SUSE update for the Linux Kernel
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 37 |
| CVE-ID | CVE-2021-46955 CVE-2021-47041 CVE-2021-47074 CVE-2021-47113 CVE-2021-47131 CVE-2021-47184 CVE-2021-47185 CVE-2021-47194 CVE-2021-47198 CVE-2021-47201 CVE-2021-47203 CVE-2021-47206 CVE-2021-47207 CVE-2021-47212 CVE-2022-48631 CVE-2022-48651 CVE-2022-48654 CVE-2022-48687 CVE-2023-2860 CVE-2023-6270 CVE-2024-0639 CVE-2024-0841 CVE-2024-22099 CVE-2024-23307 CVE-2024-26688 CVE-2024-26689 CVE-2024-26733 CVE-2024-26739 CVE-2024-26744 CVE-2024-26816 CVE-2024-26840 CVE-2024-26852 CVE-2024-26862 CVE-2024-26898 CVE-2024-26903 CVE-2024-26906 CVE-2024-27043 |
| CWE-ID | CWE-125 CWE-667 CWE-401 CWE-399 CWE-416 CWE-476 CWE-665 CWE-119 CWE-388 CWE-190 CWE-366 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
SUSE Linux Enterprise Live Patching Operating systems & Components / Operating system SUSE Linux Enterprise Server 15 SP2 Business Critical Linux Operating systems & Components / Operating system SUSE Linux Enterprise High Availability Extension 15 Operating systems & Components / Operating system SUSE Linux Enterprise Server for SAP Applications 15 Operating systems & Components / Operating system SUSE Linux Enterprise Server 15 SP2 LTSS Operating systems & Components / Operating system SUSE Linux Enterprise Server 15 Operating systems & Components / Operating system SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS Operating systems & Components / Operating system SUSE Linux Enterprise High Performance Computing 15 Operating systems & Components / Operating system SUSE Manager Server Operating systems & Components / Operating system SUSE Manager Retail Branch Server Operating systems & Components / Operating system SUSE Manager Proxy Operating systems & Components / Operating system reiserfs-kmp-default-debuginfo Operating systems & Components / Operating system package or component reiserfs-kmp-default Operating systems & Components / Operating system package or component kernel-docs Operating systems & Components / Operating system package or component kernel-devel Operating systems & Components / Operating system package or component kernel-source Operating systems & Components / Operating system package or component kernel-macros Operating systems & Components / Operating system package or component kernel-preempt-devel Operating systems & Components / Operating system package or component kernel-default-devel-debuginfo Operating systems & Components / Operating system package or component kernel-preempt-debuginfo Operating systems & Components / Operating system package or component kernel-default-devel Operating systems & Components / Operating system package or component kernel-obs-build-debugsource Operating systems & Components / Operating system package or component kernel-preempt-debugsource Operating systems & Components / Operating system package or component kernel-syms Operating systems & Components / Operating system package or component kernel-obs-build Operating systems & Components / Operating system package or component kernel-preempt-devel-debuginfo Operating systems & Components / Operating system package or component kernel-default-base Operating systems & Components / Operating system package or component kernel-preempt Operating systems & Components / Operating system package or component dlm-kmp-default-debuginfo Operating systems & Components / Operating system package or component ocfs2-kmp-default Operating systems & Components / Operating system package or component dlm-kmp-default Operating systems & Components / Operating system package or component gfs2-kmp-default-debuginfo Operating systems & Components / Operating system package or component cluster-md-kmp-default-debuginfo Operating systems & Components / Operating system package or component gfs2-kmp-default Operating systems & Components / Operating system package or component ocfs2-kmp-default-debuginfo Operating systems & Components / Operating system package or component cluster-md-kmp-default Operating systems & Components / Operating system package or component kernel-default-debugsource Operating systems & Components / Operating system package or component kernel-default-livepatch-devel Operating systems & Components / Operating system package or component kernel-livepatch-5_3_18-150200_24_191-default Operating systems & Components / Operating system package or component kernel-default-debuginfo Operating systems & Components / Operating system package or component kernel-default-livepatch Operating systems & Components / Operating system package or component kernel-livepatch-SLE15-SP2_Update_48-debugsource Operating systems & Components / Operating system package or component kernel-livepatch-5_3_18-150200_24_191-default-debuginfo Operating systems & Components / Operating system package or component kernel-default Operating systems & Components / Operating system package or component |
| Vendor | SUSE |
Security Bulletin
This security bulletin contains information about 37 vulnerabilities.
1) Out-of-bounds read
EUVDB-ID: #VU88889
Risk: Medium
CVSSv4.0: 1.7 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2021-46955
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition within the ovs_fragment() function in net/openvswitch/actions.c when running openvswitch on kernels built with KASAN. A remote attacker can send specially crafted IPv4 packets to the system, trigger an out-of-bounds read error and read contents of memory on the system or crash the kernel.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
reiserfs-kmp-default: before 5.3.18-150200.24.191.1
kernel-docs: before 5.3.18-150200.24.191.1
kernel-devel: before 5.3.18-150200.24.191.1
kernel-source: before 5.3.18-150200.24.191.1
kernel-macros: before 5.3.18-150200.24.191.1
kernel-preempt-devel: before 5.3.18-150200.24.191.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.191.1
kernel-preempt-debuginfo: before 5.3.18-150200.24.191.1
kernel-default-devel: before 5.3.18-150200.24.191.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.191.1
kernel-preempt-debugsource: before 5.3.18-150200.24.191.1
kernel-syms: before 5.3.18-150200.24.191.1
kernel-obs-build: before 5.3.18-150200.24.191.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.191.1
kernel-default-base: before 5.3.18-150200.24.191.1.150200.9.97.1
kernel-preempt: before 5.3.18-150200.24.191.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
ocfs2-kmp-default: before 5.3.18-150200.24.191.1
dlm-kmp-default: before 5.3.18-150200.24.191.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
gfs2-kmp-default: before 5.3.18-150200.24.191.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
cluster-md-kmp-default: before 5.3.18-150200.24.191.1
kernel-default-debugsource: before 5.3.18-150200.24.191.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.191.1
kernel-livepatch-5_3_18-150200_24_191-default: before 1-150200.5.3.1
kernel-default-debuginfo: before 5.3.18-150200.24.191.1
kernel-default-livepatch: before 5.3.18-150200.24.191.1
kernel-livepatch-SLE15-SP2_Update_48-debugsource: before 1-150200.5.3.1
kernel-livepatch-5_3_18-150200_24_191-default-debuginfo: before 1-150200.5.3.1
kernel-default: before 5.3.18-150200.24.191.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15_sp2_business_critical_linux:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_availability_extension_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15_sp2_ltss:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15_sp2_ltss:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_server:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_retail_branch_server:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_proxy:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:suse:reiserfs-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:reiserfs-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-docs:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-source:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-macros:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-devel-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-obs-build-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-syms:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-obs-build:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-devel-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-base:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:dlm-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ocfs2-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:dlm-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:gfs2-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:cluster-md-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:gfs2-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ocfs2-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:cluster-md-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-livepatch-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-5_3_18-150200_24_191-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-livepatch:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-sle15-sp2_update_48-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-5_3_18-150200_24_191-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2024/suse-su-20241650-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Improper locking
EUVDB-ID: #VU89745
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2021-47041
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the nvmet_tcp_state_change() function in drivers/nvme/target/tcp.c. An remote attacker can send specially crafted packets to the system and perform a denial of service (DoS) attack.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
reiserfs-kmp-default: before 5.3.18-150200.24.191.1
kernel-docs: before 5.3.18-150200.24.191.1
kernel-devel: before 5.3.18-150200.24.191.1
kernel-source: before 5.3.18-150200.24.191.1
kernel-macros: before 5.3.18-150200.24.191.1
kernel-preempt-devel: before 5.3.18-150200.24.191.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.191.1
kernel-preempt-debuginfo: before 5.3.18-150200.24.191.1
kernel-default-devel: before 5.3.18-150200.24.191.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.191.1
kernel-preempt-debugsource: before 5.3.18-150200.24.191.1
kernel-syms: before 5.3.18-150200.24.191.1
kernel-obs-build: before 5.3.18-150200.24.191.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.191.1
kernel-default-base: before 5.3.18-150200.24.191.1.150200.9.97.1
kernel-preempt: before 5.3.18-150200.24.191.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
ocfs2-kmp-default: before 5.3.18-150200.24.191.1
dlm-kmp-default: before 5.3.18-150200.24.191.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
gfs2-kmp-default: before 5.3.18-150200.24.191.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
cluster-md-kmp-default: before 5.3.18-150200.24.191.1
kernel-default-debugsource: before 5.3.18-150200.24.191.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.191.1
kernel-livepatch-5_3_18-150200_24_191-default: before 1-150200.5.3.1
kernel-default-debuginfo: before 5.3.18-150200.24.191.1
kernel-default-livepatch: before 5.3.18-150200.24.191.1
kernel-livepatch-SLE15-SP2_Update_48-debugsource: before 1-150200.5.3.1
kernel-livepatch-5_3_18-150200_24_191-default-debuginfo: before 1-150200.5.3.1
kernel-default: before 5.3.18-150200.24.191.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15_sp2_business_critical_linux:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_availability_extension_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15_sp2_ltss:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15_sp2_ltss:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_server:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_retail_branch_server:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_proxy:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:suse:reiserfs-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:reiserfs-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-docs:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-source:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-macros:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-devel-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-obs-build-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-syms:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-obs-build:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-devel-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-base:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:dlm-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ocfs2-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:dlm-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:gfs2-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:cluster-md-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:gfs2-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ocfs2-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:cluster-md-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-livepatch-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-5_3_18-150200_24_191-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-livepatch:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-sle15-sp2_update_48-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-5_3_18-150200_24_191-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2024/suse-su-20241650-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Memory leak
EUVDB-ID: #VU90027
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47074
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the nvme_loop_create_ctrl() function in drivers/nvme/target/loop.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
reiserfs-kmp-default: before 5.3.18-150200.24.191.1
kernel-docs: before 5.3.18-150200.24.191.1
kernel-devel: before 5.3.18-150200.24.191.1
kernel-source: before 5.3.18-150200.24.191.1
kernel-macros: before 5.3.18-150200.24.191.1
kernel-preempt-devel: before 5.3.18-150200.24.191.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.191.1
kernel-preempt-debuginfo: before 5.3.18-150200.24.191.1
kernel-default-devel: before 5.3.18-150200.24.191.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.191.1
kernel-preempt-debugsource: before 5.3.18-150200.24.191.1
kernel-syms: before 5.3.18-150200.24.191.1
kernel-obs-build: before 5.3.18-150200.24.191.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.191.1
kernel-default-base: before 5.3.18-150200.24.191.1.150200.9.97.1
kernel-preempt: before 5.3.18-150200.24.191.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
ocfs2-kmp-default: before 5.3.18-150200.24.191.1
dlm-kmp-default: before 5.3.18-150200.24.191.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
gfs2-kmp-default: before 5.3.18-150200.24.191.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
cluster-md-kmp-default: before 5.3.18-150200.24.191.1
kernel-default-debugsource: before 5.3.18-150200.24.191.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.191.1
kernel-livepatch-5_3_18-150200_24_191-default: before 1-150200.5.3.1
kernel-default-debuginfo: before 5.3.18-150200.24.191.1
kernel-default-livepatch: before 5.3.18-150200.24.191.1
kernel-livepatch-SLE15-SP2_Update_48-debugsource: before 1-150200.5.3.1
kernel-livepatch-5_3_18-150200_24_191-default-debuginfo: before 1-150200.5.3.1
kernel-default: before 5.3.18-150200.24.191.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15_sp2_business_critical_linux:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_availability_extension_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15_sp2_ltss:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15_sp2_ltss:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_server:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_retail_branch_server:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_proxy:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:suse:reiserfs-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:reiserfs-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-docs:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-source:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-macros:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-devel-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-obs-build-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-syms:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-obs-build:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-devel-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-base:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:dlm-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ocfs2-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:dlm-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:gfs2-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:cluster-md-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:gfs2-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ocfs2-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:cluster-md-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-livepatch-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-5_3_18-150200_24_191-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-livepatch:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-sle15-sp2_update_48-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-5_3_18-150200_24_191-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2024/suse-su-20241650-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Resource management error
EUVDB-ID: #VU89258
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47113
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper management of internal resources within the btrfs_rename_exchange() function in fs/btrfs/inode.c. A local user can corrupt the filesystem and perform a denial of service (DoS) attack.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
reiserfs-kmp-default: before 5.3.18-150200.24.191.1
kernel-docs: before 5.3.18-150200.24.191.1
kernel-devel: before 5.3.18-150200.24.191.1
kernel-source: before 5.3.18-150200.24.191.1
kernel-macros: before 5.3.18-150200.24.191.1
kernel-preempt-devel: before 5.3.18-150200.24.191.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.191.1
kernel-preempt-debuginfo: before 5.3.18-150200.24.191.1
kernel-default-devel: before 5.3.18-150200.24.191.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.191.1
kernel-preempt-debugsource: before 5.3.18-150200.24.191.1
kernel-syms: before 5.3.18-150200.24.191.1
kernel-obs-build: before 5.3.18-150200.24.191.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.191.1
kernel-default-base: before 5.3.18-150200.24.191.1.150200.9.97.1
kernel-preempt: before 5.3.18-150200.24.191.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
ocfs2-kmp-default: before 5.3.18-150200.24.191.1
dlm-kmp-default: before 5.3.18-150200.24.191.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
gfs2-kmp-default: before 5.3.18-150200.24.191.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
cluster-md-kmp-default: before 5.3.18-150200.24.191.1
kernel-default-debugsource: before 5.3.18-150200.24.191.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.191.1
kernel-livepatch-5_3_18-150200_24_191-default: before 1-150200.5.3.1
kernel-default-debuginfo: before 5.3.18-150200.24.191.1
kernel-default-livepatch: before 5.3.18-150200.24.191.1
kernel-livepatch-SLE15-SP2_Update_48-debugsource: before 1-150200.5.3.1
