Bug#1072792: marked as done (nvidia-graphics-drivers: CVE-2024-0090, CVE-2024-0091, CVE-2024-0092)

Mon, 12 May 2025 11:39:20 -0700 

Your message dated Mon, 12 May 2025 18:34:35 +0000
with message-id <e1uexz1-0063sq...@fasolo.debian.org>
and subject line Bug#1072792: fixed in nvidia-graphics-drivers 550.90.07-1
has caused the Debian Bug report #1072792,
regarding nvidia-graphics-drivers: CVE-2024-0090, CVE-2024-0091, CVE-2024-0092
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
1072792: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1072792
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message --- 
Source: nvidia-graphics-drivers
Severity: serious
Tags: security upstream
X-Debbugs-Cc: Debian Security Team <t...@security.debian.org>
Control: clone -1 -2 -3 -4 -5 -6 -7 -8 -9
Control: reassign -2 src:nvidia-graphics-drivers-legacy-340xx 340.76-6
Control: retitle -2 nvidia-graphics-drivers-legacy-340xx: CVE-2024-0090, 
CVE-2024-0092
Control: tag -2 + wontfix
Control: reassign -3 src:nvidia-graphics-drivers-legacy-390xx 390.48-4
Control: retitle -3 nvidia-graphics-drivers-legacy-390xx: CVE-2024-0090, 
CVE-2024-0092
Control: tag -3 + wontfix
Control: reassign -4 src:nvidia-graphics-drivers-tesla-418 418.87.01-1
Control: retitle -4 nvidia-graphics-drivers-tesla-418: CVE-2024-0090, 
CVE-2024-0092
Control: tag -4 + wontfix
Control: reassign -5 src:nvidia-graphics-drivers-tesla-450 450.51.05-1
Control: retitle -5 nvidia-graphics-drivers-tesla-450: CVE-2024-0090, 
CVE-2024-0092
Control: tag -5 + wontfix
Control: close -5 450.248.02-4
Control: reassign -6 src:nvidia-graphics-drivers-tesla-460 460.32.03-1
Control: retitle -6 nvidia-graphics-drivers-tesla-460: CVE-2024-0090, 
CVE-2024-0092
Control: tag -6 + wontfix
Control: close -6 460.106.00-3
Control: reassign -7 src:nvidia-graphics-drivers-tesla-470 470.57.02-1
Control: retitle -7 nvidia-graphics-drivers-tesla-470: CVE-2024-0090, 
CVE-2024-0092
Control: reassign -8 src:nvidia-graphics-drivers-tesla 510.85.02-1
Control: retitle -8 nvidia-graphics-drivers-tesla: CVE-2024-0090, CVE-2024-0092
Control: found -8 515.48.07-1
Control: found -8 525.60.13-1
Control: tag -8 + wontfix
Control: close -8 525.147.05-6
Control: reassign -9 src:nvidia-open-gpu-kernel-modules 515.43.04-1
Control: retitle -9 nvidia-open-gpu-kernel-modules: CVE-2024-0090, 
CVE-2024-0091, CVE-2024-0092
Control: found -9 520.56.06-1
Control: found -9 525.85.12-1
Control: found -9 530.30.02-1
Control: found -9 535.43.02-1
Control: found -9 545.23.06-1
Control: found -9 550.40.07-1
Control: found -9 555.42.02-1
Control: found -1 340.24-1
Control: found -1 343.22-1
Control: found -1 396.18-1
Control: found -1 430.14-1
Control: found -1 455.23.04-1
Control: found -1 465.24.02-1
Control: found -1 495.44-1
Control: found -1 515.48.07-1
Control: found -1 520.56.06-1
Control: found -1 525.53-1
Control: found -1 530.30.02-1
Control: found -1 535.43.02-1
Control: found -1 545.23.06-1
Control: found -1 550.40.07-1
Control: found -1 555.42.02-1

https://nvidia.custhelp.com/app/answers/detail/a_id/5551

CVE-2024-0090   NVIDIA GPU driver for Windows and Linux contains a
vulnerability where a user can cause an out-of-bounds write. A
successful exploit of this vulnerability might lead to code execution,
denial of service, escalation of privileges, information disclosure, and
data tampering.

