nvidia-graphics-drivers - Debian Package Tracker

general

source: nvidia-graphics-drivers (non-free-firmware)
version: 550.163.01-4
maintainer: Debian NVIDIA Maintainers (archive) (DMD)
uploaders: Andreas Beckmann [DMD]
arch: amd64 arm64 armhf i386 ppc64el
std-ver: 4.7.2
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 470.256.02-2
oldstable: 535.247.01-1~deb12u1
old-bpo: 535.216.03-2~bpo12+1
stable: 550.163.01-2
stable-bpo: 550.163.01-4~bpo13+1
testing: 550.163.01-4
unstable: 550.163.01-4
exp: 555.58.02-2

versioned links

470.256.02-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
535.216.03-2~bpo12+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
535.216.03-4: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
535.247.01-1~deb12u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
550.163.01-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
550.163.01-4~bpo13+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
550.163.01-4: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
555.58.02-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

firmware-nvidia-gsp (2 bugs: 0, 2, 0, 0)
libcuda1
libcudadebugger1
libegl-nvidia0
libgl1-nvidia-glvnd-glx
libgles-nvidia1
libgles-nvidia2
libglx-nvidia0
libnvcuvid1
libnvidia-allocator1
libnvidia-api1
libnvidia-cfg1
libnvidia-eglcore (1 bugs: 0, 1, 0, 0)
libnvidia-encode1
libnvidia-fbc1
libnvidia-glcore (3 bugs: 0, 3, 0, 0)
libnvidia-glvkspirv
libnvidia-gpucomp
libnvidia-ml1
libnvidia-ngx1
libnvidia-nvvm4
libnvidia-opticalflow1
libnvidia-pkcs11-openssl3
libnvidia-ptxjitcompiler1
libnvidia-rtcore
libnvoptix1
nvidia-alternative (1 bugs: 0, 1, 0, 0)
nvidia-cuda-mps
nvidia-detect (4 bugs: 0, 1, 3, 0)
nvidia-driver (67 bugs: 0, 63, 4, 0)
nvidia-driver-bin (1 bugs: 0, 1, 0, 0)
nvidia-driver-full
nvidia-driver-libs
nvidia-egl-common
nvidia-egl-icd
nvidia-kernel-dkms (10 bugs: 0, 8, 2, 0)
nvidia-kernel-source (2 bugs: 0, 1, 1, 0)
nvidia-kernel-support (2 bugs: 0, 1, 1, 0)
nvidia-legacy-check
nvidia-libopencl1
nvidia-opencl-common
nvidia-opencl-icd
nvidia-powerd (1 bugs: 0, 1, 0, 0)
nvidia-smi
nvidia-suspend-common
nvidia-vdpau-driver
nvidia-vulkan-common
nvidia-vulkan-icd
xserver-xorg-video-nvidia (6 bugs: 0, 6, 0, 0)

action needed

9 security issues in sid high

There are 9 open security issues in sid.

9 important issues:

CVE-2025-23279: NVIDIA .run Installer for Linux and Solaris contains a vulnerability where an attacker could use a race condition to escalate privileges. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, denial of service, or data tampering.
CVE-2025-23280: NVIDIA Display Driver for Linux contains a vulnerability where an attacker could cause a use-after-free. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of service, and information disclosure.
CVE-2025-23282: NVIDIA Display Driver for Linux contains a vulnerability where an attacker might be able to use a race condition to escalate privileges. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of service, and information disclosure.
CVE-2025-23286: NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability where an attacker could read invalid memory. A successful exploit of this vulnerability might lead to information disclosure.
CVE-2025-23300: NVIDIA Display Driver for Linux contains a vulnerability in the kernel driver, where a user could cause a null pointer dereference by allocating a specific memory resource. A successful exploit of this vulnerability might lead to denial of service.
CVE-2025-23330: NVIDIA Display Driver for Linux contains a vulnerability where an attacker might be able to trigger a null pointer dereference. A successful exploit of this vulnerability might lead to denial of service.
CVE-2025-23332: NVIDIA Display Driver for Linux contains a vulnerability in a kernel module, where an attacker might be able to trigger a null pointer deference. A successful exploit of this vulnerability might lead to denial of service.
CVE-2025-23345: NVIDIA Display Driver for Windows and Linux contains a vulnerability in a video decoder, where an attacker might cause an out-of-bounds read. A successful exploit of this vulnerability might lead to information disclosure or denial of service.
CVE-2025-33219: NVIDIA Display Driver for Linux contains a vulnerability in the NVIDIA kernel module where an attacker could cause an integer overflow or wraparound. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of service, or information disclosure.

