Описание
Security update for kernel-firmware-nvidia-gspx-G06
This update for kernel-firmware-nvidia-gspx-G06 fixes the following issues:
Update to version 555.42.06 for CUDA.
Security Update 550.90.07:
- CVE-2024-0090: Fixed out of bounds write (bsc#1223356).
- CVE-2024-0092: Fixed incorrect exception handling (bsc#1223356).
- CVE-2024-0091: Fixed untrusted pointer dereference (bsc#1223356).
Changes in kernel-firmware-nvidia-gspx-G06:
-
Update to 550.100 (bsc#1227575)
-
Add a second flavor to be used by the kernel module versions used by CUDA. The firmware targetting CUDA contains '-cuda' in its name to track its versions separately from the graphics firmware. (bsc#1227417)
Changes in nvidia-open-driver-G06-signed:
-
Update to 550.100 (bsc#1227575)
- Fixed a bug that caused OpenGL triple buffering to behave like double buffering.
-
To avoid issues with missing dependencies when no CUDA repo is present make the dependecy to nvidia-compute-G06 conditional.
-
CUDA is not available for Tumbleweed, exclude the build of the cuda flavor.
-
preamble: let the -cuda flavor KMP require the -cuda flavor firmware
-
Add a second flavor for building the kernel module versions used by CUDA. The kmp targetting CUDA contains '-cuda' in its name to track its versions separately from the graphics kmp. (bsc#1227417)
-
Provide the meta package nv-prefer-signed-open-driver to make sure the latest available SUSE-build open driver is installed - independent of the latest available open driver version in he CUDA repository. Rationale: The package cuda-runtime provides the link between CUDA and the kernel driver version through a Requires: cuda-drivers >= %version This implies that a CUDA version will run withany kernel driver version equal or higher than a base version. nvidia-compute-G06 provides the glue layer between CUDA and a specific version of he kernel driver both by providing a set of base libraries and by requiring a specific kernel version. 'cuda-drivers' (provided by nvidia-compute-utils-G06) requires an unversioned nvidia-compute-G06. With this, the resolver will install the latest available and applicable nvidia-compute-G06. nv-prefer-signed-open-driver then represents the latest available open driver version and restricts the nvidia-compute-G06 version to it. (bsc#1227419)
Список пакетов
SUSE Linux Enterprise Module for Basesystem 15 SP6
SUSE Linux Enterprise Module for Public Cloud 15 SP6
openSUSE Leap 15.6
Ссылки
- Link for SUSE-SU-2024:2585-1
- E-Mail link for SUSE-SU-2024:2585-1
- SUSE Security Ratings
- SUSE Bug 1223356
- SUSE Bug 1223454
- SUSE Bug 1227417
- SUSE Bug 1227419
- SUSE Bug 1227575
- SUSE CVE CVE-2024-0090 page
- SUSE CVE CVE-2024-0091 page
- SUSE CVE CVE-2024-0092 page
Описание
NVIDIA GPU driver for Windows and Linux contains a vulnerability where a user can cause an out-of-bounds write. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.
Затронутые продукты
Ссылки
- CVE-2024-0090
- SUSE Bug 1223356
Описание
NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability where a user can cause an untrusted pointer dereference by executing a driver API. A successful exploit of this vulnerability might lead to denial of service, information disclosure, and data tampering.
Затронутые продукты
Ссылки
- CVE-2024-0091
- SUSE Bug 1223356
Описание
NVIDIA GPU Driver for Windows and Linux contains a vulnerability where an improper check or improper handling of exception conditions might lead to denial of service.
Затронутые продукты
Ссылки
- CVE-2024-0092
- SUSE Bug 1223356