kernel-livepatch-5_3_18-150200_24_191-default-debuginfo: before 1-150200.5.3.1
kernel-default: before 5.3.18-150200.24.191.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15_sp2_business_critical_linux:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_availability_extension_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15_sp2_ltss:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15_sp2_ltss:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_server:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_retail_branch_server:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_proxy:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:suse:reiserfs-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:reiserfs-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-docs:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-source:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-macros:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-devel-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-obs-build-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-syms:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-obs-build:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-devel-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-base:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:dlm-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ocfs2-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:dlm-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:gfs2-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:cluster-md-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:gfs2-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ocfs2-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:cluster-md-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-livepatch-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-5_3_18-150200_24_191-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-livepatch:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-sle15-sp2_update_48-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-5_3_18-150200_24_191-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2024/suse-su-20241650-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Use-after-free
EUVDB-ID: #VU90223
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47131
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the tls_ctx_create() function in net/tls/tls_main.c, within the tls_validate_xmit_skb() function in net/tls/tls_device_fallback.c, within the tls_device_gc_task(), tls_device_rx_resync_new_rec(), tls_device_decrypted() and tls_device_down() functions in net/tls/tls_device.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
reiserfs-kmp-default: before 5.3.18-150200.24.191.1
kernel-docs: before 5.3.18-150200.24.191.1
kernel-devel: before 5.3.18-150200.24.191.1
kernel-source: before 5.3.18-150200.24.191.1
kernel-macros: before 5.3.18-150200.24.191.1
kernel-preempt-devel: before 5.3.18-150200.24.191.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.191.1
kernel-preempt-debuginfo: before 5.3.18-150200.24.191.1
kernel-default-devel: before 5.3.18-150200.24.191.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.191.1
kernel-preempt-debugsource: before 5.3.18-150200.24.191.1
kernel-syms: before 5.3.18-150200.24.191.1
kernel-obs-build: before 5.3.18-150200.24.191.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.191.1
kernel-default-base: before 5.3.18-150200.24.191.1.150200.9.97.1
kernel-preempt: before 5.3.18-150200.24.191.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
ocfs2-kmp-default: before 5.3.18-150200.24.191.1
dlm-kmp-default: before 5.3.18-150200.24.191.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
gfs2-kmp-default: before 5.3.18-150200.24.191.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
cluster-md-kmp-default: before 5.3.18-150200.24.191.1
kernel-default-debugsource: before 5.3.18-150200.24.191.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.191.1
kernel-livepatch-5_3_18-150200_24_191-default: before 1-150200.5.3.1
kernel-default-debuginfo: before 5.3.18-150200.24.191.1
kernel-default-livepatch: before 5.3.18-150200.24.191.1
kernel-livepatch-SLE15-SP2_Update_48-debugsource: before 1-150200.5.3.1
kernel-livepatch-5_3_18-150200_24_191-default-debuginfo: before 1-150200.5.3.1
kernel-default: before 5.3.18-150200.24.191.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15_sp2_business_critical_linux:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_availability_extension_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15_sp2_ltss:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15_sp2_ltss:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_server:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_retail_branch_server:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_proxy:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:suse:reiserfs-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:reiserfs-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-docs:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-source:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-macros:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-devel-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-obs-build-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-syms:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-obs-build:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-devel-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-base:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:dlm-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ocfs2-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:dlm-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:gfs2-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:cluster-md-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:gfs2-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ocfs2-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:cluster-md-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-livepatch-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-5_3_18-150200_24_191-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-livepatch:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-sle15-sp2_update_48-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-5_3_18-150200_24_191-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2024/suse-su-20241650-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) NULL pointer dereference
EUVDB-ID: #VU90587
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47184
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the i40e_sync_filters_subtask() and i40e_vsi_release() functions in drivers/net/ethernet/intel/i40e/i40e_main.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
reiserfs-kmp-default: before 5.3.18-150200.24.191.1
kernel-docs: before 5.3.18-150200.24.191.1
kernel-devel: before 5.3.18-150200.24.191.1
kernel-source: before 5.3.18-150200.24.191.1
kernel-macros: before 5.3.18-150200.24.191.1
kernel-preempt-devel: before 5.3.18-150200.24.191.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.191.1
kernel-preempt-debuginfo: before 5.3.18-150200.24.191.1
kernel-default-devel: before 5.3.18-150200.24.191.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.191.1
kernel-preempt-debugsource: before 5.3.18-150200.24.191.1
kernel-syms: before 5.3.18-150200.24.191.1
kernel-obs-build: before 5.3.18-150200.24.191.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.191.1
kernel-default-base: before 5.3.18-150200.24.191.1.150200.9.97.1
kernel-preempt: before 5.3.18-150200.24.191.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
ocfs2-kmp-default: before 5.3.18-150200.24.191.1
dlm-kmp-default: before 5.3.18-150200.24.191.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
gfs2-kmp-default: before 5.3.18-150200.24.191.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
cluster-md-kmp-default: before 5.3.18-150200.24.191.1
kernel-default-debugsource: before 5.3.18-150200.24.191.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.191.1
kernel-livepatch-5_3_18-150200_24_191-default: before 1-150200.5.3.1
kernel-default-debuginfo: before 5.3.18-150200.24.191.1
kernel-default-livepatch: before 5.3.18-150200.24.191.1
kernel-livepatch-SLE15-SP2_Update_48-debugsource: before 1-150200.5.3.1
kernel-livepatch-5_3_18-150200_24_191-default-debuginfo: before 1-150200.5.3.1
kernel-default: before 5.3.18-150200.24.191.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15_sp2_business_critical_linux:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_availability_extension_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15_sp2_ltss:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15_sp2_ltss:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_server:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_retail_branch_server:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_proxy:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:suse:reiserfs-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:reiserfs-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-docs:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-source:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-macros:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-devel-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-obs-build-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-syms:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-obs-build:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-devel-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-base:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:dlm-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ocfs2-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:dlm-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:gfs2-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:cluster-md-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:gfs2-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ocfs2-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:cluster-md-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-livepatch-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-5_3_18-150200_24_191-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-livepatch:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-sle15-sp2_update_48-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-5_3_18-150200_24_191-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2024/suse-su-20241650-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Improper locking
EUVDB-ID: #VU91528
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47185
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the flush_to_ldisc() function in drivers/tty/tty_buffer.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
reiserfs-kmp-default: before 5.3.18-150200.24.191.1
kernel-docs: before 5.3.18-150200.24.191.1
kernel-devel: before 5.3.18-150200.24.191.1
kernel-source: before 5.3.18-150200.24.191.1
kernel-macros: before 5.3.18-150200.24.191.1
kernel-preempt-devel: before 5.3.18-150200.24.191.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.191.1
kernel-preempt-debuginfo: before 5.3.18-150200.24.191.1
kernel-default-devel: before 5.3.18-150200.24.191.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.191.1
kernel-preempt-debugsource: before 5.3.18-150200.24.191.1
kernel-syms: before 5.3.18-150200.24.191.1
kernel-obs-build: before 5.3.18-150200.24.191.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.191.1
kernel-default-base: before 5.3.18-150200.24.191.1.150200.9.97.1
kernel-preempt: before 5.3.18-150200.24.191.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
ocfs2-kmp-default: before 5.3.18-150200.24.191.1
dlm-kmp-default: before 5.3.18-150200.24.191.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
gfs2-kmp-default: before 5.3.18-150200.24.191.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
cluster-md-kmp-default: before 5.3.18-150200.24.191.1
kernel-default-debugsource: before 5.3.18-150200.24.191.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.191.1
kernel-livepatch-5_3_18-150200_24_191-default: before 1-150200.5.3.1
kernel-default-debuginfo: before 5.3.18-150200.24.191.1
kernel-default-livepatch: before 5.3.18-150200.24.191.1
kernel-livepatch-SLE15-SP2_Update_48-debugsource: before 1-150200.5.3.1
kernel-livepatch-5_3_18-150200_24_191-default-debuginfo: before 1-150200.5.3.1
kernel-default: before 5.3.18-150200.24.191.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15_sp2_business_critical_linux:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_availability_extension_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15_sp2_ltss:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15_sp2_ltss:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_server:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_retail_branch_server:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_proxy:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:suse:reiserfs-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:reiserfs-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-docs:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-source:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-macros:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-devel-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-obs-build-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-syms:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-obs-build:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-devel-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-base:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:dlm-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ocfs2-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:dlm-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:gfs2-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:cluster-md-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:gfs2-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ocfs2-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:cluster-md-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-livepatch-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-5_3_18-150200_24_191-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-livepatch:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-sle15-sp2_update_48-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-5_3_18-150200_24_191-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2024/suse-su-20241650-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Improper initialization
EUVDB-ID: #VU92392
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47194
CWE-ID:
CWE-665 - Improper Initialization
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to improper initialization error within the cfg80211_change_iface() function in net/wireless/util.c. A local user can execute arbitrary code.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
reiserfs-kmp-default: before 5.3.18-150200.24.191.1
kernel-docs: before 5.3.18-150200.24.191.1
kernel-devel: before 5.3.18-150200.24.191.1
kernel-source: before 5.3.18-150200.24.191.1
kernel-macros: before 5.3.18-150200.24.191.1
kernel-preempt-devel: before 5.3.18-150200.24.191.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.191.1
kernel-preempt-debuginfo: before 5.3.18-150200.24.191.1
kernel-default-devel: before 5.3.18-150200.24.191.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.191.1
kernel-preempt-debugsource: before 5.3.18-150200.24.191.1
kernel-syms: before 5.3.18-150200.24.191.1
kernel-obs-build: before 5.3.18-150200.24.191.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.191.1
kernel-default-base: before 5.3.18-150200.24.191.1.150200.9.97.1
kernel-preempt: before 5.3.18-150200.24.191.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
ocfs2-kmp-default: before 5.3.18-150200.24.191.1
dlm-kmp-default: before 5.3.18-150200.24.191.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
gfs2-kmp-default: before 5.3.18-150200.24.191.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
cluster-md-kmp-default: before 5.3.18-150200.24.191.1
kernel-default-debugsource: before 5.3.18-150200.24.191.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.191.1
kernel-livepatch-5_3_18-150200_24_191-default: before 1-150200.5.3.1
kernel-default-debuginfo: before 5.3.18-150200.24.191.1
kernel-default-livepatch: before 5.3.18-150200.24.191.1
kernel-livepatch-SLE15-SP2_Update_48-debugsource: before 1-150200.5.3.1
kernel-livepatch-5_3_18-150200_24_191-default-debuginfo: before 1-150200.5.3.1
kernel-default: before 5.3.18-150200.24.191.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15_sp2_business_critical_linux:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_availability_extension_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15_sp2_ltss:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15_sp2_ltss:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_server:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_retail_branch_server:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_proxy:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:suse:reiserfs-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:reiserfs-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-docs:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-source:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-macros:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-devel-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-obs-build-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-syms:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-obs-build:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-devel-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-base:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:dlm-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ocfs2-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:dlm-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:gfs2-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:cluster-md-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:gfs2-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ocfs2-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:cluster-md-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-livepatch-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-5_3_18-150200_24_191-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-livepatch:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-sle15-sp2_update_48-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-5_3_18-150200_24_191-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2024/suse-su-20241650-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
9) Use-after-free
EUVDB-ID: #VU90208
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47198
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the lpfc_mbx_cmpl_fc_reg_login() function in drivers/scsi/lpfc/lpfc_hbadisc.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
reiserfs-kmp-default: before 5.3.18-150200.24.191.1
kernel-docs: before 5.3.18-150200.24.191.1
kernel-devel: before 5.3.18-150200.24.191.1
kernel-source: before 5.3.18-150200.24.191.1
kernel-macros: before 5.3.18-150200.24.191.1
kernel-preempt-devel: before 5.3.18-150200.24.191.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.191.1
kernel-preempt-debuginfo: before 5.3.18-150200.24.191.1
kernel-default-devel: before 5.3.18-150200.24.191.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.191.1
