- Package:
- src:nvidia-open-gpu-kernel-modules
- Submitter:
- Andreas Beckmann
- Date:
- 2025-12-26 15:19:03 UTC
- Severity:
- normal
- Tags:
Source: nvidia-graphics-drivers Severity: serious Tags: security upstream X-Debbugs-Cc: Debian Security Team <team@security.debian.org> Control: clone -1 -2 -3 -4 -5 -6 -7 -8 -9 -10 -11 Control: reassign -2 src:nvidia-graphics-drivers-legacy-340xx 340.76-6 Control: retitle -2 nvidia-graphics-drivers-legacy-340xx: CVE-2025-23279, CVE-2025-23286 Control: tag -2 + wontfix Control: reassign -3 src:nvidia-graphics-drivers-legacy-390xx 390.48-4 Control: retitle -3 nvidia-graphics-drivers-legacy-390xx: CVE-2025-23279, CVE-2025-23286 Control: tag -3 + wontfix Control: reassign -4 src:nvidia-graphics-drivers-tesla-418 418.87.01-1 Control: retitle -4 nvidia-graphics-drivers-tesla-418: CVE-2025-23279, CVE-2025-23286 Control: tag -4 + wontfix Control: reassign -5 src:nvidia-graphics-drivers-tesla-450 450.51.05-1 Control: retitle -5 nvidia-graphics-drivers-tesla-450: CVE-2025-23279, CVE-2025-23286 Control: tag -5 + wontfix Control: close -5 450.248.02-4 Control: reassign -6 src:nvidia-graphics-drivers-tesla-460 460.32.03-1 Control: retitle -6 nvidia-graphics-drivers-tesla-460: CVE-2025-23279, CVE-2025-23286 Control: tag -6 + wontfix Control: close -6 460.106.00-3 Control: reassign -7 src:nvidia-graphics-drivers-tesla-470 470.57.02-1 Control: retitle -7 nvidia-graphics-drivers-tesla-470: CVE-2025-23279, CVE-2025-23286 Control: tag -7 + wontfix Control: reassign -8 src:nvidia-graphics-drivers-tesla 510.85.02-1 Control: retitle -8 nvidia-graphics-drivers-tesla: CVE-2025-23279, CVE-2025-23286 Control: found -8 515.48.07-1 Control: found -8 525.60.13-1 Control: tag -8 + wontfix Control: close -8 525.147.05-6 Control: reassign -9 src:nvidia-open-gpu-kernel-modules 515.43.04-1 Control: retitle -9 nvidia-open-gpu-kernel-modules: CVE-2025-23279, CVE-2025-23286 Control: found -9 520.56.06-1 Control: found -9 525.85.12-1 Control: found -9 530.30.02-1 Control: found -9 535.43.02-1 Control: found -9 545.23.06-1 Control: found -9 550.40.07-1 Control: found -9 555.42.02-1 Control: found -9 560.28.03-1 Control: found -9 565.57.01-1 Control: found -9 570.86.16-1 Control: found -9 575.51.02-1 Control: reassign -10 src:nvidia-graphics-drivers-tesla-535 535.216.01-1 Control: retitle -10 nvidia-graphics-drivers-tesla-535: CVE-2025-23279, CVE-2025-23286 Control: reassign -11 src:nvidia-graphics-drivers-tesla-550 550.54.15-1 Control: retitle -11 nvidia-graphics-drivers-tesla-550: CVE-2025-23279, CVE-2025-23286 Control: tag -11 + wontfix Control: found -1 340.24-1 Control: found -1 343.22-1 Control: found -1 396.18-1 Control: found -1 430.14-1 Control: found -1 455.23.04-1 Control: found -1 465.24.02-1 Control: found -1 495.44-1 Control: found -1 515.48.07-1 Control: found -1 520.56.06-1 Control: found -1 525.53-1 Control: found -1 530.30.02-1 Control: found -1 535.43.02-1 Control: found -1 545.23.06-1 Control: found -1 550.40.07-1 Control: found -1 555.42.02-1 Control: found -1 560.28.03-1 Control: found -1 565.57.01-1 Control: found -1 570.86.16-1 Control: found -1 575.51.02-1 https://nvidia.custhelp.com/app/answers/detail/a_id/5670 CVE‑2025‑23279 NVIDIA .run Installer for Linux and Solaris contains a vulnerability where an attacker could use a race condition to escalate privileges. A successful exploit of this vulnerability might lead to coqe execution, escalation of privileges, information disclosure, denial of service, or data tampering. CVE‑2025‑23286 NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability where an attacker could read invalid memory. A successful exploit of this vulnerability might lead to information disclosure. Linux Driver Branch CVEs Addressed R570 CVE-2025-23279 R535 CVE-2025-23279, CVE-2025-23286 Driver Branch Affected Driver Versions Updated Driver Version R575 All driver version prior to 575.64.05 575.64.05 R570 All driver version prior to 570.172.08 570.172.08 R535 All driver versions prior to 535.261.03 535.261.03 Andreas
We believe that the bug you reported is fixed in the latest version of
nvidia-open-gpu-kernel-modules, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 1109915@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Andreas Beckmann <anbe@debian.org> (supplier of updated nvidia-open-gpu-kernel-modules package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
Format: 1.8
Date: Sun, 21 Dec 2025 00:05:31 +0100
Source: nvidia-open-gpu-kernel-modules
Architecture: source
Version: 535.261.03-1
Distribution: bookworm
Urgency: medium
Maintainer: Debian NVIDIA Maintainers <pkg-nvidia-devel@lists.alioth.debian.org>
Changed-By: Andreas Beckmann <anbe@debian.org>
Closes: 1109915
Changes:
nvidia-open-gpu-kernel-modules (535.261.03-1) bookworm; urgency=medium
.
