SUSE update for the Linux Kernel



Risk Medium
Patch available YES
Number of vulnerabilities 37
CVE-ID CVE-2021-46955
CVE-2021-47041
CVE-2021-47074
CVE-2021-47113
CVE-2021-47131
CVE-2021-47184
CVE-2021-47185
CVE-2021-47194
CVE-2021-47198
CVE-2021-47201
CVE-2021-47203
CVE-2021-47206
CVE-2021-47207
CVE-2021-47212
CVE-2022-48631
CVE-2022-48651
CVE-2022-48654
CVE-2022-48687
CVE-2023-2860
CVE-2023-6270
CVE-2024-0639
CVE-2024-0841
CVE-2024-22099
CVE-2024-23307
CVE-2024-26688
CVE-2024-26689
CVE-2024-26733
CVE-2024-26739
CVE-2024-26744
CVE-2024-26816
CVE-2024-26840
CVE-2024-26852
CVE-2024-26862
CVE-2024-26898
CVE-2024-26903
CVE-2024-26906
CVE-2024-27043
CWE-ID CWE-125
CWE-667
CWE-401
CWE-399
CWE-416
CWE-476
CWE-665
CWE-119
CWE-388
CWE-190
CWE-366
Exploitation vector Network
Public exploit N/A
Vulnerable software
 SUSE Linux Enterprise Live Patching
Operating systems & Components / Operating system

SUSE Linux Enterprise Server 15 SP2 Business Critical Linux
Operating systems & Components / Operating system

SUSE Linux Enterprise High Availability Extension 15
Operating systems & Components / Operating system

SUSE Linux Enterprise Server for SAP Applications 15
Operating systems & Components / Operating system

SUSE Linux Enterprise Server 15 SP2 LTSS
Operating systems & Components / Operating system

SUSE Linux Enterprise Server 15
Operating systems & Components / Operating system

SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS
Operating systems & Components / Operating system

SUSE Linux Enterprise High Performance Computing 15
Operating systems & Components / Operating system

SUSE Manager Server
Operating systems & Components / Operating system

SUSE Manager Retail Branch Server
Operating systems & Components / Operating system

SUSE Manager Proxy
Operating systems & Components / Operating system

reiserfs-kmp-default-debuginfo
Operating systems & Components / Operating system package or component

reiserfs-kmp-default
Operating systems & Components / Operating system package or component

kernel-docs
Operating systems & Components / Operating system package or component

kernel-devel
Operating systems & Components / Operating system package or component

kernel-source
Operating systems & Components / Operating system package or component

kernel-macros
Operating systems & Components / Operating system package or component

kernel-preempt-devel
Operating systems & Components / Operating system package or component

kernel-default-devel-debuginfo
Operating systems & Components / Operating system package or component

kernel-preempt-debuginfo
Operating systems & Components / Operating system package or component

kernel-default-devel
Operating systems & Components / Operating system package or component

kernel-obs-build-debugsource
Operating systems & Components / Operating system package or component

kernel-preempt-debugsource
Operating systems & Components / Operating system package or component

kernel-syms
Operating systems & Components / Operating system package or component

kernel-obs-build
Operating systems & Components / Operating system package or component

kernel-preempt-devel-debuginfo
Operating systems & Components / Operating system package or component

kernel-default-base
Operating systems & Components / Operating system package or component

kernel-preempt
Operating systems & Components / Operating system package or component

dlm-kmp-default-debuginfo
Operating systems & Components / Operating system package or component

ocfs2-kmp-default
Operating systems & Components / Operating system package or component

dlm-kmp-default
Operating systems & Components / Operating system package or component

gfs2-kmp-default-debuginfo
Operating systems & Components / Operating system package or component

cluster-md-kmp-default-debuginfo
Operating systems & Components / Operating system package or component

gfs2-kmp-default
Operating systems & Components / Operating system package or component

ocfs2-kmp-default-debuginfo
Operating systems & Components / Operating system package or component

cluster-md-kmp-default
Operating systems & Components / Operating system package or component

kernel-default-debugsource
Operating systems & Components / Operating system package or component

kernel-default-livepatch-devel
Operating systems & Components / Operating system package or component

kernel-livepatch-5_3_18-150200_24_191-default
Operating systems & Components / Operating system package or component

kernel-default-debuginfo
Operating systems & Components / Operating system package or component

kernel-default-livepatch
Operating systems & Components / Operating system package or component

kernel-livepatch-SLE15-SP2_Update_48-debugsource
Operating systems & Components / Operating system package or component

kernel-livepatch-5_3_18-150200_24_191-default-debuginfo
Operating systems & Components / Operating system package or component

kernel-default
Operating systems & Components / Operating system package or component

Vendor SUSE

Security Bulletin

This security bulletin contains information about 37 vulnerabilities.

