#1085976 nvidia-open-gpu-kernel-modules: CVE-2024-0126

Package:
src:nvidia-open-gpu-kernel-modules
Source:
src:nvidia-open-gpu-kernel-modules
Submitter:
Andreas Beckmann
Date:
2025-07-30 10:59:02 UTC
Severity:
normal
Tags:
#1085976#5
Date:
2024-10-24 07:13:49 UTC
From:
To:
Source: nvidia-graphics-drivers
Severity: serious
Tags: security upstream
X-Debbugs-Cc: Debian Security Team <team@security.debian.org>
Control: clone -1 -2 -3 -4 -5 -6 -7 -8 -9
Control: reassign -2 src:nvidia-graphics-drivers-legacy-340xx 340.76-6
Control: retitle -2 nvidia-graphics-drivers-legacy-340xx: CVE-2024-0126
Control: tag -2 + wontfix
Control: reassign -3 src:nvidia-graphics-drivers-legacy-390xx 390.48-4
Control: retitle -3 nvidia-graphics-drivers-legacy-390xx: CVE-2024-0126
Control: tag -3 + wontfix
Control: reassign -4 src:nvidia-graphics-drivers-tesla-418 418.87.01-1
Control: retitle -4 nvidia-graphics-drivers-tesla-418: CVE-2024-0126
Control: tag -4 + wontfix
Control: reassign -5 src:nvidia-graphics-drivers-tesla-450 450.51.05-1
Control: retitle -5 nvidia-graphics-drivers-tesla-450: CVE-2024-0126
Control: tag -5 + wontfix
Control: close -5 450.248.02-4
Control: reassign -6 src:nvidia-graphics-drivers-tesla-460 460.32.03-1
Control: retitle -6 nvidia-graphics-drivers-tesla-460: CVE-2024-0126
Control: tag -6 + wontfix
Control: close -6 460.106.00-3
Control: reassign -7 src:nvidia-graphics-drivers-tesla-470 470.57.02-1
Control: retitle -7 nvidia-graphics-drivers-tesla-470: CVE-2024-0126
Control: tag -7 + wontfix
Control: severity -7 + important
Control: reassign -8 src:nvidia-graphics-drivers-tesla 510.85.02-1
Control: retitle -8 nvidia-graphics-drivers-tesla: CVE-2024-0126
Control: found -8 515.48.07-1
Control: found -8 525.60.13-1
Control: tag -8 + wontfix
Control: close -8 525.147.05-6
Control: reassign -9 src:nvidia-open-gpu-kernel-modules 515.43.04-1
Control: retitle -9 nvidia-open-gpu-kernel-modules: CVE-2024-0126
Control: found -9 520.56.06-1
Control: found -9 525.85.12-1
Control: found -9 530.30.02-1
Control: found -9 535.43.02-1
Control: found -9 545.23.06-1
Control: found -9 550.40.07-1
Control: found -9 555.42.02-1
Control: found -9 560.28.03-1
Control: found -9 565.57.01-1
Control: found -1 340.24-1
Control: found -1 343.22-1
Control: found -1 396.18-1
Control: found -1 430.14-1
Control: found -1 455.23.04-1
Control: found -1 465.24.02-1
Control: found -1 495.44-1
Control: found -1 515.48.07-1
Control: found -1 520.56.06-1
Control: found -1 525.53-1
Control: found -1 530.30.02-1
Control: found -1 535.43.02-1
Control: found -1 545.23.06-1
Control: found -1 550.40.07-1
Control: found -1 555.42.02-1
Control: found -1 560.28.03-1
Control: found -1 565.57.01-1

https://nvidia.custhelp.com/app/answers/detail/a_id/5586

CVE-2024-0126 	NVIDIA GPU Display Driver for Windows and Linux contains
a vulnerability which could allow a privileged attacker to escalate
permissions. A successful exploit of this vulnerability might lead to
code execution, denial of service, escalation of privileges, information
disclosure, and data tampering.

