[Git][security-tracker-team/security-tracker][master] Add three more CVEs for nvidia graphics drivers update

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
e7a5d063 by Salvatore Bonaccorso at 2025-10-12T18:09:16+02:00
Add three more CVEs for nvidia graphics drivers update

They are referenced in
https://nvidia.custhelp.com/app/answers/detail/a_id/5703 , but the
advisory is not very transparent. The CVEs are listed in the "CVEs
Addressed in Each Linux Driver Branch" section as well.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -366,6 +366,106 @@ CVE-2025-25017 (Improper Neutralization of Input During Web Page Generation in K
 	- kibana <itp> (bug #700337)
 CVE-2025-23309 (NVIDIA Display Driver contains a vulnerability where an uncontrolled D ...)
 	NOT-FOR-US: NVIDIA display drivers for Windows
+CVE-2025-23345
+	- nvidia-graphics-drivers <unfixed>
+	[trixie] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
+	[bookworm] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
+	- nvidia-graphics-drivers-legacy-340xx <unfixed>
+	- nvidia-graphics-drivers-legacy-390xx <unfixed>
+	- nvidia-graphics-drivers-tesla-418 <unfixed>
+	- nvidia-graphics-drivers-tesla-450 450.248.02-4
+	NOTE: 450.248.02-4 turned the package into a metapackage to aid switching to nvidia-graphics-drivers-tesla-470
+	- nvidia-graphics-drivers-tesla-460 460.106.00-3
+	NOTE: 460.106.00-3 turned the package into a metapackage to aid switching to nvidia-graphics-drivers-tesla-470
+	- nvidia-graphics-drivers-tesla-470 <unfixed>
+	[bookworm] - nvidia-graphics-drivers-tesla-470 <no-dsa> (Non-free not supported)
+	[bullseye] - nvidia-graphics-drivers-tesla-470 <ignored> (Non-free not supported)
+	- nvidia-graphics-drivers-tesla 525.147.05-6
+	NOTE: 525.147.05-6 turned the package into a metapackage to aid switching to nvidia-graphics-drivers
+	- nvidia-open-gpu-kernel-modules <unfixed>
+	[trixie] - nvidia-open-gpu-kernel-modules <no-dsa> (Contrib not supported)
+	[bookworm] - nvidia-open-gpu-kernel-modules <no-dsa> (Contrib not supported)
+	[experimental] - nvidia-graphics-drivers-tesla-535 535.261.03-1
+	- nvidia-graphics-drivers-tesla-535 <unfixed>
+	[trixie] - nvidia-graphics-drivers-tesla-535 <no-dsa> (Non-free not supported)
+	[bookworm] - nvidia-graphics-drivers-tesla-535 <no-dsa> (Non-free not supported)
+	- nvidia-graphics-drivers-tesla-550 <unfixed>
+	NOTE: https://nvidia.custhelp.com/app/answers/detail/a_id/5703
+CVE-2025-23332
+	- nvidia-graphics-drivers <unfixed>
+	[trixie] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
+	[bookworm] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
+	- nvidia-graphics-drivers-legacy-340xx <unfixed>
+	- nvidia-graphics-drivers-legacy-390xx <unfixed>
+	- nvidia-graphics-drivers-tesla-418 <unfixed>
+	- nvidia-graphics-drivers-tesla-450 450.248.02-4
+	NOTE: 450.248.02-4 turned the package into a metapackage to aid switching to nvidia-graphics-drivers-tesla-470
+	- nvidia-graphics-drivers-tesla-460 460.106.00-3
+	NOTE: 460.106.00-3 turned the package into a metapackage to aid switching to nvidia-graphics-drivers-tesla-470
+	- nvidia-graphics-drivers-tesla-470 <unfixed>
+	[bookworm] - nvidia-graphics-drivers-tesla-470 <no-dsa> (Non-free not supported)
+	[bullseye] - nvidia-graphics-drivers-tesla-470 <ignored> (Non-free not supported)
+	- nvidia-graphics-drivers-tesla 525.147.05-6
+	NOTE: 525.147.05-6 turned the package into a metapackage to aid switching to nvidia-graphics-drivers
+	- nvidia-open-gpu-kernel-modules <unfixed>
+	[trixie] - nvidia-open-gpu-kernel-modules <no-dsa> (Contrib not supported)
+	[bookworm] - nvidia-open-gpu-kernel-modules <no-dsa> (Contrib not supported)
+	[experimental] - nvidia-graphics-drivers-tesla-535 535.261.03-1
+	- nvidia-graphics-drivers-tesla-535 <unfixed>
+	[trixie] - nvidia-graphics-drivers-tesla-535 <no-dsa> (Non-free not supported)
