Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2024:0770-1

Опубликовано: 05 мар. 2024
Источник: suse-cvrf

Описание

Security update for kernel-firmware-nvidia-gspx-G06, nvidia-open-driver-G06-signed

This update for kernel-firmware-nvidia-gspx-G06, nvidia-open-driver-G06-signed fixes the following issues:

Update to 550.54.14

  • Added vGPU Host and vGPU Guest support. For vGPU Host, please refer to the README.vgpu packaged in the vGPU Host Package for more details.

Security issues fixed:

  • CVE-2024-0074: A user could trigger a NULL ptr dereference.
  • CVE-2024-0075: A user could overwrite the end of a buffer, leading to crashes or code execution.
  • CVE-2022-42265: A unprivileged user could trigger an integer overflow which could lead to crashes or code execution.

  • create /run/udev/static_node-tags/uaccess/nvidia${devid} symlinks also during modprobing the nvidia module; this changes the issue of not having access to /dev/nvidia${devid}, when gfxcard has been replaced by a different gfx card after installing the driver

  • provide nvidia-open-driver-G06-kmp (jsc#PED-7117)

    • this makes it easy to replace the package from nVidia's CUDA repository with this presigned package

Список пакетов

SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS
kernel-firmware-nvidia-gspx-G06-550.54.14-150400.9.21.1
nvidia-open-driver-G06-signed-64kb-devel-550.54.14-150400.9.50.1
nvidia-open-driver-G06-signed-default-devel-550.54.14-150400.9.50.1
nvidia-open-driver-G06-signed-kmp-64kb-550.54.14_k5.14.21_150400.24.108-150400.9.50.1
nvidia-open-driver-G06-signed-kmp-default-550.54.14_k5.14.21_150400.24.108-150400.9.50.1
SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS
kernel-firmware-nvidia-gspx-G06-550.54.14-150400.9.21.1
nvidia-open-driver-G06-signed-64kb-devel-550.54.14-150400.9.50.1
nvidia-open-driver-G06-signed-default-devel-550.54.14-150400.9.50.1
nvidia-open-driver-G06-signed-kmp-64kb-550.54.14_k5.14.21_150400.24.108-150400.9.50.1
nvidia-open-driver-G06-signed-kmp-default-550.54.14_k5.14.21_150400.24.108-150400.9.50.1
SUSE Linux Enterprise Micro 5.3
kernel-firmware-nvidia-gspx-G06-550.54.14-150400.9.21.1
nvidia-open-driver-G06-signed-kmp-default-550.54.14_k5.14.21_150400.24.108-150400.9.50.1
SUSE Linux Enterprise Micro 5.4
kernel-firmware-nvidia-gspx-G06-550.54.14-150400.9.21.1
nvidia-open-driver-G06-signed-kmp-default-550.54.14_k5.14.21_150400.24.108-150400.9.50.1
SUSE Linux Enterprise Server 15 SP4-LTSS
kernel-firmware-nvidia-gspx-G06-550.54.14-150400.9.21.1
nvidia-open-driver-G06-signed-64kb-devel-550.54.14-150400.9.50.1
nvidia-open-driver-G06-signed-default-devel-550.54.14-150400.9.50.1
nvidia-open-driver-G06-signed-kmp-64kb-550.54.14_k5.14.21_150400.24.108-150400.9.50.1
nvidia-open-driver-G06-signed-kmp-default-550.54.14_k5.14.21_150400.24.108-150400.9.50.1
SUSE Linux Enterprise Server for SAP Applications 15 SP4
kernel-firmware-nvidia-gspx-G06-550.54.14-150400.9.21.1
nvidia-open-driver-G06-signed-default-devel-550.54.14-150400.9.50.1
nvidia-open-driver-G06-signed-kmp-default-550.54.14_k5.14.21_150400.24.108-150400.9.50.1
SUSE Manager Proxy 4.3
kernel-firmware-nvidia-gspx-G06-550.54.14-150400.9.21.1
nvidia-open-driver-G06-signed-default-devel-550.54.14-150400.9.50.1
nvidia-open-driver-G06-signed-kmp-default-550.54.14_k5.14.21_150400.24.108-150400.9.50.1
SUSE Manager Server 4.3
kernel-firmware-nvidia-gspx-G06-550.54.14-150400.9.21.1
nvidia-open-driver-G06-signed-default-devel-550.54.14-150400.9.50.1
nvidia-open-driver-G06-signed-kmp-default-550.54.14_k5.14.21_150400.24.108-150400.9.50.1

Ссылки

Описание

NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where an integer overflow may lead to information disclosure or data tampering.

Затронутые продукты
SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-firmware-nvidia-gspx-G06-550.54.14-150400.9.21.1
SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-open-driver-G06-signed-64kb-devel-550.54.14-150400.9.50.1
SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-open-driver-G06-signed-default-devel-550.54.14-150400.9.50.1
SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-open-driver-G06-signed-kmp-64kb-550.54.14_k5.14.21_150400.24.108-150400.9.50.1
Ссылки

Описание

NVIDIA GPU Display Driver for Linux contains a vulnerability where an attacker may access a memory location after the end of the buffer. A successful exploit of this vulnerability may lead to denial of service and data tampering.

Затронутые продукты
SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-firmware-nvidia-gspx-G06-550.54.14-150400.9.21.1
SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-open-driver-G06-signed-64kb-devel-550.54.14-150400.9.50.1
SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-open-driver-G06-signed-default-devel-550.54.14-150400.9.50.1
SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-open-driver-G06-signed-kmp-64kb-550.54.14_k5.14.21_150400.24.108-150400.9.50.1
Ссылки

Описание

NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability where a user may cause a NULL-pointer dereference by accessing passed parameters the validity of which has not been checked. A successful exploit of this vulnerability may lead to denial of service and limited information disclosure.

Затронутые продукты
SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kernel-firmware-nvidia-gspx-G06-550.54.14-150400.9.21.1
SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-open-driver-G06-signed-64kb-devel-550.54.14-150400.9.50.1
SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-open-driver-G06-signed-default-devel-550.54.14-150400.9.50.1
SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nvidia-open-driver-G06-signed-kmp-64kb-550.54.14_k5.14.21_150400.24.108-150400.9.50.1
Ссылки
Уязвимость SUSE-SU-2024:0770-1