Created: 2025-07-26 Last update: 2026-01-30 17:52

9 security issues in forky high

There are 9 open security issues in forky.

9 important issues:

CVE-2025-23279: NVIDIA .run Installer for Linux and Solaris contains a vulnerability where an attacker could use a race condition to escalate privileges. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, denial of service, or data tampering.
CVE-2025-23280: NVIDIA Display Driver for Linux contains a vulnerability where an attacker could cause a use-after-free. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of service, and information disclosure.
CVE-2025-23282: NVIDIA Display Driver for Linux contains a vulnerability where an attacker might be able to use a race condition to escalate privileges. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of service, and information disclosure.
CVE-2025-23286: NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability where an attacker could read invalid memory. A successful exploit of this vulnerability might lead to information disclosure.
CVE-2025-23300: NVIDIA Display Driver for Linux contains a vulnerability in the kernel driver, where a user could cause a null pointer dereference by allocating a specific memory resource. A successful exploit of this vulnerability might lead to denial of service.
CVE-2025-23330: NVIDIA Display Driver for Linux contains a vulnerability where an attacker might be able to trigger a null pointer dereference. A successful exploit of this vulnerability might lead to denial of service.
CVE-2025-23332: NVIDIA Display Driver for Linux contains a vulnerability in a kernel module, where an attacker might be able to trigger a null pointer deference. A successful exploit of this vulnerability might lead to denial of service.
CVE-2025-23345: NVIDIA Display Driver for Windows and Linux contains a vulnerability in a video decoder, where an attacker might cause an out-of-bounds read. A successful exploit of this vulnerability might lead to information disclosure or denial of service.
CVE-2025-33219: NVIDIA Display Driver for Linux contains a vulnerability in the NVIDIA kernel module where an attacker could cause an integer overflow or wraparound. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of service, or information disclosure.

Created: 2025-08-09 Last update: 2026-01-30 17:52

19 security issues in bullseye high

There are 19 open security issues in bullseye.

19 important issues:

