[Git][security-tracker-team/security-tracker][master] 2 commits: Add CVE-2020-5967/nvidia-graphics-drivers*

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
edcbeab5 by Salvatore Bonaccorso at 2020-06-26T20:52:54+02:00
Add CVE-2020-5967/nvidia-graphics-drivers*

- - - - -
a7b74f38 by Salvatore Bonaccorso at 2020-06-26T20:53:22+02:00
Update CVE-2020-5963 and associate with nvidia-graphics-drivers*

The upstream advisory in the Linux specific table references the CVE
affecting the NVIDIA driver for Linux. Thus moe from NFU to explicitly
listing the source packages.

Either the table is wrong or the CVE description.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -24170,7 +24170,17 @@ CVE-2020-5969
 CVE-2020-5968
 	RESERVED
 CVE-2020-5967 (NVIDIA Linux GPU Display Driver, all versions, contains a vulnerabilit ...)
-	TODO: check
+	- nvidia-graphics-drivers <unfixed> (bug #963766)
+	[buster] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
+	[stretch] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
+	- nvidia-graphics-drivers-legacy-390xx <unfixed>
+	[buster] - nvidia-graphics-drivers-legacy-390xx <no-dsa> (Non-free not supported)
+	- nvidia-graphics-drivers-legacy-340xx <unfixed>
+	[buster] - nvidia-graphics-drivers-legacy-340xx <no-dsa> (Non-free not supported)
+	[stretch] - nvidia-graphics-drivers-legacy-340xx <no-dsa> (Non-free not supported)
+	- nvidia-graphics-drivers-legacy-304xx <unfixed>
+	[stretch] - nvidia-graphics-drivers-legacy-304xx <no-dsa> (Non-free not supported)
+	NOTE: https://nvidia.custhelp.com/app/answers/detail/a_id/5031/kw/Security%20Bulletin
 CVE-2020-5966 (NVIDIA Windows GPU Display Driver, all versions, contains a vulnerabil ...)
 	NOT-FOR-US: NVIDIA Windows GPU Display Driver
 CVE-2020-5965 (NVIDIA Windows GPU Display Driver, all versions, contains a vulnerabil ...)
@@ -24178,7 +24188,17 @@ CVE-2020-5965 (NVIDIA Windows GPU Display Driver, all versions, contains a vulne
 CVE-2020-5964 (NVIDIA Windows GPU Display Driver, all versions, contains a vulnerabil ...)
 	NOT-FOR-US: NVIDIA Windows GPU Display Driver
 CVE-2020-5963 (NVIDIA Windows GPU Display Driver, all versions, contains a vulnerabil ...)
-	NOT-FOR-US: NVIDIA Windows GPU Display Driver
+	- nvidia-graphics-drivers <unfixed> (bug #963766)
+	[buster] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
+	[stretch] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
+	- nvidia-graphics-drivers-legacy-390xx <unfixed>
+	[buster] - nvidia-graphics-drivers-legacy-390xx <no-dsa> (Non-free not supported)
+	- nvidia-graphics-drivers-legacy-340xx <unfixed>
+	[buster] - nvidia-graphics-drivers-legacy-340xx <no-dsa> (Non-free not supported)
+	[stretch] - nvidia-graphics-drivers-legacy-340xx <no-dsa> (Non-free not supported)
+	- nvidia-graphics-drivers-legacy-304xx <unfixed>
+	[stretch] - nvidia-graphics-drivers-legacy-304xx <no-dsa> (Non-free not supported)
+	NOTE: https://nvidia.custhelp.com/app/answers/detail/a_id/5031/kw/Security%20Bulletin
 CVE-2020-5962 (NVIDIA Windows GPU Display Driver, all versions, contains a vulnerabil ...)
 	NOT-FOR-US: NVIDIA Windows GPU Display Driver
 CVE-2020-5961 (NVIDIA vGPU graphics driver for guest OS contains a vulnerability in w ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/7b050dbe55038ea4e3a4bed65f8dff9f8a6565f2...a7b74f3842d52fc22a8f90f7e23096b0808af437

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/7b050dbe55038ea4e3a4bed65f8dff9f8a6565f2...a7b74f3842d52fc22a8f90f7e23096b0808af437
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200626/3b7605fd/attachment-0001.html>