Linux Driver Branch 	CVEs Addressed
R565, R550, R535 	CVE-2024-0126

Driver Branch 	Affected Driver Versions 			Updated Driver Version
R565 		All driver versions prior to 565.57.01 		565.57.01
R550 		All driver versions prior to 550.127.05 	550.127.05
R535 		All driver versions prior to 535.216.01 	535.216.01


Andreas
#1085976#36
Date:
2024-11-13 20:37:27 UTC
From:
To:
We believe that the bug you reported is fixed in the latest version of
nvidia-open-gpu-kernel-modules, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 1085976@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Andreas Beckmann <anbe@debian.org> (supplier of updated nvidia-open-gpu-kernel-modules package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
Format: 1.8
Date: Wed, 13 Nov 2024 20:39:29 +0100
Source: nvidia-open-gpu-kernel-modules
Architecture: source
Version: 535.216.01-1
Distribution: unstable
Urgency: medium
Maintainer: Debian NVIDIA Maintainers <pkg-nvidia-devel@lists.alioth.debian.org>
Changed-By: Andreas Beckmann <anbe@debian.org>
Closes: 1085976
Changes:
 nvidia-open-gpu-kernel-modules (535.216.01-1) unstable; urgency=medium
 .
   * New upstream LTS and Tesla branch release 535.216.01 (2024-10-22).
     * Fixed CVE-2024-0126.  (Closes: #1085976)
https://nvidia.custhelp.com/app/answers/detail/a_id/5586
   * Sync with src:nvidia-graphics-drivers.
Checksums-Sha1:
 04c1104386563ef9a987beb78868513db384d3e2 2681 nvidia-open-gpu-kernel-modules_535.216.01-1.dsc
 3d3b40fae3c0c6467bad2268455debf98cbdd975 12517044 nvidia-open-gpu-kernel-modules_535.216.01.orig.tar.xz
 2ccb981bfa0fad5425771554d154357fd90ad305 22772 nvidia-open-gpu-kernel-modules_535.216.01-1.debian.tar.xz
 c924f60195f3ca6ca008cb2af4c4b1ef71126654 5626 nvidia-open-gpu-kernel-modules_535.216.01-1_source.buildinfo
Checksums-Sha256:
 dd9390cd34e0100b9650fad68ce35a536d27cec29c7cf803b0fbceff99e3e13b 2681 nvidia-open-gpu-kernel-modules_535.216.01-1.dsc
 48e7be5d14ad6c9f5fcd52d1e928b257b7182a51b123498de9bafddd7889fc82 12517044 nvidia-open-gpu-kernel-modules_535.216.01.orig.tar.xz
 3e6fab7b9a4e8196025ad13357bd22cc368d82288e246df2a95f4d492759deac 22772 nvidia-open-gpu-kernel-modules_535.216.01-1.debian.tar.xz
 de1c41571b7a87afd0cf50f079c0935077a4cf20ef9ab8169618a024915084f0 5626 nvidia-open-gpu-kernel-modules_535.216.01-1_source.buildinfo
Files:
 841af1a8f6221b0cfbe276ccc57ce3cb 2681 contrib/kernel optional nvidia-open-gpu-kernel-modules_535.216.01-1.dsc
 0b8145ff93000c07a2d33ca42cacc21e 12517044 contrib/kernel optional nvidia-open-gpu-kernel-modules_535.216.01.orig.tar.xz
 5c90d2ac09d992ff09215a55688296bc 22772 contrib/kernel optional nvidia-open-gpu-kernel-modules_535.216.01-1.debian.tar.xz
 c3b97293c70e8823babcc3c2ff0dceb6 5626 contrib/kernel optional nvidia-open-gpu-kernel-modules_535.216.01-1_source.buildinfo
-----BEGIN PGP SIGNATURE-----