1) Out-of-bounds read

EUVDB-ID: #VU88889

Risk: Medium

CVSSv4.0: 1.7 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2021-46955

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition within the ovs_fragment() function in net/openvswitch/actions.c when running openvswitch on kernels built with KASAN. A remote attacker can send specially crafted IPv4 packets to the system, trigger an out-of-bounds read error and read contents of memory on the system or crash the kernel.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP2

SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2

SUSE Linux Enterprise High Availability Extension 15: SP2

SUSE Linux Enterprise Server for SAP Applications 15: SP2

SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise Server 15: SP2

SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise High Performance Computing 15: SP2

SUSE Manager Server: 4.1

SUSE Manager Retail Branch Server: 4.1

SUSE Manager Proxy: 4.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

reiserfs-kmp-default: before 5.3.18-150200.24.191.1

kernel-docs: before 5.3.18-150200.24.191.1

kernel-devel: before 5.3.18-150200.24.191.1

kernel-source: before 5.3.18-150200.24.191.1

kernel-macros: before 5.3.18-150200.24.191.1

kernel-preempt-devel: before 5.3.18-150200.24.191.1

kernel-default-devel-debuginfo: before 5.3.18-150200.24.191.1

kernel-preempt-debuginfo: before 5.3.18-150200.24.191.1

kernel-default-devel: before 5.3.18-150200.24.191.1

kernel-obs-build-debugsource: before 5.3.18-150200.24.191.1

kernel-preempt-debugsource: before 5.3.18-150200.24.191.1

kernel-syms: before 5.3.18-150200.24.191.1

kernel-obs-build: before 5.3.18-150200.24.191.1

kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.191.1

kernel-default-base: before 5.3.18-150200.24.191.1.150200.9.97.1

kernel-preempt: before 5.3.18-150200.24.191.1

dlm-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

ocfs2-kmp-default: before 5.3.18-150200.24.191.1

dlm-kmp-default: before 5.3.18-150200.24.191.1

gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

gfs2-kmp-default: before 5.3.18-150200.24.191.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

cluster-md-kmp-default: before 5.3.18-150200.24.191.1

kernel-default-debugsource: before 5.3.18-150200.24.191.1

kernel-default-livepatch-devel: before 5.3.18-150200.24.191.1

kernel-livepatch-5_3_18-150200_24_191-default: before 1-150200.5.3.1

kernel-default-debuginfo: before 5.3.18-150200.24.191.1

kernel-default-livepatch: before 5.3.18-150200.24.191.1

kernel-livepatch-SLE15-SP2_Update_48-debugsource: before 1-150200.5.3.1

kernel-livepatch-5_3_18-150200_24_191-default-debuginfo: before 1-150200.5.3.1

kernel-default: before 5.3.18-150200.24.191.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241650-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Improper locking

EUVDB-ID: #VU89745

Risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2021-47041

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the nvmet_tcp_state_change() function in drivers/nvme/target/tcp.c. An remote attacker can send specially crafted packets to the system and perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP2

SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2

SUSE Linux Enterprise High Availability Extension 15: SP2

SUSE Linux Enterprise Server for SAP Applications 15: SP2

SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise Server 15: SP2

SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise High Performance Computing 15: SP2

