Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

SUSE 15 SP6: 2024:2585-1 Important: NVIDIA GSPX Kernel Firmware Update

suse
Calendar Grey July 22, 2024
Dist Suse Esm H88
Essential kernel-firmware-nvidia-gspx-G06 patch released, tackling various vulnerabilities. Vital for SUSE users.
* bsc#1223356 * bsc#1223454 * bsc#1227417 * bsc#1227419 * bsc#1227575

Summary

## This update for kernel-firmware-nvidia-gspx-G06 fixes the following issues: Update to version 555.42.06 for CUDA. Security Update 550.90.07: * CVE-2024-0090: Fixed out of bounds write (bsc#1223356). * CVE-2024-0092: Fixed incorrect exception handling (bsc#1223356). * CVE-2024-0091: Fixed untrusted pointer dereference (bsc#1223356). Changes in kernel-firmware-nvidia-gspx-G06: * Update to 550.100 (bsc#1227575) * Add a second flavor to be used by the kernel module versions used by CUDA. The firmware targetting CUDA contains '-cuda' in its name to track its versions separately from the graphics firmware. (bsc#1227417) Changes in nvidia-open-driver-G06-signed: * Update to 550.100 (bsc#1227575) * Fixed a bug that caused OpenGL triple buffering to behave like double buffering.

Topics%20covered

Topics Covered

security advisory security update critical SUSE kernel firmware NVIDIA GSPX CVE-2024-0091

References

* bsc#1223356

* bsc#1223454

* bsc#1227417

* bsc#1227419

* bsc#1227575

Cross-

* CVE-2024-0090

* CVE-2024-0091

* CVE-2024-0092

CVSS scores:

* CVE-2024-0090 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H

* CVE-2024-0091 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2024-0092 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected Products:

* Basesystem Module 15-SP6

* openSUSE Leap 15.6

* Public Cloud Module 15-SP6

* SUSE Linux Enterprise Desktop 15 SP6

* SUSE Linux Enterprise Real Time 15 SP6

* SUSE Linux Enterprise Server 15 SP6

* SUSE Linux Enterprise Server for SAP Applications 15 SP6

An update that solves three vulnerabilities and has two security fixes can now

be installed.

##

* https://www.suse.com/security/cve/CVE-2024-0090.html

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2024:2585-1
Rating: important

Topics%20covered

Topics Covered

security advisory security update critical SUSE kernel firmware NVIDIA GSPX CVE-2024-0091

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here