CVE-2023-0183: NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer where an out-of-bounds write can lead to denial of service and data tampering.
CVE-2024-0075: NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability where a user may cause a NULL-pointer dereference by accessing passed parameters the validity of which has not been checked. A successful exploit of this vulnerability may lead to denial of service and limited information disclosure.
CVE-2024-0126: NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability which could allow a privileged attacker to escalate permissions. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.
CVE-2024-0131: NVIDIA GPU kernel driver for Windows and Linux contains a vulnerability where a potential user-mode attacker could read a buffer with an incorrect length. A successful exploit of this vulnerability might lead to denial of service.
CVE-2024-0147: NVIDIA GPU display driver for Windows and Linux contains a vulnerability where referencing memory after it has been freed can lead to denial of service or data tampering.
CVE-2024-0149: NVIDIA GPU Display Driver for Linux contains a vulnerability which could allow an attacker unauthorized access to files. A successful exploit of this vulnerability might lead to limited information disclosure.
CVE-2024-0150: NVIDIA GPU display driver for Windows and Linux contains a vulnerability where data is written past the end or before the beginning of a buffer. A successful exploit of this vulnerability might lead to information disclosure, denial of service, or data tampering.
CVE-2022-34684: NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where an off-by-one error may lead to data tampering or information disclosure.
CVE-2024-53869: NVIDIA Unified Memory driver for Linux contains a vulnerability where an attacker could leak uninitialized memory. A successful exploit of this vulnerability might lead to information disclosure.
CVE-2025-23244: NVIDIA GPU Display Driver for Linux contains a vulnerability which could allow an unprivileged attacker to escalate permissions. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.
CVE-2025-23279: NVIDIA .run Installer for Linux and Solaris contains a vulnerability where an attacker could use a race condition to escalate privileges. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, denial of service, or data tampering.
CVE-2025-23280: NVIDIA Display Driver for Linux contains a vulnerability where an attacker could cause a use-after-free. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of service, and information disclosure.
CVE-2025-23282: NVIDIA Display Driver for Linux contains a vulnerability where an attacker might be able to use a race condition to escalate privileges. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of service, and information disclosure.
CVE-2025-23286: NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability where an attacker could read invalid memory. A successful exploit of this vulnerability might lead to information disclosure.
CVE-2025-23300: NVIDIA Display Driver for Linux contains a vulnerability in the kernel driver, where a user could cause a null pointer dereference by allocating a specific memory resource. A successful exploit of this vulnerability might lead to denial of service.
CVE-2025-23330: NVIDIA Display Driver for Linux contains a vulnerability where an attacker might be able to trigger a null pointer dereference. A successful exploit of this vulnerability might lead to denial of service.
CVE-2025-23332: NVIDIA Display Driver for Linux contains a vulnerability in a kernel module, where an attacker might be able to trigger a null pointer deference. A successful exploit of this vulnerability might lead to denial of service.
CVE-2025-23345: NVIDIA Display Driver for Windows and Linux contains a vulnerability in a video decoder, where an attacker might cause an out-of-bounds read. A successful exploit of this vulnerability might lead to information disclosure or denial of service.
CVE-2025-33219: NVIDIA Display Driver for Linux contains a vulnerability in the NVIDIA kernel module where an attacker could cause an integer overflow or wraparound. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of service, or information disclosure.

Created: 2025-05-05 Last update: 2026-01-30 17:52

lintian reports 1 error and 2 warnings high

Lintian reports 1 error and 2 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2025-11-11 Last update: 2026-01-20 18:02

58 security issues in buster high

There are 58 open security issues in buster.

6 important issues:

CVE-2024-0074: NVIDIA GPU Display Driver for Linux contains a vulnerability where an attacker may access a memory location after the end of the buffer. A successful exploit of this vulnerability may lead to denial of service and data tampering.
CVE-2024-0075: NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability where a user may cause a NULL-pointer dereference by accessing passed parameters the validity of which has not been checked. A successful exploit of this vulnerability may lead to denial of service and limited information disclosure.
CVE-2024-0078: NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where a user in a guest can cause a NULL-pointer dereference in the host, which may lead to denial of service.
CVE-2024-0090: NVIDIA GPU driver for Windows and Linux contains a vulnerability where a user can cause an out-of-bounds write. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.
CVE-2024-0092: NVIDIA GPU Driver for Windows and Linux contains a vulnerability where an improper check or improper handling of exception conditions might lead to denial of service.
CVE-2024-42265:

3 issues postponed or untriaged:

CVE-2023-25515: (postponed; to be fixed through a stable update) NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability where unexpected untrusted data is parsed, which may lead to code execution, denial of service, escalation of privileges, data tampering, or information disclosure.
CVE-2023-25516: (postponed; to be fixed through a stable update) NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer, where an unprivileged user can cause an integer overflow, which may lead to information disclosure and denial of service.
CVE-2023-31022: (needs triaging) NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where a NULL-pointer dereference may lead to denial of service.