iQJEBAEBCAAuFiEE6/MKMKjZxjvaRMaUX7M/k1np7QgFAmc1Ac0QHGFuYmVAZGVi
aWFuLm9yZwAKCRBfsz+TWentCK+AEACDgCHEcVD3+utNGGJ2w3j391RTKQHHuCTt
qGjgxXxpN8Zb+VRcNxQwmTgwiSxg8KusZVScYfvFarpGBWKh08j1/EAzGoEqqVft
FxEY2+dtSf4mHad7R92w1SR9tPJwqNOrhUKX66F9ZldubWM3ljambWrpNOuIsbwH
jjrX4tJ4fH3QnVwXFRELKOiYEOgMRQMohx4ZeHn2vPGZVyO+400POVSLaE+87Kvu
N3wJ6I4JLoPLFNNUJwcwn8Fx67xNK/AwcmzQvdIO9DVma+sqFaxXM3IQ1yyeVCo6
Da+haaAZYtBLb7UmpaZw+2qsEN1gJpVkO9er2gwC2QrMEsqiiFTLF5uOkUJo4I+q
o0yCAyKrB9YTJkSiqLPM7xwVgRNrEtb6sRIcqgSiBRb39Nr3qV5/LhKHBz9O3r5O
5lk67igrwO6I1d7fJaOYqusTuuRa7wjnZgwAo2dVw+lTc4bAoWScuDA8eKGxQMR6
XPgJOHuAKwohAg6THUBLAQrvm09lP2ZufYwGIwf/sms0U+QsDWWk+0nsXIZ6aSmt
e4QbnEkAQC52/PXQZt+KrUoxbwGhvNzfWHWwgWY4n0UO3VN/hz0uCKi+FzrjNtdN
vAiPXEDUuiB48jlHtf4njOFMiKKh2WkG/x/BybEzY8ahnjM03wRBZjv4O2d6/sKN
waJXwbT+8A==
=XvRx
-----END PGP SIGNATURE-----
#1085976#41
Date:
2024-11-25 17:02:44 UTC
From:
To:
We believe that the bug you reported is fixed in the latest version of
nvidia-open-gpu-kernel-modules, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 1085976@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Andreas Beckmann <anbe@debian.org> (supplier of updated nvidia-open-gpu-kernel-modules package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
Format: 1.8
Date: Wed, 20 Nov 2024 10:22:33 +0100
Source: nvidia-open-gpu-kernel-modules
Architecture: source
Version: 535.216.01-1~deb12u1
Distribution: bookworm
Urgency: medium
Maintainer: Debian NVIDIA Maintainers <pkg-nvidia-devel@lists.alioth.debian.org>
Changed-By: Andreas Beckmann <anbe@debian.org>
Closes: 1085976
Changes:
 nvidia-open-gpu-kernel-modules (535.216.01-1~deb12u1) bookworm; urgency=medium
 .
   * Rebuild for bookworm.
 .
 nvidia-open-gpu-kernel-modules (535.216.01-1) unstable; urgency=medium
 .
   * New upstream LTS and Tesla branch release 535.216.01 (2024-10-22).
     * Fixed CVE-2024-0126.  (Closes: #1085976)
https://nvidia.custhelp.com/app/answers/detail/a_id/5586
   * Sync with src:nvidia-graphics-drivers.
 .
 nvidia-open-gpu-kernel-modules (535.183.06-2) unstable; urgency=medium
 .
   * Sync with src:nvidia-graphics-drivers.
 .
 nvidia-open-gpu-kernel-modules (535.183.06-1) unstable; urgency=medium
 .
   * New upstream Tesla branch release 535.183.06 (2024-07-09).
   * Sync with src:nvidia-graphics-drivers.
   * Refresh patches.
   * Bump Standards-Version to 4.7.0. No changes needed.
Checksums-Sha1:
 80b21c7fde208fd7a548dc83939945a45de1972a 2713 nvidia-open-gpu-kernel-modules_535.216.01-1~deb12u1.dsc
 f279978de98d172a50c223ed6862610a127771fd 22788 nvidia-open-gpu-kernel-modules_535.216.01-1~deb12u1.debian.tar.xz
 88c1428dfd22a644349aab5c0868d7db3d90e53a 5959 nvidia-open-gpu-kernel-modules_535.216.01-1~deb12u1_source.buildinfo
Checksums-Sha256:
 03c18bd252cae6838b6939090ab829b989d5758dac5f408649cc57c54242a29a 2713 nvidia-open-gpu-kernel-modules_535.216.01-1~deb12u1.dsc
 cccccd81c01d6d678800be4b7b49c221ce22d0bebf45cbd39bec9fef2dca24c1 22788 nvidia-open-gpu-kernel-modules_535.216.01-1~deb12u1.debian.tar.xz
 290f0af8b51dd35874bf79650ee7b54dce4becd7a94873c209234eff49c3db3a 5959 nvidia-open-gpu-kernel-modules_535.216.01-1~deb12u1_source.buildinfo
Files:
 ee96465aa2549d1c15c684f4dd390ee8 2713 contrib/kernel optional nvidia-open-gpu-kernel-modules_535.216.01-1~deb12u1.dsc
 1a5ea4ee2a847f6b6efef7dfac3be02e 22788 contrib/kernel optional nvidia-open-gpu-kernel-modules_535.216.01-1~deb12u1.debian.tar.xz
 270e9b823bb97f53bbebd36d8ed484f4 5959 contrib/kernel optional nvidia-open-gpu-kernel-modules_535.216.01-1~deb12u1_source.buildinfo
-----BEGIN PGP SIGNATURE-----