kernel-preempt-debugsource: before 5.3.18-150200.24.191.1
kernel-syms: before 5.3.18-150200.24.191.1
kernel-obs-build: before 5.3.18-150200.24.191.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.191.1
kernel-default-base: before 5.3.18-150200.24.191.1.150200.9.97.1
kernel-preempt: before 5.3.18-150200.24.191.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
ocfs2-kmp-default: before 5.3.18-150200.24.191.1
dlm-kmp-default: before 5.3.18-150200.24.191.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
gfs2-kmp-default: before 5.3.18-150200.24.191.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
cluster-md-kmp-default: before 5.3.18-150200.24.191.1
kernel-default-debugsource: before 5.3.18-150200.24.191.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.191.1
kernel-livepatch-5_3_18-150200_24_191-default: before 1-150200.5.3.1
kernel-default-debuginfo: before 5.3.18-150200.24.191.1
kernel-default-livepatch: before 5.3.18-150200.24.191.1
kernel-livepatch-SLE15-SP2_Update_48-debugsource: before 1-150200.5.3.1
kernel-livepatch-5_3_18-150200_24_191-default-debuginfo: before 1-150200.5.3.1
kernel-default: before 5.3.18-150200.24.191.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15_sp2_business_critical_linux:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_availability_extension_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15_sp2_ltss:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15_sp2_ltss:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_server:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_retail_branch_server:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_proxy:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:suse:reiserfs-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:reiserfs-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-docs:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-source:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-macros:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-devel-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-obs-build-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-syms:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-obs-build:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-devel-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-base:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:dlm-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ocfs2-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:dlm-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:gfs2-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:cluster-md-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:gfs2-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ocfs2-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:cluster-md-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-livepatch-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-5_3_18-150200_24_191-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-livepatch:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-sle15-sp2_update_48-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-5_3_18-150200_24_191-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2024/suse-su-20241650-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
10) Resource management error
EUVDB-ID: #VU92971
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47201
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the iavf_disable_vf() function in drivers/net/ethernet/intel/iavf/iavf_main.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
reiserfs-kmp-default: before 5.3.18-150200.24.191.1
kernel-docs: before 5.3.18-150200.24.191.1
kernel-devel: before 5.3.18-150200.24.191.1
kernel-source: before 5.3.18-150200.24.191.1
kernel-macros: before 5.3.18-150200.24.191.1
kernel-preempt-devel: before 5.3.18-150200.24.191.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.191.1
kernel-preempt-debuginfo: before 5.3.18-150200.24.191.1
kernel-default-devel: before 5.3.18-150200.24.191.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.191.1
kernel-preempt-debugsource: before 5.3.18-150200.24.191.1
kernel-syms: before 5.3.18-150200.24.191.1
kernel-obs-build: before 5.3.18-150200.24.191.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.191.1
kernel-default-base: before 5.3.18-150200.24.191.1.150200.9.97.1
kernel-preempt: before 5.3.18-150200.24.191.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
ocfs2-kmp-default: before 5.3.18-150200.24.191.1
dlm-kmp-default: before 5.3.18-150200.24.191.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
gfs2-kmp-default: before 5.3.18-150200.24.191.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
cluster-md-kmp-default: before 5.3.18-150200.24.191.1
kernel-default-debugsource: before 5.3.18-150200.24.191.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.191.1
kernel-livepatch-5_3_18-150200_24_191-default: before 1-150200.5.3.1
kernel-default-debuginfo: before 5.3.18-150200.24.191.1
kernel-default-livepatch: before 5.3.18-150200.24.191.1
kernel-livepatch-SLE15-SP2_Update_48-debugsource: before 1-150200.5.3.1
kernel-livepatch-5_3_18-150200_24_191-default-debuginfo: before 1-150200.5.3.1
kernel-default: before 5.3.18-150200.24.191.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15_sp2_business_critical_linux:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_availability_extension_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15_sp2_ltss:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15_sp2_ltss:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_server:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_retail_branch_server:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_proxy:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:suse:reiserfs-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:reiserfs-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-docs:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-source:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-macros:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-devel-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-obs-build-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-syms:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-obs-build:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-devel-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-base:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:dlm-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ocfs2-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:dlm-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:gfs2-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:cluster-md-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:gfs2-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ocfs2-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:cluster-md-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-livepatch-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-5_3_18-150200_24_191-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-livepatch:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-sle15-sp2_update_48-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-5_3_18-150200_24_191-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2024/suse-su-20241650-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
11) Buffer overflow
EUVDB-ID: #VU93156
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47203
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the lpfc_drain_txq() function in drivers/scsi/lpfc/lpfc_sli.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
reiserfs-kmp-default: before 5.3.18-150200.24.191.1
kernel-docs: before 5.3.18-150200.24.191.1
kernel-devel: before 5.3.18-150200.24.191.1
kernel-source: before 5.3.18-150200.24.191.1
kernel-macros: before 5.3.18-150200.24.191.1
kernel-preempt-devel: before 5.3.18-150200.24.191.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.191.1
kernel-preempt-debuginfo: before 5.3.18-150200.24.191.1
kernel-default-devel: before 5.3.18-150200.24.191.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.191.1
kernel-preempt-debugsource: before 5.3.18-150200.24.191.1
kernel-syms: before 5.3.18-150200.24.191.1
kernel-obs-build: before 5.3.18-150200.24.191.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.191.1
kernel-default-base: before 5.3.18-150200.24.191.1.150200.9.97.1
kernel-preempt: before 5.3.18-150200.24.191.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
ocfs2-kmp-default: before 5.3.18-150200.24.191.1
dlm-kmp-default: before 5.3.18-150200.24.191.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
gfs2-kmp-default: before 5.3.18-150200.24.191.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
cluster-md-kmp-default: before 5.3.18-150200.24.191.1
kernel-default-debugsource: before 5.3.18-150200.24.191.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.191.1
kernel-livepatch-5_3_18-150200_24_191-default: before 1-150200.5.3.1
kernel-default-debuginfo: before 5.3.18-150200.24.191.1
kernel-default-livepatch: before 5.3.18-150200.24.191.1
kernel-livepatch-SLE15-SP2_Update_48-debugsource: before 1-150200.5.3.1
kernel-livepatch-5_3_18-150200_24_191-default-debuginfo: before 1-150200.5.3.1
kernel-default: before 5.3.18-150200.24.191.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15_sp2_business_critical_linux:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_availability_extension_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15_sp2_ltss:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15_sp2_ltss:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_server:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_retail_branch_server:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_proxy:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:suse:reiserfs-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:reiserfs-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-docs:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-source:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-macros:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-devel-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-obs-build-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-syms:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-obs-build:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-devel-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-base:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:dlm-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ocfs2-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:dlm-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:gfs2-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:cluster-md-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:gfs2-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ocfs2-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:cluster-md-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-livepatch-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-5_3_18-150200_24_191-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-livepatch:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-sle15-sp2_update_48-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-5_3_18-150200_24_191-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2024/suse-su-20241650-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
12) NULL pointer dereference
EUVDB-ID: #VU92072
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47206
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ohci_hcd_tmio_drv_probe() function in drivers/usb/host/ohci-tmio.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
reiserfs-kmp-default: before 5.3.18-150200.24.191.1
kernel-docs: before 5.3.18-150200.24.191.1
kernel-devel: before 5.3.18-150200.24.191.1
kernel-source: before 5.3.18-150200.24.191.1
kernel-macros: before 5.3.18-150200.24.191.1
kernel-preempt-devel: before 5.3.18-150200.24.191.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.191.1
kernel-preempt-debuginfo: before 5.3.18-150200.24.191.1
kernel-default-devel: before 5.3.18-150200.24.191.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.191.1
kernel-preempt-debugsource: before 5.3.18-150200.24.191.1
kernel-syms: before 5.3.18-150200.24.191.1
kernel-obs-build: before 5.3.18-150200.24.191.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.191.1
kernel-default-base: before 5.3.18-150200.24.191.1.150200.9.97.1
kernel-preempt: before 5.3.18-150200.24.191.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
ocfs2-kmp-default: before 5.3.18-150200.24.191.1
dlm-kmp-default: before 5.3.18-150200.24.191.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
gfs2-kmp-default: before 5.3.18-150200.24.191.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
cluster-md-kmp-default: before 5.3.18-150200.24.191.1
kernel-default-debugsource: before 5.3.18-150200.24.191.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.191.1
kernel-livepatch-5_3_18-150200_24_191-default: before 1-150200.5.3.1
kernel-default-debuginfo: before 5.3.18-150200.24.191.1
kernel-default-livepatch: before 5.3.18-150200.24.191.1
kernel-livepatch-SLE15-SP2_Update_48-debugsource: before 1-150200.5.3.1
kernel-livepatch-5_3_18-150200_24_191-default-debuginfo: before 1-150200.5.3.1
kernel-default: before 5.3.18-150200.24.191.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15_sp2_business_critical_linux:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_availability_extension_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15_sp2_ltss:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15_sp2_ltss:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_server:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_retail_branch_server:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_proxy:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:suse:reiserfs-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:reiserfs-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-docs:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-source:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-macros:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-devel-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-obs-build-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-syms:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-obs-build:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-devel-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-base:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:dlm-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ocfs2-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:dlm-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:gfs2-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:cluster-md-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:gfs2-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ocfs2-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:cluster-md-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-livepatch-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-5_3_18-150200_24_191-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-livepatch:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-sle15-sp2_update_48-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-5_3_18-150200_24_191-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2024/suse-su-20241650-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
13) NULL pointer dereference
EUVDB-ID: #VU90583
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47207
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the snd_gf1_dma_interrupt() function in sound/isa/gus/gus_dma.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
reiserfs-kmp-default: before 5.3.18-150200.24.191.1
kernel-docs: before 5.3.18-150200.24.191.1
kernel-devel: before 5.3.18-150200.24.191.1
kernel-source: before 5.3.18-150200.24.191.1
kernel-macros: before 5.3.18-150200.24.191.1
kernel-preempt-devel: before 5.3.18-150200.24.191.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.191.1
kernel-preempt-debuginfo: before 5.3.18-150200.24.191.1
kernel-default-devel: before 5.3.18-150200.24.191.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.191.1
kernel-preempt-debugsource: before 5.3.18-150200.24.191.1
kernel-syms: before 5.3.18-150200.24.191.1
kernel-obs-build: before 5.3.18-150200.24.191.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.191.1
kernel-default-base: before 5.3.18-150200.24.191.1.150200.9.97.1
kernel-preempt: before 5.3.18-150200.24.191.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
ocfs2-kmp-default: before 5.3.18-150200.24.191.1
dlm-kmp-default: before 5.3.18-150200.24.191.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
gfs2-kmp-default: before 5.3.18-150200.24.191.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
cluster-md-kmp-default: before 5.3.18-150200.24.191.1
kernel-default-debugsource: before 5.3.18-150200.24.191.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.191.1
kernel-livepatch-5_3_18-150200_24_191-default: before 1-150200.5.3.1
kernel-default-debuginfo: before 5.3.18-150200.24.191.1
kernel-default-livepatch: before 5.3.18-150200.24.191.1
kernel-livepatch-SLE15-SP2_Update_48-debugsource: before 1-150200.5.3.1
kernel-livepatch-5_3_18-150200_24_191-default-debuginfo: before 1-150200.5.3.1
kernel-default: before 5.3.18-150200.24.191.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15_sp2_business_critical_linux:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_availability_extension_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15_sp2_ltss:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15_sp2_ltss:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_server:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_retail_branch_server:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_proxy:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:suse:reiserfs-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:reiserfs-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-docs:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-source:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-macros:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-devel-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-obs-build-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-syms:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-obs-build:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-devel-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-base:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:dlm-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ocfs2-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:dlm-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:gfs2-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:cluster-md-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:gfs2-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ocfs2-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:cluster-md-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-livepatch-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-5_3_18-150200_24_191-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-livepatch:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-sle15-sp2_update_48-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-5_3_18-150200_24_191-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2024/suse-su-20241650-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
14) Error Handling
EUVDB-ID: #VU89241