SUSE Manager Server: 4.1

SUSE Manager Retail Branch Server: 4.1

SUSE Manager Proxy: 4.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

reiserfs-kmp-default: before 5.3.18-150200.24.191.1

kernel-docs: before 5.3.18-150200.24.191.1

kernel-devel: before 5.3.18-150200.24.191.1

kernel-source: before 5.3.18-150200.24.191.1

kernel-macros: before 5.3.18-150200.24.191.1

kernel-preempt-devel: before 5.3.18-150200.24.191.1

kernel-default-devel-debuginfo: before 5.3.18-150200.24.191.1

kernel-preempt-debuginfo: before 5.3.18-150200.24.191.1

kernel-default-devel: before 5.3.18-150200.24.191.1

kernel-obs-build-debugsource: before 5.3.18-150200.24.191.1

kernel-preempt-debugsource: before 5.3.18-150200.24.191.1

kernel-syms: before 5.3.18-150200.24.191.1

kernel-obs-build: before 5.3.18-150200.24.191.1

kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.191.1

kernel-default-base: before 5.3.18-150200.24.191.1.150200.9.97.1

kernel-preempt: before 5.3.18-150200.24.191.1

dlm-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

ocfs2-kmp-default: before 5.3.18-150200.24.191.1

dlm-kmp-default: before 5.3.18-150200.24.191.1

gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

gfs2-kmp-default: before 5.3.18-150200.24.191.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

cluster-md-kmp-default: before 5.3.18-150200.24.191.1

kernel-default-debugsource: before 5.3.18-150200.24.191.1

kernel-default-livepatch-devel: before 5.3.18-150200.24.191.1

kernel-livepatch-5_3_18-150200_24_191-default: before 1-150200.5.3.1

kernel-default-debuginfo: before 5.3.18-150200.24.191.1

kernel-default-livepatch: before 5.3.18-150200.24.191.1

kernel-livepatch-SLE15-SP2_Update_48-debugsource: before 1-150200.5.3.1

kernel-livepatch-5_3_18-150200_24_191-default-debuginfo: before 1-150200.5.3.1

kernel-default: before 5.3.18-150200.24.191.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241650-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Memory leak

EUVDB-ID: #VU90027

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47074

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the nvme_loop_create_ctrl() function in drivers/nvme/target/loop.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP2

SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2

SUSE Linux Enterprise High Availability Extension 15: SP2

SUSE Linux Enterprise Server for SAP Applications 15: SP2

SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise Server 15: SP2

SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise High Performance Computing 15: SP2

SUSE Manager Server: 4.1

SUSE Manager Retail Branch Server: 4.1

SUSE Manager Proxy: 4.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

reiserfs-kmp-default: before 5.3.18-150200.24.191.1

kernel-docs: before 5.3.18-150200.24.191.1

kernel-devel: before 5.3.18-150200.24.191.1

kernel-source: before 5.3.18-150200.24.191.1

kernel-macros: before 5.3.18-150200.24.191.1

kernel-preempt-devel: before 5.3.18-150200.24.191.1

kernel-default-devel-debuginfo: before 5.3.18-150200.24.191.1

kernel-preempt-debuginfo: before 5.3.18-150200.24.191.1

kernel-default-devel: before 5.3.18-150200.24.191.1

kernel-obs-build-debugsource: before 5.3.18-150200.24.191.1

kernel-preempt-debugsource: before 5.3.18-150200.24.191.1

kernel-syms: before 5.3.18-150200.24.191.1

kernel-obs-build: before 5.3.18-150200.24.191.1

kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.191.1

kernel-default-base: before 5.3.18-150200.24.191.1.150200.9.97.1

kernel-preempt: before 5.3.18-150200.24.191.1

dlm-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

ocfs2-kmp-default: before 5.3.18-150200.24.191.1

dlm-kmp-default: before 5.3.18-150200.24.191.1

gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

gfs2-kmp-default: before 5.3.18-150200.24.191.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

cluster-md-kmp-default: before 5.3.18-150200.24.191.1

kernel-default-debugsource: before 5.3.18-150200.24.191.1

kernel-default-livepatch-devel: before 5.3.18-150200.24.191.1

kernel-livepatch-5_3_18-150200_24_191-default: before 1-150200.5.3.1

kernel-default-debuginfo: before 5.3.18-150200.24.191.1

kernel-default-livepatch: before 5.3.18-150200.24.191.1

kernel-livepatch-SLE15-SP2_Update_48-debugsource: before 1-150200.5.3.1

kernel-livepatch-5_3_18-150200_24_191-default-debuginfo: before 1-150200.5.3.1

kernel-default: before 5.3.18-150200.24.191.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241650-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Resource management error