* New upstream LTS and Tesla branch release 535.261.03 (2025-07-17).
* Fixed CVE-2025-23279, CVE-2025-23286. (Closes: #1109915)
https://nvidia.custhelp.com/app/answers/detail/a_id/5670
* Sync with src:nvidia-graphics-drivers.
* Upload to bookworm.
.
nvidia-open-gpu-kernel-modules (535.247.01-2) UNRELEASED; urgency=medium
.
* Backport page_pgmap and hmm_make_device_exclusive_range changes from
570.153.02 to fix open kernel module build for Linux 6.15.
* Sync with src:nvidia-graphics-drivers.
Checksums-Sha1:
8b022f3a96f4fd843112571b11db215c0c2c745e 2681 nvidia-open-gpu-kernel-modules_535.261.03-1.dsc
5a30d2cb6ba1c41bd348e11abd46f94ca1eb861d 12521372 nvidia-open-gpu-kernel-modules_535.261.03.orig.tar.xz
775b504fedee3e93faa786143a2ae2d543be7aee 30272 nvidia-open-gpu-kernel-modules_535.261.03-1.debian.tar.xz
56c10fc60c70b8c1256a440d9777e06be0ccc88b 6096 nvidia-open-gpu-kernel-modules_535.261.03-1_source.buildinfo
Checksums-Sha256:
5de1fdaa0d57529ebd24818fecfc1df4ef2e53b2b1a736debd6a2098625cf0e1 2681 nvidia-open-gpu-kernel-modules_535.261.03-1.dsc
14f64f53694d4a580ea68a561db02c2a8847790087a86f50fd2f40eac3eebb8f 12521372 nvidia-open-gpu-kernel-modules_535.261.03.orig.tar.xz
3a21bfbc11925c2a26528e6a0fc91168edfe74cbf466be12089ee922bc9617c2 30272 nvidia-open-gpu-kernel-modules_535.261.03-1.debian.tar.xz
542bf7a17476d9cf922df14bc1cee85e42e6834781f9fe629bf3645e3fceba9f 6096 nvidia-open-gpu-kernel-modules_535.261.03-1_source.buildinfo
Files:
fb647a6b788c48222d9f67c7e67f00b6 2681 contrib/kernel optional nvidia-open-gpu-kernel-modules_535.261.03-1.dsc
5e32dcdc7cf550d00e2af872104131dc 12521372 contrib/kernel optional nvidia-open-gpu-kernel-modules_535.261.03.orig.tar.xz
fa41eab23b2e72ddc5844322b3380d4f 30272 contrib/kernel optional nvidia-open-gpu-kernel-modules_535.261.03-1.debian.tar.xz
124bebfeebbc51fdf9e0371017800c2b 6096 contrib/kernel optional nvidia-open-gpu-kernel-modules_535.261.03-1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQJEBAEBCgAuFiEE6/MKMKjZxjvaRMaUX7M/k1np7QgFAmlHL4cQHGFuYmVAZGVi
aWFuLm9yZwAKCRBfsz+TWentCOAWD/0XMiq74hdLyv4gf0VoRkcuU23rz132o9tP
7xZk2i+y6Yi2NDJzVWyAkzxzJpZeLYZWdZTDCpGhlGZK3+mvYBiCdP216ga6+mfq
eESmVGV9bQTnyuBpGHbzDLCttou0uK9R4Wqb2yd3t8YQOWdHQ17dgxnKh8KLEuUX
ghD2YFC+vE8ntGOej0HXsvr4qYiY/UJc8xf6HXMpwpNK91YhX37wJyQKHu/DXxeQ
RD23hfUruySfoYEDLQIMfJosAJcpRy5GuRPHb4opJuCYdk7jTVxZuLBlbRZTbll/
oTTr5FaJC/UYV+otDSWXUY0n4TMIw/aoNO0EDx7TQtLsgNyWcPyDVHGabla9Ktl0
T41eT7rmOmTMzKMzmalU0MX5QMdG4BYsJrGuMpuhsQnZ3prJHbL2nF1c0s+F+Sj+
gs5GU6lPjQmSS/BgDobmXNRn5vWFdvBdKo8PhGns7rW9wExlrz2p3d8/DowjlvEo
8T3xHl2+m7Qe+qoMvrTfj4HK8fdJjojZ40IhwkCD9KYGZRNqWTtbOy0iGpuvbrWg
iXWep8eJQt8zDYZ2FzRORBTPLfNKbLZf/023cw3O91DaS4QeoBNVdfuRpKNJXCOp
xHO/QbDhryq0eRhYRwxp9gv9oFWGCBmwVC4Eje35h9tD/9bRGHSuyBTKZCJ6A9R6
7b76lVuQrw==
=3ST7
-----END PGP SIGNATURE-----