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-47212
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect error handling within the mlx5_internal_err_ret_value() function in drivers/net/ethernet/mellanox/mlx5/core/cmd.c. A local user can perform a denial of service (DoS) attack.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
reiserfs-kmp-default: before 5.3.18-150200.24.191.1
kernel-docs: before 5.3.18-150200.24.191.1
kernel-devel: before 5.3.18-150200.24.191.1
kernel-source: before 5.3.18-150200.24.191.1
kernel-macros: before 5.3.18-150200.24.191.1
kernel-preempt-devel: before 5.3.18-150200.24.191.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.191.1
kernel-preempt-debuginfo: before 5.3.18-150200.24.191.1
kernel-default-devel: before 5.3.18-150200.24.191.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.191.1
kernel-preempt-debugsource: before 5.3.18-150200.24.191.1
kernel-syms: before 5.3.18-150200.24.191.1
kernel-obs-build: before 5.3.18-150200.24.191.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.191.1
kernel-default-base: before 5.3.18-150200.24.191.1.150200.9.97.1
kernel-preempt: before 5.3.18-150200.24.191.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
ocfs2-kmp-default: before 5.3.18-150200.24.191.1
dlm-kmp-default: before 5.3.18-150200.24.191.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
gfs2-kmp-default: before 5.3.18-150200.24.191.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
cluster-md-kmp-default: before 5.3.18-150200.24.191.1
kernel-default-debugsource: before 5.3.18-150200.24.191.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.191.1
kernel-livepatch-5_3_18-150200_24_191-default: before 1-150200.5.3.1
kernel-default-debuginfo: before 5.3.18-150200.24.191.1
kernel-default-livepatch: before 5.3.18-150200.24.191.1
kernel-livepatch-SLE15-SP2_Update_48-debugsource: before 1-150200.5.3.1
kernel-livepatch-5_3_18-150200_24_191-default-debuginfo: before 1-150200.5.3.1
kernel-default: before 5.3.18-150200.24.191.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15_sp2_business_critical_linux:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_availability_extension_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15_sp2_ltss:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15_sp2_ltss:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_server:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_retail_branch_server:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_proxy:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:suse:reiserfs-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:reiserfs-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-docs:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-source:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-macros:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-devel-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-obs-build-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-syms:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-obs-build:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-devel-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-base:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:dlm-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ocfs2-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:dlm-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:gfs2-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:cluster-md-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:gfs2-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ocfs2-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:cluster-md-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-livepatch-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-5_3_18-150200_24_191-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-livepatch:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-sle15-sp2_update_48-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-5_3_18-150200_24_191-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2024/suse-su-20241650-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
15) Improper locking
EUVDB-ID: #VU92033
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48631
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the __ext4_ext_check() function in fs/ext4/extents.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
reiserfs-kmp-default: before 5.3.18-150200.24.191.1
kernel-docs: before 5.3.18-150200.24.191.1
kernel-devel: before 5.3.18-150200.24.191.1
kernel-source: before 5.3.18-150200.24.191.1
kernel-macros: before 5.3.18-150200.24.191.1
kernel-preempt-devel: before 5.3.18-150200.24.191.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.191.1
kernel-preempt-debuginfo: before 5.3.18-150200.24.191.1
kernel-default-devel: before 5.3.18-150200.24.191.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.191.1
kernel-preempt-debugsource: before 5.3.18-150200.24.191.1
kernel-syms: before 5.3.18-150200.24.191.1
kernel-obs-build: before 5.3.18-150200.24.191.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.191.1
kernel-default-base: before 5.3.18-150200.24.191.1.150200.9.97.1
kernel-preempt: before 5.3.18-150200.24.191.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
ocfs2-kmp-default: before 5.3.18-150200.24.191.1
dlm-kmp-default: before 5.3.18-150200.24.191.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
gfs2-kmp-default: before 5.3.18-150200.24.191.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
cluster-md-kmp-default: before 5.3.18-150200.24.191.1
kernel-default-debugsource: before 5.3.18-150200.24.191.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.191.1
kernel-livepatch-5_3_18-150200_24_191-default: before 1-150200.5.3.1
kernel-default-debuginfo: before 5.3.18-150200.24.191.1
kernel-default-livepatch: before 5.3.18-150200.24.191.1
kernel-livepatch-SLE15-SP2_Update_48-debugsource: before 1-150200.5.3.1
kernel-livepatch-5_3_18-150200_24_191-default-debuginfo: before 1-150200.5.3.1
kernel-default: before 5.3.18-150200.24.191.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15_sp2_business_critical_linux:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_availability_extension_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15_sp2_ltss:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15_sp2_ltss:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_server:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_retail_branch_server:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_proxy:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:suse:reiserfs-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:reiserfs-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-docs:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-source:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-macros:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-devel-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-obs-build-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-syms:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-obs-build:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-devel-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-base:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:dlm-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ocfs2-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:dlm-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:gfs2-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:cluster-md-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:gfs2-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ocfs2-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:cluster-md-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-livepatch-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-5_3_18-150200_24_191-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-livepatch:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-sle15-sp2_update_48-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-5_3_18-150200_24_191-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2024/suse-su-20241650-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
16) Out-of-bounds read
EUVDB-ID: #VU89680
Risk: Medium
CVSSv4.0: 1.3 [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2022-48651
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in drivers/net/ipvlan/ipvlan_core.c. A remote attacker on the local network can send specially crafted packets to the system, trigger an out-of-bounds read error and read contents of memory on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
reiserfs-kmp-default: before 5.3.18-150200.24.191.1
kernel-docs: before 5.3.18-150200.24.191.1
kernel-devel: before 5.3.18-150200.24.191.1
kernel-source: before 5.3.18-150200.24.191.1
kernel-macros: before 5.3.18-150200.24.191.1
kernel-preempt-devel: before 5.3.18-150200.24.191.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.191.1
kernel-preempt-debuginfo: before 5.3.18-150200.24.191.1
kernel-default-devel: before 5.3.18-150200.24.191.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.191.1
kernel-preempt-debugsource: before 5.3.18-150200.24.191.1
kernel-syms: before 5.3.18-150200.24.191.1
kernel-obs-build: before 5.3.18-150200.24.191.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.191.1
kernel-default-base: before 5.3.18-150200.24.191.1.150200.9.97.1
kernel-preempt: before 5.3.18-150200.24.191.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
ocfs2-kmp-default: before 5.3.18-150200.24.191.1
dlm-kmp-default: before 5.3.18-150200.24.191.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
gfs2-kmp-default: before 5.3.18-150200.24.191.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
cluster-md-kmp-default: before 5.3.18-150200.24.191.1
kernel-default-debugsource: before 5.3.18-150200.24.191.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.191.1
kernel-livepatch-5_3_18-150200_24_191-default: before 1-150200.5.3.1
kernel-default-debuginfo: before 5.3.18-150200.24.191.1
kernel-default-livepatch: before 5.3.18-150200.24.191.1
kernel-livepatch-SLE15-SP2_Update_48-debugsource: before 1-150200.5.3.1
kernel-livepatch-5_3_18-150200_24_191-default-debuginfo: before 1-150200.5.3.1
kernel-default: before 5.3.18-150200.24.191.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15_sp2_business_critical_linux:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_availability_extension_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15_sp2_ltss:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15_sp2_ltss:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_server:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_retail_branch_server:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_proxy:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:suse:reiserfs-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:reiserfs-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-docs:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-source:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-macros:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-devel-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-obs-build-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-syms:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-obs-build:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-devel-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-base:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:dlm-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ocfs2-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:dlm-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:gfs2-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:cluster-md-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:gfs2-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ocfs2-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:cluster-md-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-livepatch-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-5_3_18-150200_24_191-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-livepatch:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-sle15-sp2_update_48-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-5_3_18-150200_24_191-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2024/suse-su-20241650-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
17) Memory leak
EUVDB-ID: #VU91645
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48654
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to memory leak within the nf_osf_find() function in net/netfilter/nfnetlink_osf.c. A local user can gain access to sensitive information.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
reiserfs-kmp-default: before 5.3.18-150200.24.191.1
kernel-docs: before 5.3.18-150200.24.191.1
kernel-devel: before 5.3.18-150200.24.191.1
kernel-source: before 5.3.18-150200.24.191.1
kernel-macros: before 5.3.18-150200.24.191.1
kernel-preempt-devel: before 5.3.18-150200.24.191.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.191.1
kernel-preempt-debuginfo: before 5.3.18-150200.24.191.1
kernel-default-devel: before 5.3.18-150200.24.191.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.191.1
kernel-preempt-debugsource: before 5.3.18-150200.24.191.1
kernel-syms: before 5.3.18-150200.24.191.1
kernel-obs-build: before 5.3.18-150200.24.191.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.191.1
kernel-default-base: before 5.3.18-150200.24.191.1.150200.9.97.1
kernel-preempt: before 5.3.18-150200.24.191.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
ocfs2-kmp-default: before 5.3.18-150200.24.191.1
dlm-kmp-default: before 5.3.18-150200.24.191.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
gfs2-kmp-default: before 5.3.18-150200.24.191.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
cluster-md-kmp-default: before 5.3.18-150200.24.191.1
kernel-default-debugsource: before 5.3.18-150200.24.191.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.191.1
kernel-livepatch-5_3_18-150200_24_191-default: before 1-150200.5.3.1
kernel-default-debuginfo: before 5.3.18-150200.24.191.1
kernel-default-livepatch: before 5.3.18-150200.24.191.1
kernel-livepatch-SLE15-SP2_Update_48-debugsource: before 1-150200.5.3.1
kernel-livepatch-5_3_18-150200_24_191-default-debuginfo: before 1-150200.5.3.1
kernel-default: before 5.3.18-150200.24.191.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15_sp2_business_critical_linux:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_availability_extension_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15_sp2_ltss:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15_sp2_ltss:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_server:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_retail_branch_server:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_proxy:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:suse:reiserfs-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:reiserfs-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-docs:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-source:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-macros:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-devel-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-obs-build-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-syms:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-obs-build:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-devel-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-base:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:dlm-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ocfs2-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:dlm-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:gfs2-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:cluster-md-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:gfs2-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ocfs2-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:cluster-md-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-livepatch-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-5_3_18-150200_24_191-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-livepatch:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-sle15-sp2_update_48-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-5_3_18-150200_24_191-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2024/suse-su-20241650-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
18) Out-of-bounds read
EUVDB-ID: #VU90314
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48687
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to an out-of-bounds read error within the seg6_genl_sethmac() function in net/ipv6/seg6.c. A local user can gain access to sensitive information.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
reiserfs-kmp-default: before 5.3.18-150200.24.191.1
kernel-docs: before 5.3.18-150200.24.191.1
kernel-devel: before 5.3.18-150200.24.191.1
kernel-source: before 5.3.18-150200.24.191.1
kernel-macros: before 5.3.18-150200.24.191.1
kernel-preempt-devel: before 5.3.18-150200.24.191.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.191.1
kernel-preempt-debuginfo: before 5.3.18-150200.24.191.1
kernel-default-devel: before 5.3.18-150200.24.191.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.191.1
kernel-preempt-debugsource: before 5.3.18-150200.24.191.1
kernel-syms: before 5.3.18-150200.24.191.1
kernel-obs-build: before 5.3.18-150200.24.191.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.191.1
kernel-default-base: before 5.3.18-150200.24.191.1.150200.9.97.1
kernel-preempt: before 5.3.18-150200.24.191.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
ocfs2-kmp-default: before 5.3.18-150200.24.191.1
dlm-kmp-default: before 5.3.18-150200.24.191.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
gfs2-kmp-default: before 5.3.18-150200.24.191.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
cluster-md-kmp-default: before 5.3.18-150200.24.191.1
kernel-default-debugsource: before 5.3.18-150200.24.191.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.191.1
kernel-livepatch-5_3_18-150200_24_191-default: before 1-150200.5.3.1
kernel-default-debuginfo: before 5.3.18-150200.24.191.1
kernel-default-livepatch: before 5.3.18-150200.24.191.1
kernel-livepatch-SLE15-SP2_Update_48-debugsource: before 1-150200.5.3.1
kernel-livepatch-5_3_18-150200_24_191-default-debuginfo: before 1-150200.5.3.1
kernel-default: before 5.3.18-150200.24.191.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15_sp2_business_critical_linux:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_availability_extension_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15_sp2_ltss:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15_sp2_ltss:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_server:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_retail_branch_server:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_proxy:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:suse:reiserfs-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:reiserfs-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-docs:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-source:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-macros:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-devel-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-obs-build-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-syms:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-obs-build:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-devel-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-base:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:dlm-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ocfs2-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:dlm-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:gfs2-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:cluster-md-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:gfs2-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ocfs2-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:cluster-md-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-livepatch-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-5_3_18-150200_24_191-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-livepatch:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-sle15-sp2_update_48-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-5_3_18-150200_24_191-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2024/suse-su-20241650-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