EUVDB-ID: #VU89258

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47113

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper management of internal resources within the btrfs_rename_exchange() function in fs/btrfs/inode.c. A local user can corrupt the filesystem and perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP2

SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2

SUSE Linux Enterprise High Availability Extension 15: SP2

SUSE Linux Enterprise Server for SAP Applications 15: SP2

SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise Server 15: SP2

SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise High Performance Computing 15: SP2

SUSE Manager Server: 4.1

SUSE Manager Retail Branch Server: 4.1

SUSE Manager Proxy: 4.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

reiserfs-kmp-default: before 5.3.18-150200.24.191.1

kernel-docs: before 5.3.18-150200.24.191.1

kernel-devel: before 5.3.18-150200.24.191.1

kernel-source: before 5.3.18-150200.24.191.1

kernel-macros: before 5.3.18-150200.24.191.1

kernel-preempt-devel: before 5.3.18-150200.24.191.1

kernel-default-devel-debuginfo: before 5.3.18-150200.24.191.1

kernel-preempt-debuginfo: before 5.3.18-150200.24.191.1

kernel-default-devel: before 5.3.18-150200.24.191.1

kernel-obs-build-debugsource: before 5.3.18-150200.24.191.1

kernel-preempt-debugsource: before 5.3.18-150200.24.191.1

kernel-syms: before 5.3.18-150200.24.191.1

kernel-obs-build: before 5.3.18-150200.24.191.1

kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.191.1

kernel-default-base: before 5.3.18-150200.24.191.1.150200.9.97.1

kernel-preempt: before 5.3.18-150200.24.191.1

dlm-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

ocfs2-kmp-default: before 5.3.18-150200.24.191.1

dlm-kmp-default: before 5.3.18-150200.24.191.1

gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

gfs2-kmp-default: before 5.3.18-150200.24.191.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

cluster-md-kmp-default: before 5.3.18-150200.24.191.1

kernel-default-debugsource: before 5.3.18-150200.24.191.1

kernel-default-livepatch-devel: before 5.3.18-150200.24.191.1

kernel-livepatch-5_3_18-150200_24_191-default: before 1-150200.5.3.1

kernel-default-debuginfo: before 5.3.18-150200.24.191.1

kernel-default-livepatch: before 5.3.18-150200.24.191.1

kernel-livepatch-SLE15-SP2_Update_48-debugsource: before 1-150200.5.3.1

kernel-livepatch-5_3_18-150200_24_191-default-debuginfo: before 1-150200.5.3.1

kernel-default: before 5.3.18-150200.24.191.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241650-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Use-after-free

EUVDB-ID: #VU90223

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47131

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the tls_ctx_create() function in net/tls/tls_main.c, within the tls_validate_xmit_skb() function in net/tls/tls_device_fallback.c, within the tls_device_gc_task(), tls_device_rx_resync_new_rec(), tls_device_decrypted() and tls_device_down() functions in net/tls/tls_device.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP2

SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2

SUSE Linux Enterprise High Availability Extension 15: SP2

SUSE Linux Enterprise Server for SAP Applications 15: SP2

SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise Server 15: SP2

SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise High Performance Computing 15: SP2

SUSE Manager Server: 4.1

SUSE Manager Retail Branch Server: 4.1

SUSE Manager Proxy: 4.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

reiserfs-kmp-default: before 5.3.18-150200.24.191.1

kernel-docs: before 5.3.18-150200.24.191.1

kernel-devel: before 5.3.18-150200.24.191.1

kernel-source: before 5.3.18-150200.24.191.1

kernel-macros: before 5.3.18-150200.24.191.1

kernel-preempt-devel: before 5.3.18-150200.24.191.1

kernel-default-devel-debuginfo: before 5.3.18-150200.24.191.1

kernel-preempt-debuginfo: before 5.3.18-150200.24.191.1

kernel-default-devel: before 5.3.18-150200.24.191.1

kernel-obs-build-debugsource: before 5.3.18-150200.24.191.1

kernel-preempt-debugsource: before 5.3.18-150200.24.191.1

kernel-syms: before 5.3.18-150200.24.191.1

kernel-obs-build: before 5.3.18-150200.24.191.1

kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.191.1

kernel-default-base: before 5.3.18-150200.24.191.1.150200.9.97.1

kernel-preempt: before 5.3.18-150200.24.191.1

dlm-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

ocfs2-kmp-default: before 5.3.18-150200.24.191.1

dlm-kmp-default: before 5.3.18-150200.24.191.1

gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

gfs2-kmp-default: before 5.3.18-150200.24.191.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

