File _patchinfo of Package patchinfo.40055
<patchinfo incident="40055">
<issue tracker="cve" id="2025-23283"/>
<issue tracker="cve" id="2025-23279"/>
<issue tracker="cve" id="2025-23277"/>
<issue tracker="cve" id="2025-23286"/>
<issue tracker="cve" id="2025-23278"/>
<issue tracker="bnc" id="1236746">X11:Drivers:Video:Redesign/nvidia-open-driver-G06-signed fails against openSUSE_Factory</issue>
<issue tracker="bnc" id="1247528">VUL-0: CVE-2025-23277: kernel-firmware-nvidia-gsp-G06,kernel-firmware-nvidia-gspx-G06,nvidia-open-driver-G06-signed: NVIDIA Display Driver for Linux and Windows contains a vulnerability in the kernel mode driver, where an attacker could access memory ...</issue>
<issue tracker="bnc" id="1247530">VUL-0: CVE-2025-23286: kernel-firmware-nvidia-gsp-G06,kernel-firmware-nvidia-gspx-G06,nvidia-open-driver-G06-signed: NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability where an attacker could read invalid memory. A successful ex ...</issue>
<issue tracker="bnc" id="1247531">VUL-0: CVE-2025-23283: kernel-firmware-nvidia-gsp-G06,kernel-firmware-nvidia-gspx-G06,nvidia-open-driver-G06-signed: NVIDIA vGPU software for Linux-style hypervisors contains a vulnerability in the Virtual GPU Manager, where a malicious guest could c ...</issue>
<issue tracker="bnc" id="1247532">VUL-0: CVE-2025-23279: kernel-firmware-nvidia-gsp-G06,kernel-firmware-nvidia-gspx-G06,nvidia-open-driver-G06-signed: NVIDIA .run Installer for Linux and Solaris contains a vulnerability where an attacker could use a race condition to escalate privile ...</issue>
<issue tracker="bnc" id="1246327">Update nvidia driver to version 570.172.08</issue>
<issue tracker="bnc" id="1242054">[SUSE:SLFO:Main] nvidia-open-driver-G06-signed{,:cuda} fail to build on x86_64 and aarch64</issue>
<issue tracker="bnc" id="1237585">Update nvidia driver to 570.124.04</issue>
<issue tracker="bnc" id="1236658">Update nvidia driver to latest 570.86.16 release</issue>
<issue tracker="bnc" id="1239653">Update nvidia driver to version 570.133.07</issue>
<issue tracker="bnc" id="1244614">Update nvidia driver to version 570.169</issue>
<issue tracker="bnc" id="1236191">[NVIDIA,GFX,CUDA] Multiple conflicting NVIDIA Driver Flavours</issue>
<issue tracker="bnc" id="1246010">Move autoselection of NVIDIA's open driver from the KMP itself to gfx repository</issue>
<issue tracker="bnc" id="1239139">Kernel-firmware-nvidia-gspx-G06-cuda package is blank since v. 565.57.01</issue>
<issue tracker="bnc" id="1237308">nvidia-open-driver-G06-signed KMP: broken ksym requires and missing hardware Supplements</issue>
<issue tracker="bnc" id="1243192">Update nvidia driver to version 570.153.02</issue>
<issue tracker="bnc" id="1241231">Update nvidia driver to version 570.144</issue>
<issue tracker="bnc" id="1247529">VUL-0: CVE-2025-23278: kernel-firmware-nvidia-gsp-G06,kernel-firmware-nvidia-gspx-G06,nvidia-open-driver-G06-signed: NVIDIA Display Driver for Windows and Linux contains a vulnerability where an attacker might cause an improper index validation by is ...</issue>
<packager>sndirsch</packager>
<rating>important</rating>
<category>security</category>
<summary>Security update for nvidia-open-driver-G06-signed</summary>
<description>This update for nvidia-open-driver-G06-signed fixes the following issues:
Updated CUDA variant to 580.65.06:
- CVE-2025-23277: Fixed access memory outside bounds permitted under normal
use cases in NVIDIA Display Driver (bsc#1247528)
- CVE-2025-23278: Fixed improper index validation by issuing a call with
crafted parameters in NVIDIA Display Driver (bsc#1247529)
- CVE-2025-23286: Fixed invalid memory read in NVIDIA GPU Display Driver (bsc#1247530)
- CVE-2025-23283: Fixed stack buffer overflow triggerable by a malicious guest
in Virtual GPU Manager in NVIDIA vGPU software (bsc#1247531)
- CVE-2025-23279: Fixed race condition that lead to privileges escalations
in NVIDIA .run Installer (bsc#1247532)
Updated non-CUDA variant to 570.172.08 (bsc#1246327)
</description>
</patchinfo>
