Fixed ebuilds are already in tree, just pending stabilization+cleanups for 0/470, 525, and 535 branches. For 0/545, the only affected 545.23.06 was a never-keyworded beta and has already been dropped from the tree (no stabilization to do there). As usual 0/390 and 0/vulkan branches are permanently masked with a warning about security, so not considering them for these bugs. CVE-2023-31022: NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where a NULL-pointer dereference may lead to denial of service. (only one minor CVE this time around, all the others are Windows or vGPU-only).
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=dd27bd819d04e1f0f01652687f6f993ef44f0362 commit dd27bd819d04e1f0f01652687f6f993ef44f0362 Author: Ionen Wolkens <ionen@gentoo.org> AuthorDate: 2023-11-13 03:35:48 +0000 Commit: Ionen Wolkens <ionen@gentoo.org> CommitDate: 2023-11-13 03:38:59 +0000 x11-drivers/nvidia-drivers: drop 470.199.02, 525.125.06, 535.113.01 These are vulnerable versions wrt bug #916583 (all clear) Bug: https://bugs.gentoo.org/916583 Signed-off-by: Ionen Wolkens <ionen@gentoo.org> x11-drivers/nvidia-drivers/Manifest | 22 - .../nvidia-drivers-470.199.02.ebuild | 451 ------------------ .../nvidia-drivers-525.125.06.ebuild | 508 -------------------- .../nvidia-drivers-535.113.01.ebuild | 512 --------------------- 4 files changed, 1493 deletions(-) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=c5e6711d37880d03d6c35a70da2f26b87a76b9e0 commit c5e6711d37880d03d6c35a70da2f26b87a76b9e0 Author: Ionen Wolkens <ionen@gentoo.org> AuthorDate: 2023-11-13 03:34:49 +0000 Commit: Ionen Wolkens <ionen@gentoo.org> CommitDate: 2023-11-13 03:34:49 +0000 x11-drivers/nvidia-drivers: stabilize 535.129.03 for amd64 Bug: https://bugs.gentoo.org/916583 Signed-off-by: Ionen Wolkens <ionen@gentoo.org> x11-drivers/nvidia-drivers/nvidia-drivers-535.129.03.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=8b8b9aa04711f68de0ec82e01dff769cd1e1c48e commit 8b8b9aa04711f68de0ec82e01dff769cd1e1c48e Author: Ionen Wolkens <ionen@gentoo.org> AuthorDate: 2023-11-13 03:34:31 +0000 Commit: Ionen Wolkens <ionen@gentoo.org> CommitDate: 2023-11-13 03:34:31 +0000 x11-drivers/nvidia-drivers: stabilize 525.147.05 for amd64 Bug: https://bugs.gentoo.org/916583 Signed-off-by: Ionen Wolkens <ionen@gentoo.org> x11-drivers/nvidia-drivers/nvidia-drivers-525.147.05.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=d2a23a4e826eba648c1417572ac971544f3ccbcf commit d2a23a4e826eba648c1417572ac971544f3ccbcf Author: Ionen Wolkens <ionen@gentoo.org> AuthorDate: 2023-11-13 03:34:08 +0000 Commit: Ionen Wolkens <ionen@gentoo.org> CommitDate: 2023-11-13 03:34:08 +0000 x11-drivers/nvidia-drivers: stabilize 470.223.02 for amd64 Bug: https://bugs.gentoo.org/916583 Signed-off-by: Ionen Wolkens <ionen@gentoo.org> x11-drivers/nvidia-drivers/nvidia-drivers-470.223.02.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
(cleanup was already done in comment #1 too)
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=e4bef128967002fe82fb7790fd5e0711e34989ea commit e4bef128967002fe82fb7790fd5e0711e34989ea Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2024-05-08 10:58:20 +0000 Commit: Hans de Graaff <graaff@gentoo.org> CommitDate: 2024-05-08 10:58:43 +0000 [ GLSA 202405-28 ] NVIDIA Drivers: Multiple Vulnerabilities Bug: https://bugs.gentoo.org/909226 Bug: https://bugs.gentoo.org/916583 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: Hans de Graaff <graaff@gentoo.org> glsa-202405-28.xml | 63 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 63 insertions(+)