cluster-md-kmp-default: before 5.3.18-150200.24.191.1

kernel-default-debugsource: before 5.3.18-150200.24.191.1

kernel-default-livepatch-devel: before 5.3.18-150200.24.191.1

kernel-livepatch-5_3_18-150200_24_191-default: before 1-150200.5.3.1

kernel-default-debuginfo: before 5.3.18-150200.24.191.1

kernel-default-livepatch: before 5.3.18-150200.24.191.1

kernel-livepatch-SLE15-SP2_Update_48-debugsource: before 1-150200.5.3.1

kernel-livepatch-5_3_18-150200_24_191-default-debuginfo: before 1-150200.5.3.1

kernel-default: before 5.3.18-150200.24.191.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241650-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) NULL pointer dereference

EUVDB-ID: #VU90587

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47184

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the i40e_sync_filters_subtask() and i40e_vsi_release() functions in drivers/net/ethernet/intel/i40e/i40e_main.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP2

SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2

SUSE Linux Enterprise High Availability Extension 15: SP2

SUSE Linux Enterprise Server for SAP Applications 15: SP2

SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise Server 15: SP2

SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise High Performance Computing 15: SP2

SUSE Manager Server: 4.1

SUSE Manager Retail Branch Server: 4.1

SUSE Manager Proxy: 4.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

reiserfs-kmp-default: before 5.3.18-150200.24.191.1

kernel-docs: before 5.3.18-150200.24.191.1

kernel-devel: before 5.3.18-150200.24.191.1

kernel-source: before 5.3.18-150200.24.191.1

kernel-macros: before 5.3.18-150200.24.191.1

kernel-preempt-devel: before 5.3.18-150200.24.191.1

kernel-default-devel-debuginfo: before 5.3.18-150200.24.191.1

kernel-preempt-debuginfo: before 5.3.18-150200.24.191.1

kernel-default-devel: before 5.3.18-150200.24.191.1

kernel-obs-build-debugsource: before 5.3.18-150200.24.191.1

kernel-preempt-debugsource: before 5.3.18-150200.24.191.1

kernel-syms: before 5.3.18-150200.24.191.1

kernel-obs-build: before 5.3.18-150200.24.191.1

kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.191.1

kernel-default-base: before 5.3.18-150200.24.191.1.150200.9.97.1

kernel-preempt: before 5.3.18-150200.24.191.1

dlm-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

ocfs2-kmp-default: before 5.3.18-150200.24.191.1

dlm-kmp-default: before 5.3.18-150200.24.191.1

gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

gfs2-kmp-default: before 5.3.18-150200.24.191.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

cluster-md-kmp-default: before 5.3.18-150200.24.191.1

kernel-default-debugsource: before 5.3.18-150200.24.191.1

kernel-default-livepatch-devel: before 5.3.18-150200.24.191.1

kernel-livepatch-5_3_18-150200_24_191-default: before 1-150200.5.3.1

kernel-default-debuginfo: before 5.3.18-150200.24.191.1

kernel-default-livepatch: before 5.3.18-150200.24.191.1

kernel-livepatch-SLE15-SP2_Update_48-debugsource: before 1-150200.5.3.1

kernel-livepatch-5_3_18-150200_24_191-default-debuginfo: before 1-150200.5.3.1

kernel-default: before 5.3.18-150200.24.191.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241650-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Improper locking

EUVDB-ID: #VU91528

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47185

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the flush_to_ldisc() function in drivers/tty/tty_buffer.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP2

SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2

SUSE Linux Enterprise High Availability Extension 15: SP2

SUSE Linux Enterprise Server for SAP Applications 15: SP2

SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise Server 15: SP2

SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise High Performance Computing 15: SP2