19) Out-of-bounds read
EUVDB-ID: #VU78675
Risk: Low
CVSSv4.0: 1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-2860
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition within the SR-IPv6 implementation when processing seg6 attributes. A local user can trigger an out-of-bounds read error and read contents of memory on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
reiserfs-kmp-default: before 5.3.18-150200.24.191.1
kernel-docs: before 5.3.18-150200.24.191.1
kernel-devel: before 5.3.18-150200.24.191.1
kernel-source: before 5.3.18-150200.24.191.1
kernel-macros: before 5.3.18-150200.24.191.1
kernel-preempt-devel: before 5.3.18-150200.24.191.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.191.1
kernel-preempt-debuginfo: before 5.3.18-150200.24.191.1
kernel-default-devel: before 5.3.18-150200.24.191.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.191.1
kernel-preempt-debugsource: before 5.3.18-150200.24.191.1
kernel-syms: before 5.3.18-150200.24.191.1
kernel-obs-build: before 5.3.18-150200.24.191.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.191.1
kernel-default-base: before 5.3.18-150200.24.191.1.150200.9.97.1
kernel-preempt: before 5.3.18-150200.24.191.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
ocfs2-kmp-default: before 5.3.18-150200.24.191.1
dlm-kmp-default: before 5.3.18-150200.24.191.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
gfs2-kmp-default: before 5.3.18-150200.24.191.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
cluster-md-kmp-default: before 5.3.18-150200.24.191.1
kernel-default-debugsource: before 5.3.18-150200.24.191.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.191.1
kernel-livepatch-5_3_18-150200_24_191-default: before 1-150200.5.3.1
kernel-default-debuginfo: before 5.3.18-150200.24.191.1
kernel-default-livepatch: before 5.3.18-150200.24.191.1
kernel-livepatch-SLE15-SP2_Update_48-debugsource: before 1-150200.5.3.1
kernel-livepatch-5_3_18-150200_24_191-default-debuginfo: before 1-150200.5.3.1
kernel-default: before 5.3.18-150200.24.191.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15_sp2_business_critical_linux:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_availability_extension_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15_sp2_ltss:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15_sp2_ltss:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_server:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_retail_branch_server:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_proxy:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:suse:reiserfs-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:reiserfs-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-docs:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-source:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-macros:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-devel-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-obs-build-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-syms:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-obs-build:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-devel-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-base:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:dlm-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ocfs2-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:dlm-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:gfs2-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:cluster-md-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:gfs2-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ocfs2-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:cluster-md-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-livepatch-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-5_3_18-150200_24_191-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-livepatch:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-sle15-sp2_update_48-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-5_3_18-150200_24_191-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2024/suse-su-20241650-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
20) Use-after-free
EUVDB-ID: #VU91599
Risk: Low
CVSSv4.0: 4.4 [CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-6270
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the aoecmd_cfg_pkts() function in the ATA over Ethernet (AoE) driver. A local user can trigger a use-after-free error and escalate privileges on the system.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
reiserfs-kmp-default: before 5.3.18-150200.24.191.1
kernel-docs: before 5.3.18-150200.24.191.1
kernel-devel: before 5.3.18-150200.24.191.1
kernel-source: before 5.3.18-150200.24.191.1
kernel-macros: before 5.3.18-150200.24.191.1
kernel-preempt-devel: before 5.3.18-150200.24.191.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.191.1
kernel-preempt-debuginfo: before 5.3.18-150200.24.191.1
kernel-default-devel: before 5.3.18-150200.24.191.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.191.1
kernel-preempt-debugsource: before 5.3.18-150200.24.191.1
kernel-syms: before 5.3.18-150200.24.191.1
kernel-obs-build: before 5.3.18-150200.24.191.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.191.1
kernel-default-base: before 5.3.18-150200.24.191.1.150200.9.97.1
kernel-preempt: before 5.3.18-150200.24.191.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
ocfs2-kmp-default: before 5.3.18-150200.24.191.1
dlm-kmp-default: before 5.3.18-150200.24.191.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
gfs2-kmp-default: before 5.3.18-150200.24.191.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
cluster-md-kmp-default: before 5.3.18-150200.24.191.1
kernel-default-debugsource: before 5.3.18-150200.24.191.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.191.1
kernel-livepatch-5_3_18-150200_24_191-default: before 1-150200.5.3.1
kernel-default-debuginfo: before 5.3.18-150200.24.191.1
kernel-default-livepatch: before 5.3.18-150200.24.191.1
kernel-livepatch-SLE15-SP2_Update_48-debugsource: before 1-150200.5.3.1
kernel-livepatch-5_3_18-150200_24_191-default-debuginfo: before 1-150200.5.3.1
kernel-default: before 5.3.18-150200.24.191.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15_sp2_business_critical_linux:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_availability_extension_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15_sp2_ltss:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15_sp2_ltss:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_server:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_retail_branch_server:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_proxy:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:suse:reiserfs-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:reiserfs-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-docs:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-source:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-macros:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-devel-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-obs-build-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-syms:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-obs-build:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-devel-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-base:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:dlm-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ocfs2-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:dlm-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:gfs2-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:cluster-md-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:gfs2-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ocfs2-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:cluster-md-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-livepatch-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-5_3_18-150200_24_191-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-livepatch:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-sle15-sp2_update_48-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-5_3_18-150200_24_191-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2024/suse-su-20241650-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
21) Improper locking
EUVDB-ID: #VU88894
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-0639
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service attack.
The vulnerability exists due to improper locking within the sctp_auto_asconf_init() function in net/sctp/socket.c. A local user can crash the kernel.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
reiserfs-kmp-default: before 5.3.18-150200.24.191.1
kernel-docs: before 5.3.18-150200.24.191.1
kernel-devel: before 5.3.18-150200.24.191.1
kernel-source: before 5.3.18-150200.24.191.1
kernel-macros: before 5.3.18-150200.24.191.1
kernel-preempt-devel: before 5.3.18-150200.24.191.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.191.1
kernel-preempt-debuginfo: before 5.3.18-150200.24.191.1
kernel-default-devel: before 5.3.18-150200.24.191.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.191.1
kernel-preempt-debugsource: before 5.3.18-150200.24.191.1
kernel-syms: before 5.3.18-150200.24.191.1
kernel-obs-build: before 5.3.18-150200.24.191.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.191.1
kernel-default-base: before 5.3.18-150200.24.191.1.150200.9.97.1
kernel-preempt: before 5.3.18-150200.24.191.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
ocfs2-kmp-default: before 5.3.18-150200.24.191.1
dlm-kmp-default: before 5.3.18-150200.24.191.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
gfs2-kmp-default: before 5.3.18-150200.24.191.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
cluster-md-kmp-default: before 5.3.18-150200.24.191.1
kernel-default-debugsource: before 5.3.18-150200.24.191.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.191.1
kernel-livepatch-5_3_18-150200_24_191-default: before 1-150200.5.3.1
kernel-default-debuginfo: before 5.3.18-150200.24.191.1
kernel-default-livepatch: before 5.3.18-150200.24.191.1
kernel-livepatch-SLE15-SP2_Update_48-debugsource: before 1-150200.5.3.1
kernel-livepatch-5_3_18-150200_24_191-default-debuginfo: before 1-150200.5.3.1
kernel-default: before 5.3.18-150200.24.191.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15_sp2_business_critical_linux:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_availability_extension_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15_sp2_ltss:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15_sp2_ltss:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_server:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_retail_branch_server:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_proxy:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:suse:reiserfs-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:reiserfs-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-docs:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-source:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-macros:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-devel-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-obs-build-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-syms:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-obs-build:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-devel-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-base:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:dlm-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ocfs2-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:dlm-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:gfs2-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:cluster-md-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:gfs2-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ocfs2-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:cluster-md-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-livepatch-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-5_3_18-150200_24_191-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-livepatch:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-sle15-sp2_update_48-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-5_3_18-150200_24_191-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2024/suse-su-20241650-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
22) NULL pointer dereference
EUVDB-ID: #VU89389
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-0841
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error within the hugetlbfs_fill_super() function in the Linux kernel hugetlbfs (HugeTLB pages) functionality. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
reiserfs-kmp-default: before 5.3.18-150200.24.191.1
kernel-docs: before 5.3.18-150200.24.191.1
kernel-devel: before 5.3.18-150200.24.191.1
kernel-source: before 5.3.18-150200.24.191.1
kernel-macros: before 5.3.18-150200.24.191.1
kernel-preempt-devel: before 5.3.18-150200.24.191.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.191.1
kernel-preempt-debuginfo: before 5.3.18-150200.24.191.1
kernel-default-devel: before 5.3.18-150200.24.191.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.191.1
kernel-preempt-debugsource: before 5.3.18-150200.24.191.1
kernel-syms: before 5.3.18-150200.24.191.1
kernel-obs-build: before 5.3.18-150200.24.191.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.191.1
kernel-default-base: before 5.3.18-150200.24.191.1.150200.9.97.1
kernel-preempt: before 5.3.18-150200.24.191.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
ocfs2-kmp-default: before 5.3.18-150200.24.191.1
dlm-kmp-default: before 5.3.18-150200.24.191.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
gfs2-kmp-default: before 5.3.18-150200.24.191.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
cluster-md-kmp-default: before 5.3.18-150200.24.191.1
kernel-default-debugsource: before 5.3.18-150200.24.191.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.191.1
kernel-livepatch-5_3_18-150200_24_191-default: before 1-150200.5.3.1
kernel-default-debuginfo: before 5.3.18-150200.24.191.1
kernel-default-livepatch: before 5.3.18-150200.24.191.1
kernel-livepatch-SLE15-SP2_Update_48-debugsource: before 1-150200.5.3.1
kernel-livepatch-5_3_18-150200_24_191-default-debuginfo: before 1-150200.5.3.1
kernel-default: before 5.3.18-150200.24.191.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15_sp2_business_critical_linux:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_availability_extension_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15_sp2_ltss:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15_sp2_ltss:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_server:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_retail_branch_server:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_proxy:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:suse:reiserfs-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:reiserfs-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-docs:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-source:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-macros:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-devel-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-obs-build-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-syms:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-obs-build:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-devel-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-base:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:dlm-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ocfs2-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:dlm-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:gfs2-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:cluster-md-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:gfs2-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ocfs2-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:cluster-md-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-livepatch-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-5_3_18-150200_24_191-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-livepatch:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-sle15-sp2_update_48-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-5_3_18-150200_24_191-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2024/suse-su-20241650-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
23) NULL pointer dereference
EUVDB-ID: #VU87192
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-22099
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error within the rfcomm_check_security() function in /net/bluetooth/rfcomm/core.c. A local user can pass specially crafted data to the application and perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
reiserfs-kmp-default: before 5.3.18-150200.24.191.1
kernel-docs: before 5.3.18-150200.24.191.1
kernel-devel: before 5.3.18-150200.24.191.1
kernel-source: before 5.3.18-150200.24.191.1
kernel-macros: before 5.3.18-150200.24.191.1
kernel-preempt-devel: before 5.3.18-150200.24.191.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.191.1
kernel-preempt-debuginfo: before 5.3.18-150200.24.191.1
kernel-default-devel: before 5.3.18-150200.24.191.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.191.1
kernel-preempt-debugsource: before 5.3.18-150200.24.191.1
kernel-syms: before 5.3.18-150200.24.191.1
kernel-obs-build: before 5.3.18-150200.24.191.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.191.1
kernel-default-base: before 5.3.18-150200.24.191.1.150200.9.97.1
kernel-preempt: before 5.3.18-150200.24.191.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
ocfs2-kmp-default: before 5.3.18-150200.24.191.1
dlm-kmp-default: before 5.3.18-150200.24.191.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
gfs2-kmp-default: before 5.3.18-150200.24.191.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
cluster-md-kmp-default: before 5.3.18-150200.24.191.1
kernel-default-debugsource: before 5.3.18-150200.24.191.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.191.1
kernel-livepatch-5_3_18-150200_24_191-default: before 1-150200.5.3.1
kernel-default-debuginfo: before 5.3.18-150200.24.191.1
kernel-default-livepatch: before 5.3.18-150200.24.191.1
kernel-livepatch-SLE15-SP2_Update_48-debugsource: before 1-150200.5.3.1