+	[bookworm] - nvidia-graphics-drivers-tesla-535 <no-dsa> (Non-free not supported)
+	- nvidia-graphics-drivers-tesla-550 <unfixed>
+	NOTE: https://nvidia.custhelp.com/app/answers/detail/a_id/5703
+CVE-2025-23330
+	- nvidia-graphics-drivers <unfixed>
+	[trixie] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
+	[bookworm] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
+	- nvidia-graphics-drivers-legacy-340xx <unfixed>
+	- nvidia-graphics-drivers-legacy-390xx <unfixed>
+	- nvidia-graphics-drivers-tesla-418 <unfixed>
+	- nvidia-graphics-drivers-tesla-450 450.248.02-4
+	NOTE: 450.248.02-4 turned the package into a metapackage to aid switching to nvidia-graphics-drivers-tesla-470
+	- nvidia-graphics-drivers-tesla-460 460.106.00-3
+	NOTE: 460.106.00-3 turned the package into a metapackage to aid switching to nvidia-graphics-drivers-tesla-470
+	- nvidia-graphics-drivers-tesla-470 <unfixed>
+	[bookworm] - nvidia-graphics-drivers-tesla-470 <no-dsa> (Non-free not supported)
+	[bullseye] - nvidia-graphics-drivers-tesla-470 <ignored> (Non-free not supported)
+	- nvidia-graphics-drivers-tesla 525.147.05-6
+	NOTE: 525.147.05-6 turned the package into a metapackage to aid switching to nvidia-graphics-drivers
+	- nvidia-open-gpu-kernel-modules <unfixed>
+	[trixie] - nvidia-open-gpu-kernel-modules <no-dsa> (Contrib not supported)
+	[bookworm] - nvidia-open-gpu-kernel-modules <no-dsa> (Contrib not supported)
+	[experimental] - nvidia-graphics-drivers-tesla-535 535.261.03-1
+	- nvidia-graphics-drivers-tesla-535 <unfixed>
+	[trixie] - nvidia-graphics-drivers-tesla-535 <no-dsa> (Non-free not supported)
+	[bookworm] - nvidia-graphics-drivers-tesla-535 <no-dsa> (Non-free not supported)
+	- nvidia-graphics-drivers-tesla-550 <unfixed>
+	NOTE: https://nvidia.custhelp.com/app/answers/detail/a_id/5703
+CVE-2025-23300
+	- nvidia-graphics-drivers <unfixed>
+	[trixie] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
+	[bookworm] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
+	- nvidia-graphics-drivers-legacy-340xx <unfixed>
+	- nvidia-graphics-drivers-legacy-390xx <unfixed>
+	- nvidia-graphics-drivers-tesla-418 <unfixed>
+	- nvidia-graphics-drivers-tesla-450 450.248.02-4
+	NOTE: 450.248.02-4 turned the package into a metapackage to aid switching to nvidia-graphics-drivers-tesla-470
+	- nvidia-graphics-drivers-tesla-460 460.106.00-3
+	NOTE: 460.106.00-3 turned the package into a metapackage to aid switching to nvidia-graphics-drivers-tesla-470
+	- nvidia-graphics-drivers-tesla-470 <unfixed>
+	[bookworm] - nvidia-graphics-drivers-tesla-470 <no-dsa> (Non-free not supported)
+	[bullseye] - nvidia-graphics-drivers-tesla-470 <ignored> (Non-free not supported)
+	- nvidia-graphics-drivers-tesla 525.147.05-6
+	NOTE: 525.147.05-6 turned the package into a metapackage to aid switching to nvidia-graphics-drivers
+	- nvidia-open-gpu-kernel-modules <unfixed>
+	[trixie] - nvidia-open-gpu-kernel-modules <no-dsa> (Contrib not supported)
+	[bookworm] - nvidia-open-gpu-kernel-modules <no-dsa> (Contrib not supported)
+	[experimental] - nvidia-graphics-drivers-tesla-535 535.261.03-1
+	- nvidia-graphics-drivers-tesla-535 <unfixed>
+	[trixie] - nvidia-graphics-drivers-tesla-535 <no-dsa> (Non-free not supported)
+	[bookworm] - nvidia-graphics-drivers-tesla-535 <no-dsa> (Non-free not supported)
+	- nvidia-graphics-drivers-tesla-550 <unfixed>
+	NOTE: https://nvidia.custhelp.com/app/answers/detail/a_id/5703
 CVE-2025-23282 (NVIDIA Display Driver for Linux contains a vulnerability where an atta ...)
 	- nvidia-graphics-drivers <unfixed>
 	[trixie] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e7a5d063ca327cd806d444470123cc7f94ce8269

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e7a5d063ca327cd806d444470123cc7f94ce8269
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251012/406b6b96/attachment.htm>