CVE-2024-0091   NVIDIA GPU Display Driver for Windows and Linux contains
a vulnerability where a user can cause an untrusted pointer dereference
by executing a driver API. A successful exploit of this vulnerability
might lead to denial of service, information disclosure, and data
tampering.

CVE-2024-0092   NVIDIA GPU Driver for Windows and Linux contains a
vulnerability where an improper check or improper handling of exception
conditions might lead to denial of service.

Linux Driver Branch     CVE IDs Addressed
R555, R550              CVE-2024-0090, CVE-2024-0091, CVE-2024-0092
R535, R470              CVE-2024-0090, CVE-2024-0092

Driver Branch   Affected Driver Versions                        Updated Driver 
Version
R555            All driver versions prior to 555.52.04          555.52.04
R550            All driver versions prior to 550.90.07          550.90.07
R535            All driver versions prior to 535.183.01         535.183.01
R470            All driver versions prior to 470.256.02         470.256.02


Andreas

--- End Message ---
--- Begin Message --- 
Source: nvidia-graphics-drivers
Source-Version: 550.90.07-1
Done: Andreas Beckmann <a...@debian.org>

We believe that the bug you reported is fixed in the latest version of
nvidia-graphics-drivers, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 1072...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Andreas Beckmann <a...@debian.org> (supplier of updated nvidia-graphics-drivers 
package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Mon, 12 May 2025 20:04:34 +0200
Source: nvidia-graphics-drivers
Architecture: source
Version: 550.90.07-1
Distribution: experimental
Urgency: medium
Maintainer: Debian NVIDIA Maintainers <pkg-nvidia-de...@lists.alioth.debian.org>
Changed-By: Andreas Beckmann <a...@debian.org>
Closes: 1072792
Changes:
 nvidia-graphics-drivers (550.90.07-1) experimental; urgency=medium
 .
   * New upstream production and Tesla branch release 550.90.07 (2024-06-04).
     * Fixed CVE-2024-0090, CVE-2024-0091, CVE-2024-0092.  (Closes: #1072792)
       https://nvidia.custhelp.com/app/answers/detail/a_id/5551
     - Temporarily disabled the GLX_EXT_buffer_age extension on Xwayland to
       work around a bug that could cause corruption.
     - Fixed a bug that could cause corruption when the GLX_EXT_buffer_age
       extension is used on X.org with PRIME render offloading.
 .
   [ Andreas Beckmann ]
   * Update nv-readme.ids.
   * Refresh patches.
Checksums-Sha1:
 195f7ac68f254befca8963c44833c04a5e68ed1e 7321 
nvidia-graphics-drivers_550.90.07-1.dsc
 21949bfe6568fdd02a7f6a117a0b1e3cbf11a156 306145369 
nvidia-graphics-drivers_550.90.07.orig-amd64.tar.gz
 f74d755765884f7ad607dffaebbef9ac810baa45 235966857 