kernel-livepatch-5_3_18-150200_24_191-default-debuginfo: before 1-150200.5.3.1
kernel-default: before 5.3.18-150200.24.191.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15_sp2_business_critical_linux:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_availability_extension_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15_sp2_ltss:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15_sp2_ltss:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_server:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_retail_branch_server:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_proxy:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:suse:reiserfs-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:reiserfs-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-docs:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-source:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-macros:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-devel-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-obs-build-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-syms:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-obs-build:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-devel-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-base:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:dlm-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ocfs2-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:dlm-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:gfs2-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:cluster-md-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:gfs2-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ocfs2-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:cluster-md-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-livepatch-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-5_3_18-150200_24_191-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-livepatch:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-sle15-sp2_update_48-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-5_3_18-150200_24_191-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2024/suse-su-20241650-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
24) Integer overflow
EUVDB-ID: #VU88102
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-23307
CWE-ID:
CWE-190 - Integer overflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to integer overflow in raid5_cache_count() function. A local user can trigger an integer overflow and execute arbitrary code with elevated privileges.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
reiserfs-kmp-default: before 5.3.18-150200.24.191.1
kernel-docs: before 5.3.18-150200.24.191.1
kernel-devel: before 5.3.18-150200.24.191.1
kernel-source: before 5.3.18-150200.24.191.1
kernel-macros: before 5.3.18-150200.24.191.1
kernel-preempt-devel: before 5.3.18-150200.24.191.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.191.1
kernel-preempt-debuginfo: before 5.3.18-150200.24.191.1
kernel-default-devel: before 5.3.18-150200.24.191.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.191.1
kernel-preempt-debugsource: before 5.3.18-150200.24.191.1
kernel-syms: before 5.3.18-150200.24.191.1
kernel-obs-build: before 5.3.18-150200.24.191.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.191.1
kernel-default-base: before 5.3.18-150200.24.191.1.150200.9.97.1
kernel-preempt: before 5.3.18-150200.24.191.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
ocfs2-kmp-default: before 5.3.18-150200.24.191.1
dlm-kmp-default: before 5.3.18-150200.24.191.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
gfs2-kmp-default: before 5.3.18-150200.24.191.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
cluster-md-kmp-default: before 5.3.18-150200.24.191.1
kernel-default-debugsource: before 5.3.18-150200.24.191.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.191.1
kernel-livepatch-5_3_18-150200_24_191-default: before 1-150200.5.3.1
kernel-default-debuginfo: before 5.3.18-150200.24.191.1
kernel-default-livepatch: before 5.3.18-150200.24.191.1
kernel-livepatch-SLE15-SP2_Update_48-debugsource: before 1-150200.5.3.1
kernel-livepatch-5_3_18-150200_24_191-default-debuginfo: before 1-150200.5.3.1
kernel-default: before 5.3.18-150200.24.191.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15_sp2_business_critical_linux:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_availability_extension_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15_sp2_ltss:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15_sp2_ltss:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_server:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_retail_branch_server:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_proxy:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:suse:reiserfs-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:reiserfs-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-docs:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-source:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-macros:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-devel-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-obs-build-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-syms:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-obs-build:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-devel-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-base:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:dlm-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ocfs2-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:dlm-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:gfs2-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:cluster-md-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:gfs2-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ocfs2-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:cluster-md-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-livepatch-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-5_3_18-150200_24_191-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-livepatch:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-sle15-sp2_update_48-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-5_3_18-150200_24_191-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2024/suse-su-20241650-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
25) NULL pointer dereference
EUVDB-ID: #VU90603
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26688
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the hugetlbfs_parse_param() function in fs/hugetlbfs/inode.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
reiserfs-kmp-default: before 5.3.18-150200.24.191.1
kernel-docs: before 5.3.18-150200.24.191.1
kernel-devel: before 5.3.18-150200.24.191.1
kernel-source: before 5.3.18-150200.24.191.1
kernel-macros: before 5.3.18-150200.24.191.1
kernel-preempt-devel: before 5.3.18-150200.24.191.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.191.1
kernel-preempt-debuginfo: before 5.3.18-150200.24.191.1
kernel-default-devel: before 5.3.18-150200.24.191.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.191.1
kernel-preempt-debugsource: before 5.3.18-150200.24.191.1
kernel-syms: before 5.3.18-150200.24.191.1
kernel-obs-build: before 5.3.18-150200.24.191.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.191.1
kernel-default-base: before 5.3.18-150200.24.191.1.150200.9.97.1
kernel-preempt: before 5.3.18-150200.24.191.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
ocfs2-kmp-default: before 5.3.18-150200.24.191.1
dlm-kmp-default: before 5.3.18-150200.24.191.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
gfs2-kmp-default: before 5.3.18-150200.24.191.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
cluster-md-kmp-default: before 5.3.18-150200.24.191.1
kernel-default-debugsource: before 5.3.18-150200.24.191.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.191.1
kernel-livepatch-5_3_18-150200_24_191-default: before 1-150200.5.3.1
kernel-default-debuginfo: before 5.3.18-150200.24.191.1
kernel-default-livepatch: before 5.3.18-150200.24.191.1
kernel-livepatch-SLE15-SP2_Update_48-debugsource: before 1-150200.5.3.1
kernel-livepatch-5_3_18-150200_24_191-default-debuginfo: before 1-150200.5.3.1
kernel-default: before 5.3.18-150200.24.191.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15_sp2_business_critical_linux:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_availability_extension_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15_sp2_ltss:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15_sp2_ltss:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_server:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_retail_branch_server:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_proxy:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:suse:reiserfs-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:reiserfs-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-docs:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-source:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-macros:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-devel-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-obs-build-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-syms:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-obs-build:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-devel-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-base:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:dlm-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ocfs2-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:dlm-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:gfs2-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:cluster-md-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:gfs2-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ocfs2-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:cluster-md-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-livepatch-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-5_3_18-150200_24_191-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-livepatch:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-sle15-sp2_update_48-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-5_3_18-150200_24_191-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2024/suse-su-20241650-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
26) Use-after-free
EUVDB-ID: #VU90220
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26689
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the __prep_cap() and __send_cap() functions in fs/ceph/caps.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
reiserfs-kmp-default: before 5.3.18-150200.24.191.1
kernel-docs: before 5.3.18-150200.24.191.1
kernel-devel: before 5.3.18-150200.24.191.1
kernel-source: before 5.3.18-150200.24.191.1
kernel-macros: before 5.3.18-150200.24.191.1
kernel-preempt-devel: before 5.3.18-150200.24.191.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.191.1
kernel-preempt-debuginfo: before 5.3.18-150200.24.191.1
kernel-default-devel: before 5.3.18-150200.24.191.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.191.1
kernel-preempt-debugsource: before 5.3.18-150200.24.191.1
kernel-syms: before 5.3.18-150200.24.191.1
kernel-obs-build: before 5.3.18-150200.24.191.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.191.1
kernel-default-base: before 5.3.18-150200.24.191.1.150200.9.97.1
kernel-preempt: before 5.3.18-150200.24.191.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
ocfs2-kmp-default: before 5.3.18-150200.24.191.1
dlm-kmp-default: before 5.3.18-150200.24.191.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
gfs2-kmp-default: before 5.3.18-150200.24.191.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
cluster-md-kmp-default: before 5.3.18-150200.24.191.1
kernel-default-debugsource: before 5.3.18-150200.24.191.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.191.1
kernel-livepatch-5_3_18-150200_24_191-default: before 1-150200.5.3.1
kernel-default-debuginfo: before 5.3.18-150200.24.191.1
kernel-default-livepatch: before 5.3.18-150200.24.191.1
kernel-livepatch-SLE15-SP2_Update_48-debugsource: before 1-150200.5.3.1
kernel-livepatch-5_3_18-150200_24_191-default-debuginfo: before 1-150200.5.3.1
kernel-default: before 5.3.18-150200.24.191.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15_sp2_business_critical_linux:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_availability_extension_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15_sp2_ltss:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15_sp2_ltss:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_server:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_retail_branch_server:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_proxy:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:suse:reiserfs-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:reiserfs-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-docs:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-source:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-macros:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-devel-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-obs-build-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-syms:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-obs-build:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-devel-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-base:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:dlm-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ocfs2-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:dlm-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:gfs2-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:cluster-md-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:gfs2-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ocfs2-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:cluster-md-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-livepatch-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-5_3_18-150200_24_191-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-livepatch:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-sle15-sp2_update_48-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-5_3_18-150200_24_191-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2024/suse-su-20241650-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
27) Buffer overflow
EUVDB-ID: #VU92952
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26733
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the arp_req_get() function in net/ipv4/arp.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
reiserfs-kmp-default: before 5.3.18-150200.24.191.1
kernel-docs: before 5.3.18-150200.24.191.1
kernel-devel: before 5.3.18-150200.24.191.1
kernel-source: before 5.3.18-150200.24.191.1
kernel-macros: before 5.3.18-150200.24.191.1
kernel-preempt-devel: before 5.3.18-150200.24.191.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.191.1
kernel-preempt-debuginfo: before 5.3.18-150200.24.191.1
kernel-default-devel: before 5.3.18-150200.24.191.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.191.1
kernel-preempt-debugsource: before 5.3.18-150200.24.191.1
kernel-syms: before 5.3.18-150200.24.191.1
kernel-obs-build: before 5.3.18-150200.24.191.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.191.1
kernel-default-base: before 5.3.18-150200.24.191.1.150200.9.97.1
kernel-preempt: before 5.3.18-150200.24.191.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
ocfs2-kmp-default: before 5.3.18-150200.24.191.1
dlm-kmp-default: before 5.3.18-150200.24.191.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
gfs2-kmp-default: before 5.3.18-150200.24.191.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
cluster-md-kmp-default: before 5.3.18-150200.24.191.1
kernel-default-debugsource: before 5.3.18-150200.24.191.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.191.1
kernel-livepatch-5_3_18-150200_24_191-default: before 1-150200.5.3.1
kernel-default-debuginfo: before 5.3.18-150200.24.191.1
kernel-default-livepatch: before 5.3.18-150200.24.191.1
kernel-livepatch-SLE15-SP2_Update_48-debugsource: before 1-150200.5.3.1
kernel-livepatch-5_3_18-150200_24_191-default-debuginfo: before 1-150200.5.3.1
kernel-default: before 5.3.18-150200.24.191.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15_sp2_business_critical_linux:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_availability_extension_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15_sp2_ltss:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15_sp2_ltss:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_server:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_retail_branch_server:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_proxy:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:suse:reiserfs-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:reiserfs-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-docs:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-source:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-macros:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-devel-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-obs-build-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-syms:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-obs-build:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-devel-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-base:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:dlm-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ocfs2-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:dlm-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:gfs2-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:cluster-md-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:gfs2-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ocfs2-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:cluster-md-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-livepatch-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-5_3_18-150200_24_191-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-livepatch:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-sle15-sp2_update_48-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-5_3_18-150200_24_191-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2024/suse-su-20241650-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
28) Use-after-free
EUVDB-ID: #VU90214
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26739
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the tcf_mirred_to_dev() function in net/sched/act_mirred.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
reiserfs-kmp-default: before 5.3.18-150200.24.191.1
kernel-docs: before 5.3.18-150200.24.191.1
kernel-devel: before 5.3.18-150200.24.191.1
kernel-source: before 5.3.18-150200.24.191.1
kernel-macros: before 5.3.18-150200.24.191.1
kernel-preempt-devel: before 5.3.18-150200.24.191.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.191.1
kernel-preempt-debuginfo: before 5.3.18-150200.24.191.1
kernel-default-devel: before 5.3.18-150200.24.191.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.191.1
kernel-preempt-debugsource: before 5.3.18-150200.24.191.1
kernel-syms: before 5.3.18-150200.24.191.1
kernel-obs-build: before 5.3.18-150200.24.191.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.191.1