iQJEBAEBCAAuFiEE6/MKMKjZxjvaRMaUX7M/k1np7QgFAmc9q2UQHGFuYmVAZGVi
aWFuLm9yZwAKCRBfsz+TWentCNegD/9Dcxb4j+1CInDWvokxOUGqYW05R31evzbv
r13sADdhaaIGkqKx4y7c7AqUWfxzfPZPPyJDo4+65K2JfCLZr2jroxWcutcCg/Sl
1i2DDKP73m8Dz16vSiox8buMmzZMZbTHI67YBdawMuAgR35O0trWeXCPcwAfVy6q
madfRAlYpo0pNC/V7KFJnM8OJNKC/K0IlxG5k3UOdWMkaLcUJZuu6TW7qEyVWker
FEVayI9X28SLPotz9ZtuA6ua81nvWI1Fsh9MjJDl6CNXm34Vst9OWIfjGCvNhrWJ
J+foaaBnEygsIuJAiHFMx+Pcrv/A0lrIKponpPIRsMibmcKlzwkpdwuZmu+RQYzD
LGKGJ9AVADpLsFRPtZfVUrdVG08Sh50PvjiHwuxUO0YgmpoYw9cApQ3DRlwffnLt
4HUM8U4poAMDduCDx5Us0PKWTsiHFQJhFDngcdrARFKeI732J1hs4p/MzXOqEpPv
H7LPbHNVq1L9IjN0bxOz/l8Ypuuli63OFftbVScoLIbrXBbxugQAlV78VdI1mdps
60b47s/vU6Mq719yayNkwQMy8TuYSor2QUVwAGUWqlLzDuvWGPZC+aKGAPlAFn8I
5imoF1cXWXRyuMkqB961mu5afhVvmrZHjeI583DBWLmG1V+R9nT9sHwzCyluHJPu
nMY6J/umBQ==
=jcI9
-----END PGP SIGNATURE-----
#1085976#46
Date:
2025-05-18 17:35:43 UTC
From:
To:
We believe that the bug you reported is fixed in the latest version of
nvidia-open-gpu-kernel-modules, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 1085976@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Andreas Beckmann <anbe@debian.org> (supplier of updated nvidia-open-gpu-kernel-modules package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
Format: 1.8
Date: Sun, 18 May 2025 19:06:54 +0200
Source: nvidia-open-gpu-kernel-modules
Architecture: source
Version: 550.127.05-1
Distribution: experimental
Urgency: medium
Maintainer: Debian NVIDIA Maintainers <pkg-nvidia-devel@lists.alioth.debian.org>
Changed-By: Andreas Beckmann <anbe@debian.org>
Closes: 1085976
Changes:
 nvidia-open-gpu-kernel-modules (550.127.05-1) experimental; urgency=medium
 .
   * New upstream production and Tesla branch release 550.127.05 (2024-10-22).
     * Fixed CVE-2024-0126.  (Closes: #1085976)
https://nvidia.custhelp.com/app/answers/detail/a_id/5586
   * New upstream production branch release 550.120 (2024-09-19).
   * Sync with src:nvidia-graphics-drivers.
Checksums-Sha1:
 73ff6ee58b570aa188aa2c63faf1bc50d00e9199 2681 nvidia-open-gpu-kernel-modules_550.127.05-1.dsc
 41624210f14ef1d4e5e79272dcf12d7787cd7a75 13539504 nvidia-open-gpu-kernel-modules_550.127.05.orig.tar.xz
 156a597822517d6bd06e2599caac5ea108bf733f 34680 nvidia-open-gpu-kernel-modules_550.127.05-1.debian.tar.xz
 1172a7aee76835495a732fcf0e8d18925a1b9360 5538 nvidia-open-gpu-kernel-modules_550.127.05-1_source.buildinfo
Checksums-Sha256:
 68ca556f4d38d9ccb7fc23c988fee36f39bb9e3467c2e1bb88eb210c0093edae 2681 nvidia-open-gpu-kernel-modules_550.127.05-1.dsc
 f8e24f04c8a51007bb443ee5cb595a99281ad217515c3cec6b7b69f271d0592d 13539504 nvidia-open-gpu-kernel-modules_550.127.05.orig.tar.xz
 f171eacf83ef11dfeaffa47072d906e02817ab81dc79aac0a27ec98fd686aee6 34680 nvidia-open-gpu-kernel-modules_550.127.05-1.debian.tar.xz
 268d88a029b0884f1f5dfc83bba134bdb1a8b758b9e10a83b3fd58e6af31b925 5538 nvidia-open-gpu-kernel-modules_550.127.05-1_source.buildinfo
Files:
 d653a8c2ebb0e9dda13103c69df22309 2681 contrib/kernel optional nvidia-open-gpu-kernel-modules_550.127.05-1.dsc
 96204e666e9e637c6209c2fb5ab056cc 13539504 contrib/kernel optional nvidia-open-gpu-kernel-modules_550.127.05.orig.tar.xz
 6252b321c1ec9997fc7277305db8b083 34680 contrib/kernel optional nvidia-open-gpu-kernel-modules_550.127.05-1.debian.tar.xz
 65582734eaf7560d4cf7736e117686ed 5538 contrib/kernel optional nvidia-open-gpu-kernel-modules_550.127.05-1_source.buildinfo
-----BEGIN PGP SIGNATURE-----

