Your message dated Mon, 12 May 2025 18:35:05 +0000
with message-id <e1uexzv-0063vk...@fasolo.debian.org>
and subject line Bug#1072800: fixed in nvidia-open-gpu-kernel-modules
550.90.07-1
has caused the Debian Bug report #1072800,
regarding nvidia-open-gpu-kernel-modules: CVE-2024-0090, CVE-2024-0091,
CVE-2024-0092
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
1072800: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1072800
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: nvidia-graphics-drivers
Severity: serious
Tags: security upstream
X-Debbugs-Cc: Debian Security Team <t...@security.debian.org>
Control: clone -1 -2 -3 -4 -5 -6 -7 -8 -9
Control: reassign -2 src:nvidia-graphics-drivers-legacy-340xx 340.76-6
Control: retitle -2 nvidia-graphics-drivers-legacy-340xx: CVE-2024-0090,
CVE-2024-0092
Control: tag -2 + wontfix
Control: reassign -3 src:nvidia-graphics-drivers-legacy-390xx 390.48-4
Control: retitle -3 nvidia-graphics-drivers-legacy-390xx: CVE-2024-0090,
CVE-2024-0092
Control: tag -3 + wontfix
Control: reassign -4 src:nvidia-graphics-drivers-tesla-418 418.87.01-1
Control: retitle -4 nvidia-graphics-drivers-tesla-418: CVE-2024-0090,
CVE-2024-0092
Control: tag -4 + wontfix
Control: reassign -5 src:nvidia-graphics-drivers-tesla-450 450.51.05-1
Control: retitle -5 nvidia-graphics-drivers-tesla-450: CVE-2024-0090,
CVE-2024-0092
Control: tag -5 + wontfix
Control: close -5 450.248.02-4
Control: reassign -6 src:nvidia-graphics-drivers-tesla-460 460.32.03-1
Control: retitle -6 nvidia-graphics-drivers-tesla-460: CVE-2024-0090,
CVE-2024-0092
Control: tag -6 + wontfix
Control: close -6 460.106.00-3
Control: reassign -7 src:nvidia-graphics-drivers-tesla-470 470.57.02-1
Control: retitle -7 nvidia-graphics-drivers-tesla-470: CVE-2024-0090,
CVE-2024-0092
Control: reassign -8 src:nvidia-graphics-drivers-tesla 510.85.02-1
Control: retitle -8 nvidia-graphics-drivers-tesla: CVE-2024-0090, CVE-2024-0092
Control: found -8 515.48.07-1
Control: found -8 525.60.13-1
Control: tag -8 + wontfix
Control: close -8 525.147.05-6
Control: reassign -9 src:nvidia-open-gpu-kernel-modules 515.43.04-1
Control: retitle -9 nvidia-open-gpu-kernel-modules: CVE-2024-0090,
CVE-2024-0091, CVE-2024-0092
Control: found -9 520.56.06-1
Control: found -9 525.85.12-1
Control: found -9 530.30.02-1
Control: found -9 535.43.02-1
Control: found -9 545.23.06-1
Control: found -9 550.40.07-1
Control: found -9 555.42.02-1
Control: found -1 340.24-1
Control: found -1 343.22-1
Control: found -1 396.18-1
Control: found -1 430.14-1
Control: found -1 455.23.04-1
Control: found -1 465.24.02-1
Control: found -1 495.44-1
Control: found -1 515.48.07-1
Control: found -1 520.56.06-1
Control: found -1 525.53-1
Control: found -1 530.30.02-1
Control: found -1 535.43.02-1
Control: found -1 545.23.06-1
Control: found -1 550.40.07-1
Control: found -1 555.42.02-1
https://nvidia.custhelp.com/app/answers/detail/a_id/5551
CVE-2024-0090 NVIDIA GPU driver for Windows and Linux contains a
vulnerability where a user can cause an out-of-bounds write. A
successful exploit of this vulnerability might lead to code execution,
denial of service, escalation of privileges, information disclosure, and
data tampering.
CVE-2024-0091 NVIDIA GPU Display Driver for Windows and Linux contains
a vulnerability where a user can cause an untrusted pointer dereference
by executing a driver API. A successful exploit of this vulnerability
might lead to denial of service, information disclosure, and data
tampering.
CVE-2024-0092 NVIDIA GPU Driver for Windows and Linux contains a
vulnerability where an improper check or improper handling of exception
conditions might lead to denial of service.
Linux Driver Branch CVE IDs Addressed
R555, R550 CVE-2024-0090, CVE-2024-0091, CVE-2024-0092
R535, R470 CVE-2024-0090, CVE-2024-0092
Driver Branch Affected Driver Versions Updated Driver
Version
R555 All driver versions prior to 555.52.04 555.52.04
R550 All driver versions prior to 550.90.07 550.90.07
R535 All driver versions prior to 535.183.01 535.183.01
R470 All driver versions prior to 470.256.02 470.256.02
Andreas
--- End Message ---
--- Begin Message ---
Source: nvidia-open-gpu-kernel-modules
Source-Version: 550.90.07-1
Done: Andreas Beckmann <a...@debian.org>
We believe that the bug you reported is fixed in the latest version of
nvidia-open-gpu-kernel-modules, which is due to be installed in the Debian FTP
archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 1072...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Andreas Beckmann <a...@debian.org> (supplier of updated
nvidia-open-gpu-kernel-modules package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Mon, 12 May 2025 20:07:19 +0200
Source: nvidia-open-gpu-kernel-modules
Architecture: source
Version: 550.90.07-1
Distribution: experimental
Urgency: medium
Maintainer: Debian NVIDIA Maintainers <pkg-nvidia-de...@lists.alioth.debian.org>
Changed-By: Andreas Beckmann <a...@debian.org>
Closes: 1072800
Changes:
nvidia-open-gpu-kernel-modules (550.90.07-1) experimental; urgency=medium
.