49 ignored issues:

CVE-2021-1052: NVIDIA GPU Display Driver for Windows and Linux, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape or IOCTL in which user-mode clients can access legacy privileged APIs, which may lead to denial of service, escalation of privileges, and information disclosure.
CVE-2021-1053: NVIDIA GPU Display Driver for Windows and Linux, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape or IOCTL in which improper validation of a user pointer may lead to denial of service.
CVE-2021-1077: NVIDIA GPU Display Driver for Windows and Linux, R450 and R460 driver branch, contains a vulnerability where the software uses a reference count to manage a resource that is incorrectly updated, which may lead to denial of service.
CVE-2023-0180: NVIDIA GPU Display Driver for Linux contains a vulnerability in a kernel mode layer handler, which may lead to denial of service or information disclosure.
CVE-2023-0181: NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in a kernel mode layer handler, where memory permissions are not correctly checked, which may lead to denial of service and data tampering.
CVE-2023-0183: NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer where an out-of-bounds write can lead to denial of service and data tampering.
CVE-2023-0184: NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer handler which may lead to denial of service, escalation of privileges, information disclosure, and data tampering.
CVE-2023-0185: NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer, where sign conversion issuescasting an unsigned primitive to signed may lead to denial of service or information disclosure.
CVE-2023-0187: NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer handler, where an out-of-bounds read can lead to denial of service.
CVE-2023-0188: NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer handler, where an unprivileged user can cause improper restriction of operations within the bounds of a memory buffer cause an out-of-bounds read, which may lead to denial of service.
CVE-2023-0189: NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler which may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.
CVE-2023-0190: NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer, where a NULL pointer dereference may lead to denial of service.
CVE-2023-0191: NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer handler, where an out-of-bounds access may lead to denial of service or data tampering.
CVE-2023-0194: NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer driver, where an invalid display configuration may lead to denial of service.
CVE-2023-0195: NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer driver nvlddmkm.sys, where an can cause CWE-1284, which may lead to hypothetical Information leak of unimportant data such as local variable data of the driver
CVE-2023-0198: NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer, where improper restriction of operations within the bounds of a memory buffer can lead to denial of service, information disclosure, and data tampering.
CVE-2023-0199: NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer handler, where an out-of-bounds write can lead to denial of service and data tampering.
CVE-2022-21813: NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel driver, where improper handling of insufficient permissions or privileges may allow an unprivileged local user limited write access to protected memory, which can lead to denial of service.
CVE-2022-21814: NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel driver package, where improper handling of insufficient permissions or privileges may allow an unprivileged local user limited write access to protected memory, which can lead to denial of service.
CVE-2022-28181: NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where an unprivileged regular user on the network can cause an out-of-bounds write through a specially crafted shader, which may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering. The scope of the impact may extend to other components.
CVE-2022-28183: NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where an unprivileged regular user can cause an out-of-bounds read, which may lead to denial of service and information disclosure.
CVE-2022-28184: NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape, where an unprivileged regular user can access administrator- privileged registers, which may lead to denial of service, information disclosure, and data tampering.
CVE-2022-28185: NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the ECC layer, where an unprivileged regular user can cause an out-of-bounds write, which may lead to denial of service and data tampering.
CVE-2022-28191: NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (nvidia.ko), where uncontrolled resource consumption can be triggered by an unprivileged regular user, which may lead to denial of service.