SUSE Manager Server: 4.1

SUSE Manager Retail Branch Server: 4.1

SUSE Manager Proxy: 4.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

reiserfs-kmp-default: before 5.3.18-150200.24.191.1

kernel-docs: before 5.3.18-150200.24.191.1

kernel-devel: before 5.3.18-150200.24.191.1

kernel-source: before 5.3.18-150200.24.191.1

kernel-macros: before 5.3.18-150200.24.191.1

kernel-preempt-devel: before 5.3.18-150200.24.191.1

kernel-default-devel-debuginfo: before 5.3.18-150200.24.191.1

kernel-preempt-debuginfo: before 5.3.18-150200.24.191.1

kernel-default-devel: before 5.3.18-150200.24.191.1

kernel-obs-build-debugsource: before 5.3.18-150200.24.191.1

kernel-preempt-debugsource: before 5.3.18-150200.24.191.1

kernel-syms: before 5.3.18-150200.24.191.1

kernel-obs-build: before 5.3.18-150200.24.191.1

kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.191.1

kernel-default-base: before 5.3.18-150200.24.191.1.150200.9.97.1

kernel-preempt: before 5.3.18-150200.24.191.1

dlm-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

ocfs2-kmp-default: before 5.3.18-150200.24.191.1

dlm-kmp-default: before 5.3.18-150200.24.191.1

gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

gfs2-kmp-default: before 5.3.18-150200.24.191.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

cluster-md-kmp-default: before 5.3.18-150200.24.191.1

kernel-default-debugsource: before 5.3.18-150200.24.191.1

kernel-default-livepatch-devel: before 5.3.18-150200.24.191.1

kernel-livepatch-5_3_18-150200_24_191-default: before 1-150200.5.3.1

kernel-default-debuginfo: before 5.3.18-150200.24.191.1

kernel-default-livepatch: before 5.3.18-150200.24.191.1

kernel-livepatch-SLE15-SP2_Update_48-debugsource: before 1-150200.5.3.1

kernel-livepatch-5_3_18-150200_24_191-default-debuginfo: before 1-150200.5.3.1

kernel-default: before 5.3.18-150200.24.191.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241650-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) Improper initialization

EUVDB-ID: #VU92392

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47194

CWE-ID: CWE-665 - Improper Initialization

Exploit availability: No

Description

The vulnerability allows a local user to execute arbitrary code.

The vulnerability exists due to improper initialization error within the cfg80211_change_iface() function in net/wireless/util.c. A local user can execute arbitrary code.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP2

SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2

SUSE Linux Enterprise High Availability Extension 15: SP2

SUSE Linux Enterprise Server for SAP Applications 15: SP2

SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise Server 15: SP2

SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise High Performance Computing 15: SP2

SUSE Manager Server: 4.1

SUSE Manager Retail Branch Server: 4.1

SUSE Manager Proxy: 4.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

reiserfs-kmp-default: before 5.3.18-150200.24.191.1

kernel-docs: before 5.3.18-150200.24.191.1

kernel-devel: before 5.3.18-150200.24.191.1

kernel-source: before 5.3.18-150200.24.191.1

kernel-macros: before 5.3.18-150200.24.191.1

kernel-preempt-devel: before 5.3.18-150200.24.191.1

kernel-default-devel-debuginfo: before 5.3.18-150200.24.191.1

kernel-preempt-debuginfo: before 5.3.18-150200.24.191.1

kernel-default-devel: before 5.3.18-150200.24.191.1

kernel-obs-build-debugsource: before 5.3.18-150200.24.191.1

kernel-preempt-debugsource: before 5.3.18-150200.24.191.1

kernel-syms: before 5.3.18-150200.24.191.1

kernel-obs-build: before 5.3.18-150200.24.191.1

kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.191.1

kernel-default-base: before 5.3.18-150200.24.191.1.150200.9.97.1

kernel-preempt: before 5.3.18-150200.24.191.1

dlm-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

ocfs2-kmp-default: before 5.3.18-150200.24.191.1

dlm-kmp-default: before 5.3.18-150200.24.191.1

gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

gfs2-kmp-default: before 5.3.18-150200.24.191.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

cluster-md-kmp-default: before 5.3.18-150200.24.191.1

kernel-default-debugsource: before 5.3.18-150200.24.191.1

kernel-default-livepatch-devel: before 5.3.18-150200.24.191.1

kernel-livepatch-5_3_18-150200_24_191-default: before 1-150200.5.3.1

kernel-default-debuginfo: before 5.3.18-150200.24.191.1

kernel-default-livepatch: before 5.3.18-150200.24.191.1

kernel-livepatch-SLE15-SP2_Update_48-debugsource: before 1-150200.5.3.1

kernel-livepatch-5_3_18-150200_24_191-default-debuginfo: before 1-150200.5.3.1

kernel-default: before 5.3.18-150200.24.191.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241650-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

