email to