nvidia-graphics-drivers_550.90.07.orig-arm64.tar.gz
 bfdb7d5739e6db39599513008600c4bbbefd1cba 140 
nvidia-graphics-drivers_550.90.07.orig.tar.gz
 9ab3c54610aa31f0b70f141c2cd40eb8a1c29727 238772 
nvidia-graphics-drivers_550.90.07-1.debian.tar.xz
 5c07a1124778c7b1823d2da822bf62cc1bb94b83 5441 
nvidia-graphics-drivers_550.90.07-1_source.buildinfo
Checksums-Sha256:
 92143e9e2d13386e4c52a17ba968bf789dd0794db5e0a4849dd92838080bbebd 7321 
nvidia-graphics-drivers_550.90.07-1.dsc
 219e282e3592c162327f468b8cc63fb464532c158b3cac03f9ee42790121988f 306145369 
nvidia-graphics-drivers_550.90.07.orig-amd64.tar.gz
 a7e6f24f23855f84b308b3bad33c048e56eb61b877616fef27bcf7dcd23432fb 235966857 
nvidia-graphics-drivers_550.90.07.orig-arm64.tar.gz
 70734ffe3104c847c8e6013640200ac8a630925a625e0240bf4943f7d1d36652 140 
nvidia-graphics-drivers_550.90.07.orig.tar.gz
 6d3a8b04670ee58a008daf55ac4c30048a390ff04a21c5b75f823538ef1f129c 238772 
nvidia-graphics-drivers_550.90.07-1.debian.tar.xz
 c5b42a895ebcfea6952ed6a3192a736254555b8425e78068b73040c6731804fa 5441 
nvidia-graphics-drivers_550.90.07-1_source.buildinfo
Files:
 4ffdb00d0ce30d786990a4d76641ea84 7321 non-free/libs optional 
nvidia-graphics-drivers_550.90.07-1.dsc
 e4fdf9a51872d23089051332f01b159d 306145369 non-free/libs optional 
nvidia-graphics-drivers_550.90.07.orig-amd64.tar.gz
 69dde715676f8327143967fac2144277 235966857 non-free/libs optional 
nvidia-graphics-drivers_550.90.07.orig-arm64.tar.gz
 1bfc67d631fbdd99e07b99b629499139 140 non-free/libs optional 
nvidia-graphics-drivers_550.90.07.orig.tar.gz
 d6ab278bd0052f989deaf6c7db7233f1 238772 non-free/libs optional 
nvidia-graphics-drivers_550.90.07-1.debian.tar.xz
 bbe864cbdda6ca539ca20f8929a17b9f 5441 non-free/libs optional 
nvidia-graphics-drivers_550.90.07-1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJEBAEBCAAuFiEE6/MKMKjZxjvaRMaUX7M/k1np7QgFAmgiOYEQHGFuYmVAZGVi
aWFuLm9yZwAKCRBfsz+TWentCLL2D/oCXJv7b4d49LTbkHSKEC7cE7+NSjNLwuwZ
0ukK+RxcUSkd8vZDEiVCLn1+sJDPdSp2N235gM8nSNfIT9SvhIzCBpuzuWhmZF+l
OSUiRwvny5EJDYdGT4xuhqqVUqWpVXr7z9OYl8dvJgfMpOLfhszsSJ1TbZzDiJFg
RyV2pRIq2++YPwNbVRWjAc9uUodLgENuwxZCG6sRHa+/wbnMBWSP2jfbO42xmEoO
TlcqjFSuXYIaLmLkQDU44/4pmHMeTBfQkVw8V+7MZI/l5bJnHJhntsHR+vO7V3ok
YKpkm5gExaYaeXxVjcamN8PPxHCX8gHocTl+uzM2UV1i2zUvryhOQsAz7VCaxuFd
2bb4oW85JTssziD5N2QiS14BBr/3OEtVVCJSYg/A8JweQis1PX7TTH3NpvpmvYcN
0qqnA6JSIOBwUdEBMEa70gB7lsIXls1g7EEineb8+19JctPlyfouU2PDUtVebZtZ
D4hDXoiAV1Xw8EBt9gPUrjJAOC6gYFCoSLMEqdGQqsgPm1HqkjZoc1WiU4oFwCiU
BG8qOXc730Lt8pVcm3AoWXR3UBZN5xZopTmKdStWASmqMresYZo6ZgKIss6g1Kc4
ZlHRbCDIlqsryqerkRbn6tgOOniJVbKrgKPxhHP57Z3wGamVVF7eucdv2llrlomi
ufq2Z8LaTA==
=4giT
-----END PGP SIGNATURE-----

Attachment: pgpOriyUIcif5.pgp
Description: PGP signature


--- End Message ---

Reply via email to