CVE-2022-28192: NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (nvidia.ko), where it may lead to a use-after-free, which in turn may cause denial of service. This attack is complex to carry out because the attacker needs to have control over freeing some host side resources out of sequence, which requires elevated privileges.
CVE-2022-31607: NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where a local user with basic capabilities can cause improper input validation, which may lead to denial of service, escalation of privileges, data tampering, and limited information disclosure.
CVE-2022-31608: NVIDIA GPU Display Driver for Linux contains a vulnerability in an optional D-Bus configuration file, where a local user with basic capabilities can impact protected D-Bus endpoints, which may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.
CVE-2022-31615: NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer, where a local user with basic capabilities can cause a null-pointer dereference, which may lead to denial of service.
CVE-2022-34665: NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where a local user with basic capabilities can cause a null-pointer dereference, which may lead to denial of service.
CVE-2022-34666: NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where a local user with basic capabilities can cause a null-pointer dereference, which may lead to denial of service.
CVE-2022-34670: NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where an unprivileged regular user can cause truncation errors when casting a primitive to a primitive of smaller size causes data to be lost in the conversion, which may lead to denial of service or information disclosure.
CVE-2022-34674: NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where a helper function maps more physical pages than were requested, which may lead to undefined behavior or an information leak.
CVE-2022-34675: NVIDIA Display Driver for Linux contains a vulnerability in the Virtual GPU Manager, where it does not check the return value from a null-pointer dereference, which may lead to denial of service.
CVE-2022-34677: NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where an unprivileged regular user can cause an integer to be truncated, which may lead to denial of service or data tampering.
CVE-2022-34679: NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where an unhandled return value can lead to a null-pointer dereference, which may lead to denial of service.
CVE-2022-34680: NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where an integer truncation can lead to an out-of-bounds read, which may lead to denial of service.
CVE-2022-34682: NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer, where an unprivileged regular user can cause a null-pointer dereference, which may lead to denial of service.
CVE-2022-34684: NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where an off-by-one error may lead to data tampering or information disclosure.
CVE-2022-42254: NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where an out-of-bounds array access may lead to denial of service, data tampering, or information disclosure.
CVE-2022-42255: NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where an out-of-bounds array access may lead to denial of service, information disclosure, or data tampering.
CVE-2022-42256: NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where an integer overflow in index validation may lead to denial of service, information disclosure, or data tampering.
CVE-2022-42257: NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where an integer overflow may lead to information disclosure, data tampering or denial of service.
CVE-2022-42258: NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where an integer overflow may lead to denial of service, data tampering, or information disclosure.
CVE-2022-42259: NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where an integer overflow may lead to denial of service.
CVE-2022-42260: NVIDIA vGPU Display Driver for Linux guest contains a vulnerability in a D-Bus configuration file, where an unauthorized user in the guest VM can impact protected D-Bus endpoints, which may lead to code execution, denial of service, escalation of privileges, information disclosure, or data tampering.
CVE-2022-42261: NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where an input index is not validated, which may lead to buffer overrun, which in turn may cause data tampering, information disclosure, or denial of service.
CVE-2022-42262: NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where an input index is not validated, which may lead to buffer overrun, which in turn may cause data tampering, information disclosure, or denial of service.
CVE-2022-42263: NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where an Integer overflow may lead to denial of service or information disclosure.
CVE-2022-42264: NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer, where an unprivileged regular user can cause the use of an out-of-range pointer offset, which may lead to data tampering, data loss, information disclosure, or denial of service.

