Security update for nvidia-open-driver-G06-signed

Announcement ID:	SUSE-SU-2025:20757-1
Release Date:	2025-09-23T15:49:58Z
Rating:	important
References:	bsc#1237208 bsc#1246010 bsc#1246327 bsc#1247528 bsc#1247529 bsc#1247530 bsc#1247531 bsc#1247532 bsc#1247907 bsc#1247923 bsc#1249235 jsc#PED-13295
Cross-References:	CVE-2025-23277 CVE-2025-23278 CVE-2025-23279 CVE-2025-23283 CVE-2025-23286
CVSS scores:	CVE-2025-23277 ( SUSE ): 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H CVE-2025-23277 ( NVD ): 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H CVE-2025-23278 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H CVE-2025-23278 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H CVE-2025-23279 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2025-23279 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2025-23283 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2025-23283 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2025-23286 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N CVE-2025-23286 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Affected Products:	SUSE Linux Micro 6.1

An update that solves five vulnerabilities, contains one feature and has six fixes can now be installed.

Description:

This update for nvidia-open-driver-G06-signed fixes the following issues:

Update non-CUDA variant to 580.82.07 (bsc#1249235)

Update non-CUDA variant to 580.76.05 (bsc#1247907)

• get rid of rule of older KMPs not to load nvidia_drm module, which are still installed in parallel and therefore still active (bsc#1247923)

Update CUDA variant to 580.65.06, which addresses various security issues:

• CVE-2025-23277 (bsc#1247528)
• CVE-2025-23278 (bsc#1247529)
• CVE-2025-23286 (bsc#1247530)
• CVE-2025-23283 (bsc#1247531)
• CVE-2025-23279 (bsc#1247532)

Update non-CUDA variant to 570.172.08 (bsc#1246327)

• empty pci_ids-570.169; PCI ID hardware Supplements get moved to gfx repository to package nvidia-open-driver-G06-signed-kmp-meta (bsc#1246010)

• remove 60-nvidia-$flavor.conf, since driver no longer gets autoselected without gfx/cuda repositories present and so we no longer need to disable it by default (bsc#1246010)

Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

• SUSE Linux Micro 6.1
  zypper in -t patch SUSE-SLE-Micro-6.1-kernel-140=1

Package List:

• SUSE Linux Micro 6.1 (aarch64 x86_64)
  • nvidia-open-driver-G06-signed-debugsource-580.82.07-1.1
  • nvidia-open-driver-G06-signed-kmp-default-580.82.07_k6.4.0_34-1.1
  • nvidia-open-driver-G06-signed-kmp-default-debuginfo-580.82.07_k6.4.0_34-1.1
  • nvidia-open-driver-G06-signed-cuda-kmp-default-debuginfo-580.82.07_k6.4.0_34-1.1
  • nvidia-open-driver-G06-signed-cuda-kmp-default-580.82.07_k6.4.0_34-1.1
  • nvidia-open-driver-G06-signed-cuda-debugsource-580.82.07-1.1

References:

• https://www.suse.com/security/cve/CVE-2025-23277.html
• https://www.suse.com/security/cve/CVE-2025-23278.html
• https://www.suse.com/security/cve/CVE-2025-23279.html
• https://www.suse.com/security/cve/CVE-2025-23283.html
• https://www.suse.com/security/cve/CVE-2025-23286.html
• https://bugzilla.suse.com/show_bug.cgi?id=1237208
• https://bugzilla.suse.com/show_bug.cgi?id=1246010
• https://bugzilla.suse.com/show_bug.cgi?id=1246327
• https://bugzilla.suse.com/show_bug.cgi?id=1247528
• https://bugzilla.suse.com/show_bug.cgi?id=1247529
• https://bugzilla.suse.com/show_bug.cgi?id=1247530
• https://bugzilla.suse.com/show_bug.cgi?id=1247531
• https://bugzilla.suse.com/show_bug.cgi?id=1247532
• https://bugzilla.suse.com/show_bug.cgi?id=1247907
• https://bugzilla.suse.com/show_bug.cgi?id=1247923
• https://bugzilla.suse.com/show_bug.cgi?id=1249235
• https://jira.suse.com/browse/PED-13295