iQJEBAEBCAAuFiEE6/MKMKjZxjvaRMaUX7M/k1np7QgFAmgqFUkQHGFuYmVAZGVi
aWFuLm9yZwAKCRBfsz+TWentCA2qD/9OHYLukSNdRft0LfzD5d5QOsqsG2yNZLzv
nFUOYjLbtIVoVyxl8V0Wa7Vm37bt+NaEKmtRyv4M+Lx647HzQXepbKu9730od18t
hXoWNBOqh1QYBVMsepIYI69wP3KfdCRF9FOpSFE8CU6KAiVIVMF3YlirXHxszurs
yZkYqqLtx2W0NggwSCyHo8LxRp44pfAA0tF34qMBoOtTDFka9RKmykb20MpOEo3h
4s2wvO6Jdi9UGn8TB2y7ZxrIHO7ewV75l/UFZDVj7o8CKZHlGPr9dh907XBxSReV
bhy9VCs3JiSPdvQ4NTnRhmaVPqmo2/wIK13YxAiadg056p5Hlt7B33aIW95Z73wN
hog2lPE7jmccZuNWWUyG8VbZN0j+HAzCwe9bLVUY3SQQlGfIPu8pKXBER5hF5ncH
cHKKMUOM1teZG7bHO0/TO6aF/SzbII6ilgRYIYbOH0MNmAalbRC5GAv+i2ft7Gkt
qdhlWdVmTgZ4NdGN7FODM73BhQkVSMA6GhlqkGrpU62KEfwut246PRAD9kX8N4To
aS6ERQcDRGUT6+LQtnL9ktSWbsXTQB0XZx/dl4He1LTZO6kkVeYGzIQsEyxLTYuK
ztPtK6DYd3m973yZDIS/134OTzHnPEqaR7ztucnJVQuGxx5WHzZmuJoWPKuYcJdy
nBydmSc7uA==
=bCda
-----END PGP SIGNATURE-----