Created: 2024-02-29 Last update: 2024-06-29 13:15

2 bugs tagged patch in the BTS normal

The BTS contains patches fixing 2 bugs, consider including or untagging them.

Created: 2025-01-06 Last update: 2026-02-02 21:00

9 low-priority security issues in trixie low

There are 9 open security issues in trixie.

9 issues left for the package maintainer to handle:

CVE-2025-23279: (needs triaging) NVIDIA .run Installer for Linux and Solaris contains a vulnerability where an attacker could use a race condition to escalate privileges. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, denial of service, or data tampering.
CVE-2025-23280: (needs triaging) NVIDIA Display Driver for Linux contains a vulnerability where an attacker could cause a use-after-free. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of service, and information disclosure.
CVE-2025-23282: (needs triaging) NVIDIA Display Driver for Linux contains a vulnerability where an attacker might be able to use a race condition to escalate privileges. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of service, and information disclosure.
CVE-2025-23286: (needs triaging) NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability where an attacker could read invalid memory. A successful exploit of this vulnerability might lead to information disclosure.
CVE-2025-23300: (needs triaging) NVIDIA Display Driver for Linux contains a vulnerability in the kernel driver, where a user could cause a null pointer dereference by allocating a specific memory resource. A successful exploit of this vulnerability might lead to denial of service.
CVE-2025-23330: (needs triaging) NVIDIA Display Driver for Linux contains a vulnerability where an attacker might be able to trigger a null pointer dereference. A successful exploit of this vulnerability might lead to denial of service.
CVE-2025-23332: (needs triaging) NVIDIA Display Driver for Linux contains a vulnerability in a kernel module, where an attacker might be able to trigger a null pointer deference. A successful exploit of this vulnerability might lead to denial of service.
CVE-2025-23345: (needs triaging) NVIDIA Display Driver for Windows and Linux contains a vulnerability in a video decoder, where an attacker might cause an out-of-bounds read. A successful exploit of this vulnerability might lead to information disclosure or denial of service.
CVE-2025-33219: (needs triaging) NVIDIA Display Driver for Linux contains a vulnerability in the NVIDIA kernel module where an attacker could cause an integer overflow or wraparound. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of service, or information disclosure.

You can find information about how to handle these issues in the security team's documentation.

Created: 2025-07-26 Last update: 2026-01-30 17:52

10 low-priority security issues in bookworm low

There are 10 open security issues in bookworm.

10 issues left for the package maintainer to handle:

CVE-2024-0074: (needs triaging) NVIDIA GPU Display Driver for Linux contains a vulnerability where an attacker may access a memory location after the end of the buffer. A successful exploit of this vulnerability may lead to denial of service and data tampering.
CVE-2024-0075: (needs triaging) NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability where a user may cause a NULL-pointer dereference by accessing passed parameters the validity of which has not been checked. A successful exploit of this vulnerability may lead to denial of service and limited information disclosure.
CVE-2024-0078: (needs triaging) NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where a user in a guest can cause a NULL-pointer dereference in the host, which may lead to denial of service.
CVE-2025-23280: (needs triaging) NVIDIA Display Driver for Linux contains a vulnerability where an attacker could cause a use-after-free. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of service, and information disclosure.
CVE-2025-23282: (needs triaging) NVIDIA Display Driver for Linux contains a vulnerability where an attacker might be able to use a race condition to escalate privileges. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of service, and information disclosure.
CVE-2025-23300: (needs triaging) NVIDIA Display Driver for Linux contains a vulnerability in the kernel driver, where a user could cause a null pointer dereference by allocating a specific memory resource. A successful exploit of this vulnerability might lead to denial of service.
CVE-2025-23330: (needs triaging) NVIDIA Display Driver for Linux contains a vulnerability where an attacker might be able to trigger a null pointer dereference. A successful exploit of this vulnerability might lead to denial of service.
CVE-2025-23332: (needs triaging) NVIDIA Display Driver for Linux contains a vulnerability in a kernel module, where an attacker might be able to trigger a null pointer deference. A successful exploit of this vulnerability might lead to denial of service.
CVE-2025-23345: (needs triaging) NVIDIA Display Driver for Windows and Linux contains a vulnerability in a video decoder, where an attacker might cause an out-of-bounds read. A successful exploit of this vulnerability might lead to information disclosure or denial of service.
CVE-2025-33219: (needs triaging) NVIDIA Display Driver for Linux contains a vulnerability in the NVIDIA kernel module where an attacker could cause an integer overflow or wraparound. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of service, or information disclosure.

You can find information about how to handle these issues in the security team's documentation.

Created: 2024-02-29 Last update: 2026-01-30 17:52

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.7.3 instead of 4.7.2).

