Bug#1072792: nvidia-graphics-drivers: CVE-2024-0090, CVE-2024-0091, CVE-2024-0092
Andreas Beckmann
anbe at debian.org
Fri Jun 7 23:03:47 BST 2024
Source: nvidia-graphics-drivers
Severity: serious
Tags: security upstream
X-Debbugs-Cc: Debian Security Team <team at security.debian.org>
Control: clone -1 -2 -3 -4 -5 -6 -7 -8 -9
Control: reassign -2 src:nvidia-graphics-drivers-legacy-340xx 340.76-6
Control: retitle -2 nvidia-graphics-drivers-legacy-340xx: CVE-2024-0090, CVE-2024-0092
Control: tag -2 + wontfix
Control: reassign -3 src:nvidia-graphics-drivers-legacy-390xx 390.48-4
Control: retitle -3 nvidia-graphics-drivers-legacy-390xx: CVE-2024-0090, CVE-2024-0092
Control: tag -3 + wontfix
Control: reassign -4 src:nvidia-graphics-drivers-tesla-418 418.87.01-1
Control: retitle -4 nvidia-graphics-drivers-tesla-418: CVE-2024-0090, CVE-2024-0092
Control: tag -4 + wontfix
Control: reassign -5 src:nvidia-graphics-drivers-tesla-450 450.51.05-1
Control: retitle -5 nvidia-graphics-drivers-tesla-450: CVE-2024-0090, CVE-2024-0092
Control: tag -5 + wontfix
Control: close -5 450.248.02-4
Control: reassign -6 src:nvidia-graphics-drivers-tesla-460 460.32.03-1
Control: retitle -6 nvidia-graphics-drivers-tesla-460: CVE-2024-0090, CVE-2024-0092
Control: tag -6 + wontfix
Control: close -6 460.106.00-3
Control: reassign -7 src:nvidia-graphics-drivers-tesla-470 470.57.02-1
Control: retitle -7 nvidia-graphics-drivers-tesla-470: CVE-2024-0090, CVE-2024-0092
Control: reassign -8 src:nvidia-graphics-drivers-tesla 510.85.02-1
Control: retitle -8 nvidia-graphics-drivers-tesla: CVE-2024-0090, CVE-2024-0092
Control: found -8 515.48.07-1
Control: found -8 525.60.13-1
Control: tag -8 + wontfix
Control: close -8 525.147.05-6
Control: reassign -9 src:nvidia-open-gpu-kernel-modules 515.43.04-1
Control: retitle -9 nvidia-open-gpu-kernel-modules: CVE-2024-0090, CVE-2024-0091, CVE-2024-0092
Control: found -9 520.56.06-1
Control: found -9 525.85.12-1
Control: found -9 530.30.02-1
Control: found -9 535.43.02-1
Control: found -9 545.23.06-1
Control: found -9 550.40.07-1
Control: found -9 555.42.02-1
Control: found -1 340.24-1
Control: found -1 343.22-1
Control: found -1 396.18-1
Control: found -1 430.14-1
Control: found -1 455.23.04-1
Control: found -1 465.24.02-1
Control: found -1 495.44-1
Control: found -1 515.48.07-1
Control: found -1 520.56.06-1
Control: found -1 525.53-1
Control: found -1 530.30.02-1
Control: found -1 535.43.02-1
Control: found -1 545.23.06-1
Control: found -1 550.40.07-1
Control: found -1 555.42.02-1
https://nvidia.custhelp.com/app/answers/detail/a_id/5551
CVE-2024-0090 NVIDIA GPU driver for Windows and Linux contains a
vulnerability where a user can cause an out-of-bounds write. A
successful exploit of this vulnerability might lead to code execution,
denial of service, escalation of privileges, information disclosure, and
data tampering.
CVE-2024-0091 NVIDIA GPU Display Driver for Windows and Linux contains
a vulnerability where a user can cause an untrusted pointer dereference
by executing a driver API. A successful exploit of this vulnerability
might lead to denial of service, information disclosure, and data
tampering.
CVE-2024-0092 NVIDIA GPU Driver for Windows and Linux contains a
vulnerability where an improper check or improper handling of exception
conditions might lead to denial of service.
Linux Driver Branch CVE IDs Addressed
R555, R550 CVE-2024-0090, CVE-2024-0091, CVE-2024-0092
R535, R470 CVE-2024-0090, CVE-2024-0092
Driver Branch Affected Driver Versions Updated Driver Version
R555 All driver versions prior to 555.52.04 555.52.04
R550 All driver versions prior to 550.90.07 550.90.07
R535 All driver versions prior to 535.183.01 535.183.01
R470 All driver versions prior to 470.256.02 470.256.02
Andreas
More information about the pkg-nvidia-devel
mailing list