kernel-default-base: before 5.3.18-150200.24.191.1.150200.9.97.1
kernel-preempt: before 5.3.18-150200.24.191.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
ocfs2-kmp-default: before 5.3.18-150200.24.191.1
dlm-kmp-default: before 5.3.18-150200.24.191.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
gfs2-kmp-default: before 5.3.18-150200.24.191.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
cluster-md-kmp-default: before 5.3.18-150200.24.191.1
kernel-default-debugsource: before 5.3.18-150200.24.191.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.191.1
kernel-livepatch-5_3_18-150200_24_191-default: before 1-150200.5.3.1
kernel-default-debuginfo: before 5.3.18-150200.24.191.1
kernel-default-livepatch: before 5.3.18-150200.24.191.1
kernel-livepatch-SLE15-SP2_Update_48-debugsource: before 1-150200.5.3.1
kernel-livepatch-5_3_18-150200_24_191-default-debuginfo: before 1-150200.5.3.1
kernel-default: before 5.3.18-150200.24.191.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15_sp2_business_critical_linux:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_availability_extension_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15_sp2_ltss:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15_sp2_ltss:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_server:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_retail_branch_server:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_proxy:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:suse:reiserfs-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:reiserfs-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-docs:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-source:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-macros:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-devel-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-obs-build-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-syms:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-obs-build:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-devel-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-base:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:dlm-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ocfs2-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:dlm-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:gfs2-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:cluster-md-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:gfs2-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ocfs2-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:cluster-md-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-livepatch-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-5_3_18-150200_24_191-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-livepatch:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-sle15-sp2_update_48-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-5_3_18-150200_24_191-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2024/suse-su-20241650-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
29) NULL pointer dereference
EUVDB-ID: #VU90596
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26744
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the module_param() function in drivers/infiniband/ulp/srpt/ib_srpt.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
reiserfs-kmp-default: before 5.3.18-150200.24.191.1
kernel-docs: before 5.3.18-150200.24.191.1
kernel-devel: before 5.3.18-150200.24.191.1
kernel-source: before 5.3.18-150200.24.191.1
kernel-macros: before 5.3.18-150200.24.191.1
kernel-preempt-devel: before 5.3.18-150200.24.191.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.191.1
kernel-preempt-debuginfo: before 5.3.18-150200.24.191.1
kernel-default-devel: before 5.3.18-150200.24.191.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.191.1
kernel-preempt-debugsource: before 5.3.18-150200.24.191.1
kernel-syms: before 5.3.18-150200.24.191.1
kernel-obs-build: before 5.3.18-150200.24.191.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.191.1
kernel-default-base: before 5.3.18-150200.24.191.1.150200.9.97.1
kernel-preempt: before 5.3.18-150200.24.191.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
ocfs2-kmp-default: before 5.3.18-150200.24.191.1
dlm-kmp-default: before 5.3.18-150200.24.191.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
gfs2-kmp-default: before 5.3.18-150200.24.191.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
cluster-md-kmp-default: before 5.3.18-150200.24.191.1
kernel-default-debugsource: before 5.3.18-150200.24.191.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.191.1
kernel-livepatch-5_3_18-150200_24_191-default: before 1-150200.5.3.1
kernel-default-debuginfo: before 5.3.18-150200.24.191.1
kernel-default-livepatch: before 5.3.18-150200.24.191.1
kernel-livepatch-SLE15-SP2_Update_48-debugsource: before 1-150200.5.3.1
kernel-livepatch-5_3_18-150200_24_191-default-debuginfo: before 1-150200.5.3.1
kernel-default: before 5.3.18-150200.24.191.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15_sp2_business_critical_linux:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_availability_extension_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15_sp2_ltss:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15_sp2_ltss:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_server:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_retail_branch_server:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_proxy:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:suse:reiserfs-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:reiserfs-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-docs:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-source:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-macros:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-devel-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-obs-build-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-syms:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-obs-build:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-devel-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-base:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:dlm-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ocfs2-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:dlm-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:gfs2-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:cluster-md-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:gfs2-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ocfs2-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:cluster-md-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-livepatch-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-5_3_18-150200_24_191-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-livepatch:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-sle15-sp2_update_48-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-5_3_18-150200_24_191-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2024/suse-su-20241650-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
30) Memory leak
EUVDB-ID: #VU91650
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26816
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the print_absolute_relocs() function in arch/x86/tools/relocs.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
reiserfs-kmp-default: before 5.3.18-150200.24.191.1
kernel-docs: before 5.3.18-150200.24.191.1
kernel-devel: before 5.3.18-150200.24.191.1
kernel-source: before 5.3.18-150200.24.191.1
kernel-macros: before 5.3.18-150200.24.191.1
kernel-preempt-devel: before 5.3.18-150200.24.191.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.191.1
kernel-preempt-debuginfo: before 5.3.18-150200.24.191.1
kernel-default-devel: before 5.3.18-150200.24.191.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.191.1
kernel-preempt-debugsource: before 5.3.18-150200.24.191.1
kernel-syms: before 5.3.18-150200.24.191.1
kernel-obs-build: before 5.3.18-150200.24.191.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.191.1
kernel-default-base: before 5.3.18-150200.24.191.1.150200.9.97.1
kernel-preempt: before 5.3.18-150200.24.191.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
ocfs2-kmp-default: before 5.3.18-150200.24.191.1
dlm-kmp-default: before 5.3.18-150200.24.191.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
gfs2-kmp-default: before 5.3.18-150200.24.191.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
cluster-md-kmp-default: before 5.3.18-150200.24.191.1
kernel-default-debugsource: before 5.3.18-150200.24.191.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.191.1
kernel-livepatch-5_3_18-150200_24_191-default: before 1-150200.5.3.1
kernel-default-debuginfo: before 5.3.18-150200.24.191.1
kernel-default-livepatch: before 5.3.18-150200.24.191.1
kernel-livepatch-SLE15-SP2_Update_48-debugsource: before 1-150200.5.3.1
kernel-livepatch-5_3_18-150200_24_191-default-debuginfo: before 1-150200.5.3.1
kernel-default: before 5.3.18-150200.24.191.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15_sp2_business_critical_linux:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_availability_extension_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15_sp2_ltss:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15_sp2_ltss:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_server:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_retail_branch_server:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_proxy:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:suse:reiserfs-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:reiserfs-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-docs:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-source:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-macros:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-devel-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-obs-build-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-syms:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-obs-build:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-devel-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-base:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:dlm-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ocfs2-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:dlm-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:gfs2-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:cluster-md-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:gfs2-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ocfs2-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:cluster-md-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-livepatch-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-5_3_18-150200_24_191-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-livepatch:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-sle15-sp2_update_48-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-5_3_18-150200_24_191-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2024/suse-su-20241650-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
31) Memory leak
EUVDB-ID: #VU90005
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26840
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the kmem_cache_free() and cachefiles_daemon_unbind() functions in fs/cachefiles/bind.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
reiserfs-kmp-default: before 5.3.18-150200.24.191.1
kernel-docs: before 5.3.18-150200.24.191.1
kernel-devel: before 5.3.18-150200.24.191.1
kernel-source: before 5.3.18-150200.24.191.1
kernel-macros: before 5.3.18-150200.24.191.1
kernel-preempt-devel: before 5.3.18-150200.24.191.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.191.1
kernel-preempt-debuginfo: before 5.3.18-150200.24.191.1
kernel-default-devel: before 5.3.18-150200.24.191.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.191.1
kernel-preempt-debugsource: before 5.3.18-150200.24.191.1
kernel-syms: before 5.3.18-150200.24.191.1
kernel-obs-build: before 5.3.18-150200.24.191.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.191.1
kernel-default-base: before 5.3.18-150200.24.191.1.150200.9.97.1
kernel-preempt: before 5.3.18-150200.24.191.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
ocfs2-kmp-default: before 5.3.18-150200.24.191.1
dlm-kmp-default: before 5.3.18-150200.24.191.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
gfs2-kmp-default: before 5.3.18-150200.24.191.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
cluster-md-kmp-default: before 5.3.18-150200.24.191.1
kernel-default-debugsource: before 5.3.18-150200.24.191.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.191.1
kernel-livepatch-5_3_18-150200_24_191-default: before 1-150200.5.3.1
kernel-default-debuginfo: before 5.3.18-150200.24.191.1
kernel-default-livepatch: before 5.3.18-150200.24.191.1
kernel-livepatch-SLE15-SP2_Update_48-debugsource: before 1-150200.5.3.1
kernel-livepatch-5_3_18-150200_24_191-default-debuginfo: before 1-150200.5.3.1
kernel-default: before 5.3.18-150200.24.191.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15_sp2_business_critical_linux:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_availability_extension_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15_sp2_ltss:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15_sp2_ltss:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_server:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_retail_branch_server:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_proxy:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:suse:reiserfs-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:reiserfs-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-docs:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-source:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-macros:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-devel-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-obs-build-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-syms:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-obs-build:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-devel-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-base:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:dlm-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ocfs2-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:dlm-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:gfs2-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:cluster-md-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:gfs2-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ocfs2-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:cluster-md-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-livepatch-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-5_3_18-150200_24_191-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-livepatch:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-sle15-sp2_update_48-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-5_3_18-150200_24_191-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2024/suse-su-20241650-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
32) Use-after-free
EUVDB-ID: #VU90194
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26852
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ip6_route_multipath_add() and list_for_each_entry_safe() functions in net/ipv6/route.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
reiserfs-kmp-default: before 5.3.18-150200.24.191.1
kernel-docs: before 5.3.18-150200.24.191.1
kernel-devel: before 5.3.18-150200.24.191.1
kernel-source: before 5.3.18-150200.24.191.1
kernel-macros: before 5.3.18-150200.24.191.1
kernel-preempt-devel: before 5.3.18-150200.24.191.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.191.1
kernel-preempt-debuginfo: before 5.3.18-150200.24.191.1
kernel-default-devel: before 5.3.18-150200.24.191.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.191.1
kernel-preempt-debugsource: before 5.3.18-150200.24.191.1
kernel-syms: before 5.3.18-150200.24.191.1
kernel-obs-build: before 5.3.18-150200.24.191.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.191.1
kernel-default-base: before 5.3.18-150200.24.191.1.150200.9.97.1
kernel-preempt: before 5.3.18-150200.24.191.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
ocfs2-kmp-default: before 5.3.18-150200.24.191.1
dlm-kmp-default: before 5.3.18-150200.24.191.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
gfs2-kmp-default: before 5.3.18-150200.24.191.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
cluster-md-kmp-default: before 5.3.18-150200.24.191.1
kernel-default-debugsource: before 5.3.18-150200.24.191.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.191.1
kernel-livepatch-5_3_18-150200_24_191-default: before 1-150200.5.3.1
kernel-default-debuginfo: before 5.3.18-150200.24.191.1
kernel-default-livepatch: before 5.3.18-150200.24.191.1
kernel-livepatch-SLE15-SP2_Update_48-debugsource: before 1-150200.5.3.1
kernel-livepatch-5_3_18-150200_24_191-default-debuginfo: before 1-150200.5.3.1
kernel-default: before 5.3.18-150200.24.191.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15_sp2_business_critical_linux:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_availability_extension_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15_sp2_ltss:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15_sp2_ltss:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_server:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_retail_branch_server:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_proxy:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:suse:reiserfs-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:reiserfs-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-docs:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-source:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-macros:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-devel-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-obs-build-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-syms:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-obs-build:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-devel-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-base:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:dlm-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ocfs2-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:dlm-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:gfs2-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:cluster-md-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:gfs2-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ocfs2-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:cluster-md-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-livepatch-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-5_3_18-150200_24_191-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-livepatch:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-sle15-sp2_update_48-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-5_3_18-150200_24_191-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2024/suse-su-20241650-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
33) Race condition within a thread
EUVDB-ID: #VU91434
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26862
CWE-ID:
CWE-366 - Race Condition within a Thread
Exploit availability: No
DescriptionThe vulnerability allows a local user to manipulate data.