* New upstream production and Tesla branch release 550.90.07 (2024-06-04).
* Fixed CVE-2024-0090, CVE-2024-0091, CVE-2024-0092. (Closes: #1072800)
https://nvidia.custhelp.com/app/answers/detail/a_id/5551
* Sync with src:nvidia-graphics-drivers.
* Refresh patches.
Checksums-Sha1:
1f380137a62cc9936ac0c54f32e49f78d06a5721 2674
nvidia-open-gpu-kernel-modules_550.90.07-1.dsc
179867cef9b21fc14375ef50443cb7e0c47c88b8 13504752
nvidia-open-gpu-kernel-modules_550.90.07.orig.tar.xz
f5450118dc5adcbe047c00e9faefd52fea5d9309 38832
nvidia-open-gpu-kernel-modules_550.90.07-1.debian.tar.xz
ba560ad3efbdd2732c04549ef0c93b87b3055e4a 5535
nvidia-open-gpu-kernel-modules_550.90.07-1_source.buildinfo
Checksums-Sha256:
98712fbf13af726a4f8861d1633716fbda7368612cce989db370ffe9dc818769 2674
nvidia-open-gpu-kernel-modules_550.90.07-1.dsc
5f9e56eb6918fa5435489b92781403aef65db10991979051648d521bc9ec13e8 13504752
nvidia-open-gpu-kernel-modules_550.90.07.orig.tar.xz
3919427957f26f13e8e4ea91f992d50cec2fba58c13c40ccaf8bb72b11548449 38832
nvidia-open-gpu-kernel-modules_550.90.07-1.debian.tar.xz
8a672cadd4086ff92d7d20715700f0bc7555f30ad84e3c17de7ab9ac53675ca7 5535
nvidia-open-gpu-kernel-modules_550.90.07-1_source.buildinfo
Files:
c10906ac247580935f10a8f96a96708e 2674 contrib/kernel optional
nvidia-open-gpu-kernel-modules_550.90.07-1.dsc
f30957c3fe680e7970faf0c08379f773 13504752 contrib/kernel optional
nvidia-open-gpu-kernel-modules_550.90.07.orig.tar.xz
adbb30633b1593875763a7a0f8334263 38832 contrib/kernel optional
nvidia-open-gpu-kernel-modules_550.90.07-1.debian.tar.xz
b38177ccfaf46e66685d434fb437579e 5535 contrib/kernel optional
nvidia-open-gpu-kernel-modules_550.90.07-1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQJEBAEBCAAuFiEE6/MKMKjZxjvaRMaUX7M/k1np7QgFAmgiOfwQHGFuYmVAZGVi
aWFuLm9yZwAKCRBfsz+TWentCBQWD/9dU2AFXlbTIOUlFQe2HdOElF8ywq34qzQY
7+wRyaP7UZqs02AsMVng6X1XMsy3qu7qbVIfdTc3z96x8HL3/fPPd61Kv078kcPc
miK1D+3SyDlpZ7RTt6iA8UUUYcLgKOqr8AInV+bMlZi1C232GmT6zZzFdAeYyyos
wi6JuzK5MfFFVehwiBXd8nxu6bIJyWOn7wd9quVB2d4PAlYLm7/ucDb4zE4Gkd5S
uSlgrg/3P5RyBJ//pgW7UuVjN2XSdDGeJiS27h7DSsY4L0NC5S4b3fvpYz7x54nr
1/udVFhCkNzSGaNlqjlOaXFI3RtmVG/GmD915hDaYkjihAz0bO8WsFuMFmYp7paK
feIW+00zBF9piCWM7jeh0vzvGiHVf9KAjxsShB9jKr2u1n1tWYIJ79HyZdTSsxLJ
449tytdmkk5xkzTxLhxMcdTNnZrr803pB2NQtnx+ok7II4jTkr+fuNZ5g7QPEvdQ
F+lnbeacdClGhdQjr+iaygrIiRXeWMZ6tEOF/L1QBU8J9Cc/BMABSfPfFrUweBjR
UeY9PsVA7tBF9N/X6nobyAcH59jPiDvbXtIn/8o1TTT3alqdge9EoJHnGDavqiuM
RZ869ANnfgj/L6PA9APMrM4bW8ztDPKLegboH5XauaWQTbtO3JZlSdzu/zm5zfEL
Gf32bLa3RQ==
=PI4h
-----END PGP SIGNATURE-----
pgpsh3gQVvZfd.pgp
Description: PGP signature
--- End Message ---
