openSUSE Local Security Checks : openSUSE Security Advisory (SUSE-SU-2024:0772-1)

Anfälligkeitssuche		Suche in 324607 CVE Beschreibungen und 145615 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Test Kennung: 1.3.6.1.4.1.25623.1.1.18.2.2024.0772.1

Kategorie: openSUSE Local Security Checks

Titel: openSUSE Security Advisory (SUSE-SU-2024:0772-1)

Zusammenfassung: The remote host is missing an update for the 'kernel-firmware-nvidia-gspx-G06, nvidia-open-driver-G06-signed' package(s) announced via the SUSE-SU-2024:0772-1 advisory.

Beschreibung: Summary:
The remote host is missing an update for the 'kernel-firmware-nvidia-gspx-G06, nvidia-open-driver-G06-signed' package(s) announced via the SUSE-SU-2024:0772-1 advisory.

Vulnerability Insight:
This update for kernel-firmware-nvidia-gspx-G06, nvidia-open-driver-G06-signed fixes the following issues:

Update to 550.54.14:

* Added vGPU Host and vGPU Guest support. For vGPU Host, please
refer to the README.vgpu packaged in the vGPU Host Package for
more details.
Security issues fixed:

* CVE-2024-0074: A user could trigger a NULL ptr dereference.
* CVE-2024-0075: A user could overwrite the end of a buffer, leading to crashes or code execution.
* CVE-2022-42265: A unprivileged user could trigger an integer overflow which could lead to crashes or code execution.

- create /run/udev/static_node-tags/uaccess/nvidia${devid} symlinks
also during modprobing the nvidia module, this changes the issue
of not having access to /dev/nvidia${devid}, when gfxcard has
been replaced by a different gfx card after installing the driver
- provide nvidia-open-driver-G06-kmp (jsc#PED-7117)

This makes it easy to replace the package from nVidia's
CUDA repository with this presigned package

Affected Software/OS:
'kernel-firmware-nvidia-gspx-G06, nvidia-open-driver-G06-signed' package(s) on openSUSE Leap 15.5.

Solution:
Please install the updated package(s).

CVSS Score:
6.2

CVSS Vector:
AV:L/AC:L/Au:S/C:C/I:C/A:N

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2022-42265
https://security.gentoo.org/glsa/202310-02
https://nvidia.custhelp.com/app/answers/detail/a_id/5415
Common Vulnerability Exposure (CVE) ID: CVE-2024-0074
https://nvidia.custhelp.com/app/answers/detail/a_id/5520
Common Vulnerability Exposure (CVE) ID: CVE-2024-0075

Copyright Copyright (C) 2025 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.1.18.2.2024.0772.1
Kategorie:	openSUSE Local Security Checks
Titel:	openSUSE Security Advisory (SUSE-SU-2024:0772-1)
Zusammenfassung:	The remote host is missing an update for the 'kernel-firmware-nvidia-gspx-G06, nvidia-open-driver-G06-signed' package(s) announced via the SUSE-SU-2024:0772-1 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'kernel-firmware-nvidia-gspx-G06, nvidia-open-driver-G06-signed' package(s) announced via the SUSE-SU-2024:0772-1 advisory. Vulnerability Insight: This update for kernel-firmware-nvidia-gspx-G06, nvidia-open-driver-G06-signed fixes the following issues: Update to 550.54.14: * Added vGPU Host and vGPU Guest support. For vGPU Host, please refer to the README.vgpu packaged in the vGPU Host Package for more details. Security issues fixed: * CVE-2024-0074: A user could trigger a NULL ptr dereference. * CVE-2024-0075: A user could overwrite the end of a buffer, leading to crashes or code execution. * CVE-2022-42265: A unprivileged user could trigger an integer overflow which could lead to crashes or code execution. - create /run/udev/static_node-tags/uaccess/nvidia${devid} symlinks also during modprobing the nvidia module, this changes the issue of not having access to /dev/nvidia${devid}, when gfxcard has been replaced by a different gfx card after installing the driver - provide nvidia-open-driver-G06-kmp (jsc#PED-7117) This makes it easy to replace the package from nVidia's CUDA repository with this presigned package Affected Software/OS: 'kernel-firmware-nvidia-gspx-G06, nvidia-open-driver-G06-signed' package(s) on openSUSE Leap 15.5. Solution: Please install the updated package(s). CVSS Score: 6.2 CVSS Vector: AV:L/AC:L/Au:S/C:C/I:C/A:N
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2022-42265 https://security.gentoo.org/glsa/202310-02 https://nvidia.custhelp.com/app/answers/detail/a_id/5415 Common Vulnerability Exposure (CVE) ID: CVE-2024-0074 https://nvidia.custhelp.com/app/answers/detail/a_id/5520 Common Vulnerability Exposure (CVE) ID: CVE-2024-0075
Copyright	Copyright (C) 2025 Greenbone AG