Created: 2025-12-23 Last update: 2025-12-23 20:00

news

[rss feed]

[2025-12-26] Accepted nvidia-graphics-drivers 535.261.03-1 (source) into oldstable-proposed-updates (Debian FTP Masters) (signed by: Andreas Beckmann)
[2025-12-01] Accepted nvidia-graphics-drivers 550.163.01-4~bpo13+1 (source amd64) into stable-backports (Debian FTP Masters) (signed by: Andreas Beckmann)
[2025-11-16] nvidia-graphics-drivers 550.163.01-4 MIGRATED to testing (Debian testing watch)
[2025-11-10] Accepted nvidia-graphics-drivers 550.163.01-4 (source) into unstable (Andreas Beckmann)
[2025-11-10] Accepted nvidia-graphics-drivers 555.58.02-2 (source) into experimental (Andreas Beckmann)
[2025-09-03] nvidia-graphics-drivers 550.163.01-3 MIGRATED to testing (Debian testing watch)
[2025-08-28] Accepted nvidia-graphics-drivers 550.163.01-3 (source) into unstable (Andreas Beckmann)
[2025-07-31] Accepted nvidia-graphics-drivers 555.58.02-1 (source) into experimental (Andreas Beckmann)
[2025-07-24] nvidia-graphics-drivers 550.163.01-2 MIGRATED to testing (Debian testing watch)
[2025-07-21] Accepted nvidia-graphics-drivers 550.163.01-2 (source) into unstable (Andreas Beckmann)
[2025-06-25] Accepted nvidia-graphics-drivers 555.42.02-1 (source) into experimental (Andreas Beckmann)
[2025-06-15] nvidia-graphics-drivers 550.163.01-1 MIGRATED to testing (Debian testing watch)
[2025-06-11] Accepted nvidia-graphics-drivers 550.163.01-1 (source) into unstable (Andreas Beckmann)
[2025-06-11] nvidia-graphics-drivers 550.144.03-1 MIGRATED to testing (Debian testing watch)
[2025-06-04] Accepted nvidia-graphics-drivers 550.144.03-2 (source) into experimental (Andreas Beckmann)
[2025-05-22] Accepted nvidia-graphics-drivers 550.144.03-1 (source) into unstable (Andreas Beckmann)
[2025-05-19] Accepted nvidia-graphics-drivers 550.135-1 (source) into experimental (Andreas Beckmann)
[2025-05-18] Accepted nvidia-graphics-drivers 550.127.05-1 (source) into experimental (Andreas Beckmann)
[2025-05-17] Accepted nvidia-graphics-drivers 550.107.02-1 (source) into experimental (Andreas Beckmann)
[2025-05-16] Accepted nvidia-graphics-drivers 545.29.06-2 (source) into unstable (Andreas Beckmann)
[2025-05-13] nvidia-graphics-drivers 535.247.01-1 MIGRATED to testing (Debian testing watch)
[2025-05-12] Accepted nvidia-graphics-drivers 550.90.07-1 (source) into experimental (Andreas Beckmann)
[2025-05-09] Accepted nvidia-graphics-drivers 535.247.01-1~deb12u1 (source) into proposed-updates (Debian FTP Masters) (signed by: Andreas Beckmann)
[2025-05-09] Accepted nvidia-graphics-drivers 550.78-1 (source) into experimental (Andreas Beckmann)
[2025-05-07] Accepted nvidia-graphics-drivers 535.247.01-1 (source) into unstable (Andreas Beckmann)
[2025-05-02] Accepted nvidia-graphics-drivers 535.230.02-1 (source) into unstable (Andreas Beckmann)
[2025-05-02] Accepted nvidia-graphics-drivers 535.216.03-4 (source) into unstable (Andreas Beckmann)
[2025-04-29] Accepted nvidia-graphics-drivers 550.54.15-1 (source) into experimental (Andreas Beckmann)
[2025-04-23] Accepted nvidia-graphics-drivers 550.40.07-1 (source) into experimental (Andreas Beckmann)
[2025-04-15] Accepted nvidia-graphics-drivers 545.29.06-1 (source) into experimental (Andreas Beckmann)

bugs [bug history graph]

all: 120 123
RC: 0
I&N: 105 108
M&W: 15
F&P: 0
patch: 2

links

homepage
lintian (1, 2)
buildd: logs, exp, cross
popcon
browse source code
edit tags
other distros
security tracker
debci