The vulnerability exists due to a data race within the packet_setsockopt() and packet_getsockopt() functions in net/packet/af_packet.c, within the dev_queue_xmit_nit() function in net/core/dev.c. A local user can manipulate data.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
reiserfs-kmp-default: before 5.3.18-150200.24.191.1
kernel-docs: before 5.3.18-150200.24.191.1
kernel-devel: before 5.3.18-150200.24.191.1
kernel-source: before 5.3.18-150200.24.191.1
kernel-macros: before 5.3.18-150200.24.191.1
kernel-preempt-devel: before 5.3.18-150200.24.191.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.191.1
kernel-preempt-debuginfo: before 5.3.18-150200.24.191.1
kernel-default-devel: before 5.3.18-150200.24.191.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.191.1
kernel-preempt-debugsource: before 5.3.18-150200.24.191.1
kernel-syms: before 5.3.18-150200.24.191.1
kernel-obs-build: before 5.3.18-150200.24.191.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.191.1
kernel-default-base: before 5.3.18-150200.24.191.1.150200.9.97.1
kernel-preempt: before 5.3.18-150200.24.191.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
ocfs2-kmp-default: before 5.3.18-150200.24.191.1
dlm-kmp-default: before 5.3.18-150200.24.191.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
gfs2-kmp-default: before 5.3.18-150200.24.191.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
cluster-md-kmp-default: before 5.3.18-150200.24.191.1
kernel-default-debugsource: before 5.3.18-150200.24.191.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.191.1
kernel-livepatch-5_3_18-150200_24_191-default: before 1-150200.5.3.1
kernel-default-debuginfo: before 5.3.18-150200.24.191.1
kernel-default-livepatch: before 5.3.18-150200.24.191.1
kernel-livepatch-SLE15-SP2_Update_48-debugsource: before 1-150200.5.3.1
kernel-livepatch-5_3_18-150200_24_191-default-debuginfo: before 1-150200.5.3.1
kernel-default: before 5.3.18-150200.24.191.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15_sp2_business_critical_linux:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_availability_extension_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15_sp2_ltss:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15_sp2_ltss:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_server:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_retail_branch_server:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_proxy:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:suse:reiserfs-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:reiserfs-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-docs:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-source:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-macros:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-devel-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-obs-build-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-syms:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-obs-build:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-devel-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-base:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:dlm-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ocfs2-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:dlm-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:gfs2-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:cluster-md-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:gfs2-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ocfs2-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:cluster-md-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-livepatch-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-5_3_18-150200_24_191-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-livepatch:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-sle15-sp2_update_48-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-5_3_18-150200_24_191-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2024/suse-su-20241650-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
34) Use-after-free
EUVDB-ID: #VU90197
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26898
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the tx() function in drivers/block/aoe/aoenet.c, within the aoecmd_cfg_pkts() function in drivers/block/aoe/aoecmd.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
reiserfs-kmp-default: before 5.3.18-150200.24.191.1
kernel-docs: before 5.3.18-150200.24.191.1
kernel-devel: before 5.3.18-150200.24.191.1
kernel-source: before 5.3.18-150200.24.191.1
kernel-macros: before 5.3.18-150200.24.191.1
kernel-preempt-devel: before 5.3.18-150200.24.191.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.191.1
kernel-preempt-debuginfo: before 5.3.18-150200.24.191.1
kernel-default-devel: before 5.3.18-150200.24.191.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.191.1
kernel-preempt-debugsource: before 5.3.18-150200.24.191.1
kernel-syms: before 5.3.18-150200.24.191.1
kernel-obs-build: before 5.3.18-150200.24.191.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.191.1
kernel-default-base: before 5.3.18-150200.24.191.1.150200.9.97.1
kernel-preempt: before 5.3.18-150200.24.191.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
ocfs2-kmp-default: before 5.3.18-150200.24.191.1
dlm-kmp-default: before 5.3.18-150200.24.191.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
gfs2-kmp-default: before 5.3.18-150200.24.191.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
cluster-md-kmp-default: before 5.3.18-150200.24.191.1
kernel-default-debugsource: before 5.3.18-150200.24.191.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.191.1
kernel-livepatch-5_3_18-150200_24_191-default: before 1-150200.5.3.1
kernel-default-debuginfo: before 5.3.18-150200.24.191.1
kernel-default-livepatch: before 5.3.18-150200.24.191.1
kernel-livepatch-SLE15-SP2_Update_48-debugsource: before 1-150200.5.3.1
kernel-livepatch-5_3_18-150200_24_191-default-debuginfo: before 1-150200.5.3.1
kernel-default: before 5.3.18-150200.24.191.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15_sp2_business_critical_linux:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_availability_extension_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15_sp2_ltss:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15_sp2_ltss:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_server:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_retail_branch_server:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_proxy:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:suse:reiserfs-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:reiserfs-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-docs:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-source:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-macros:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-devel-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-obs-build-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-syms:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-obs-build:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-devel-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-base:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:dlm-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ocfs2-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:dlm-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:gfs2-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:cluster-md-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:gfs2-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ocfs2-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:cluster-md-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-livepatch-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-5_3_18-150200_24_191-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-livepatch:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-sle15-sp2_update_48-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-5_3_18-150200_24_191-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2024/suse-su-20241650-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
35) NULL pointer dereference
EUVDB-ID: #VU92070
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26903
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the rfcomm_process_rx() function in net/bluetooth/rfcomm/core.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
reiserfs-kmp-default: before 5.3.18-150200.24.191.1
kernel-docs: before 5.3.18-150200.24.191.1
kernel-devel: before 5.3.18-150200.24.191.1
kernel-source: before 5.3.18-150200.24.191.1
kernel-macros: before 5.3.18-150200.24.191.1
kernel-preempt-devel: before 5.3.18-150200.24.191.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.191.1
kernel-preempt-debuginfo: before 5.3.18-150200.24.191.1
kernel-default-devel: before 5.3.18-150200.24.191.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.191.1
kernel-preempt-debugsource: before 5.3.18-150200.24.191.1
kernel-syms: before 5.3.18-150200.24.191.1
kernel-obs-build: before 5.3.18-150200.24.191.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.191.1
kernel-default-base: before 5.3.18-150200.24.191.1.150200.9.97.1
kernel-preempt: before 5.3.18-150200.24.191.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
ocfs2-kmp-default: before 5.3.18-150200.24.191.1
dlm-kmp-default: before 5.3.18-150200.24.191.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
gfs2-kmp-default: before 5.3.18-150200.24.191.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
cluster-md-kmp-default: before 5.3.18-150200.24.191.1
kernel-default-debugsource: before 5.3.18-150200.24.191.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.191.1
kernel-livepatch-5_3_18-150200_24_191-default: before 1-150200.5.3.1
kernel-default-debuginfo: before 5.3.18-150200.24.191.1
kernel-default-livepatch: before 5.3.18-150200.24.191.1
kernel-livepatch-SLE15-SP2_Update_48-debugsource: before 1-150200.5.3.1
kernel-livepatch-5_3_18-150200_24_191-default-debuginfo: before 1-150200.5.3.1
kernel-default: before 5.3.18-150200.24.191.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15_sp2_business_critical_linux:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_availability_extension_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15_sp2_ltss:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15_sp2_ltss:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_server:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_retail_branch_server:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_proxy:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:suse:reiserfs-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:reiserfs-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-docs:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-source:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-macros:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-devel-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-obs-build-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-syms:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-obs-build:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-devel-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-base:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:dlm-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ocfs2-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:dlm-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:gfs2-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:cluster-md-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:gfs2-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ocfs2-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:cluster-md-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-livepatch-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-5_3_18-150200_24_191-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-livepatch:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-sle15-sp2_update_48-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-5_3_18-150200_24_191-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2024/suse-su-20241650-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
36) Improper error handling
EUVDB-ID: #VU92944
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26906
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the copy_from_kernel_nofault_allowed() function in arch/x86/mm/maccess.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
reiserfs-kmp-default: before 5.3.18-150200.24.191.1
kernel-docs: before 5.3.18-150200.24.191.1
kernel-devel: before 5.3.18-150200.24.191.1
kernel-source: before 5.3.18-150200.24.191.1
kernel-macros: before 5.3.18-150200.24.191.1
kernel-preempt-devel: before 5.3.18-150200.24.191.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.191.1
kernel-preempt-debuginfo: before 5.3.18-150200.24.191.1
kernel-default-devel: before 5.3.18-150200.24.191.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.191.1
kernel-preempt-debugsource: before 5.3.18-150200.24.191.1
kernel-syms: before 5.3.18-150200.24.191.1
kernel-obs-build: before 5.3.18-150200.24.191.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.191.1
kernel-default-base: before 5.3.18-150200.24.191.1.150200.9.97.1
kernel-preempt: before 5.3.18-150200.24.191.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
ocfs2-kmp-default: before 5.3.18-150200.24.191.1
dlm-kmp-default: before 5.3.18-150200.24.191.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
gfs2-kmp-default: before 5.3.18-150200.24.191.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
cluster-md-kmp-default: before 5.3.18-150200.24.191.1
kernel-default-debugsource: before 5.3.18-150200.24.191.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.191.1
kernel-livepatch-5_3_18-150200_24_191-default: before 1-150200.5.3.1
kernel-default-debuginfo: before 5.3.18-150200.24.191.1
kernel-default-livepatch: before 5.3.18-150200.24.191.1
kernel-livepatch-SLE15-SP2_Update_48-debugsource: before 1-150200.5.3.1
kernel-livepatch-5_3_18-150200_24_191-default-debuginfo: before 1-150200.5.3.1
kernel-default: before 5.3.18-150200.24.191.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15_sp2_business_critical_linux:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_availability_extension_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15_sp2_ltss:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15_sp2_ltss:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_server:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_retail_branch_server:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_proxy:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:suse:reiserfs-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:reiserfs-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-docs:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-source:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-macros:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-devel-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-obs-build-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-syms:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-obs-build:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-devel-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-base:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:dlm-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ocfs2-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:dlm-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:gfs2-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:cluster-md-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:gfs2-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ocfs2-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:cluster-md-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-livepatch-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-5_3_18-150200_24_191-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-livepatch:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-sle15-sp2_update_48-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-5_3_18-150200_24_191-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2024/suse-su-20241650-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
37) Use-after-free
EUVDB-ID: #VU90178
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-27043
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the dvb_register_device() function in drivers/media/dvb-core/dvbdev.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Live Patching: 15-SP2
SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2
SUSE Linux Enterprise High Availability Extension 15: SP2
SUSE Linux Enterprise Server for SAP Applications 15: SP2
SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise Server 15: SP2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2
SUSE Linux Enterprise High Performance Computing 15: SP2
SUSE Manager Server: 4.1
SUSE Manager Retail Branch Server: 4.1
SUSE Manager Proxy: 4.1
reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
reiserfs-kmp-default: before 5.3.18-150200.24.191.1
kernel-docs: before 5.3.18-150200.24.191.1
kernel-devel: before 5.3.18-150200.24.191.1
kernel-source: before 5.3.18-150200.24.191.1
kernel-macros: before 5.3.18-150200.24.191.1
kernel-preempt-devel: before 5.3.18-150200.24.191.1
kernel-default-devel-debuginfo: before 5.3.18-150200.24.191.1
kernel-preempt-debuginfo: before 5.3.18-150200.24.191.1
kernel-default-devel: before 5.3.18-150200.24.191.1
kernel-obs-build-debugsource: before 5.3.18-150200.24.191.1
kernel-preempt-debugsource: before 5.3.18-150200.24.191.1
kernel-syms: before 5.3.18-150200.24.191.1
kernel-obs-build: before 5.3.18-150200.24.191.1
kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.191.1
kernel-default-base: before 5.3.18-150200.24.191.1.150200.9.97.1
kernel-preempt: before 5.3.18-150200.24.191.1
dlm-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
ocfs2-kmp-default: before 5.3.18-150200.24.191.1
dlm-kmp-default: before 5.3.18-150200.24.191.1
gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
gfs2-kmp-default: before 5.3.18-150200.24.191.1
ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1
cluster-md-kmp-default: before 5.3.18-150200.24.191.1
kernel-default-debugsource: before 5.3.18-150200.24.191.1
kernel-default-livepatch-devel: before 5.3.18-150200.24.191.1
kernel-livepatch-5_3_18-150200_24_191-default: before 1-150200.5.3.1
kernel-default-debuginfo: before 5.3.18-150200.24.191.1
kernel-default-livepatch: before 5.3.18-150200.24.191.1
kernel-livepatch-SLE15-SP2_Update_48-debugsource: before 1-150200.5.3.1
kernel-livepatch-5_3_18-150200_24_191-default-debuginfo: before 1-150200.5.3.1
kernel-default: before 5.3.18-150200.24.191.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_live_patching:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15_sp2_business_critical_linux:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_availability_extension_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15_sp2_ltss:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15_sp2_ltss:15-SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP2:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_server:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_retail_branch_server:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_manager_proxy:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:suse:reiserfs-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:reiserfs-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-docs:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-source:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-macros:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-devel-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-obs-build-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-syms:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-obs-build:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt-devel-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-base:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-preempt:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:dlm-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ocfs2-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:dlm-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:gfs2-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:cluster-md-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:gfs2-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:ocfs2-kmp-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:cluster-md-kmp-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-livepatch-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-5_3_18-150200_24_191-default:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default-livepatch:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-sle15-sp2_update_48-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-livepatch-5_3_18-150200_24_191-default-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:kernel-default:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2024/suse-su-20241650-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