9) Use-after-free

EUVDB-ID: #VU90208

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47198

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the lpfc_mbx_cmpl_fc_reg_login() function in drivers/scsi/lpfc/lpfc_hbadisc.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP2

SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2

SUSE Linux Enterprise High Availability Extension 15: SP2

SUSE Linux Enterprise Server for SAP Applications 15: SP2

SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise Server 15: SP2

SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise High Performance Computing 15: SP2

SUSE Manager Server: 4.1

SUSE Manager Retail Branch Server: 4.1

SUSE Manager Proxy: 4.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

reiserfs-kmp-default: before 5.3.18-150200.24.191.1

kernel-docs: before 5.3.18-150200.24.191.1

kernel-devel: before 5.3.18-150200.24.191.1

kernel-source: before 5.3.18-150200.24.191.1

kernel-macros: before 5.3.18-150200.24.191.1

kernel-preempt-devel: before 5.3.18-150200.24.191.1

kernel-default-devel-debuginfo: before 5.3.18-150200.24.191.1

kernel-preempt-debuginfo: before 5.3.18-150200.24.191.1

kernel-default-devel: before 5.3.18-150200.24.191.1

kernel-obs-build-debugsource: before 5.3.18-150200.24.191.1

kernel-preempt-debugsource: before 5.3.18-150200.24.191.1

kernel-syms: before 5.3.18-150200.24.191.1

kernel-obs-build: before 5.3.18-150200.24.191.1

kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.191.1

kernel-default-base: before 5.3.18-150200.24.191.1.150200.9.97.1

kernel-preempt: before 5.3.18-150200.24.191.1

dlm-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

ocfs2-kmp-default: before 5.3.18-150200.24.191.1

dlm-kmp-default: before 5.3.18-150200.24.191.1

gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

gfs2-kmp-default: before 5.3.18-150200.24.191.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

cluster-md-kmp-default: before 5.3.18-150200.24.191.1

kernel-default-debugsource: before 5.3.18-150200.24.191.1

kernel-default-livepatch-devel: before 5.3.18-150200.24.191.1

kernel-livepatch-5_3_18-150200_24_191-default: before 1-150200.5.3.1

kernel-default-debuginfo: before 5.3.18-150200.24.191.1

kernel-default-livepatch: before 5.3.18-150200.24.191.1

kernel-livepatch-SLE15-SP2_Update_48-debugsource: before 1-150200.5.3.1

kernel-livepatch-5_3_18-150200_24_191-default-debuginfo: before 1-150200.5.3.1

kernel-default: before 5.3.18-150200.24.191.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241650-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

10) Resource management error

EUVDB-ID: #VU92971

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47201

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the iavf_disable_vf() function in drivers/net/ethernet/intel/iavf/iavf_main.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP2

SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2

SUSE Linux Enterprise High Availability Extension 15: SP2

SUSE Linux Enterprise Server for SAP Applications 15: SP2

SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise Server 15: SP2

SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise High Performance Computing 15: SP2

SUSE Manager Server: 4.1

SUSE Manager Retail Branch Server: 4.1

SUSE Manager Proxy: 4.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

reiserfs-kmp-default: before 5.3.18-150200.24.191.1

kernel-docs: before 5.3.18-150200.24.191.1

kernel-devel: before 5.3.18-150200.24.191.1

kernel-source: before 5.3.18-150200.24.191.1

kernel-macros: before 5.3.18-150200.24.191.1

kernel-preempt-devel: before 5.3.18-150200.24.191.1

kernel-default-devel-debuginfo: before 5.3.18-150200.24.191.1

kernel-preempt-debuginfo: before 5.3.18-150200.24.191.1

kernel-default-devel: before 5.3.18-150200.24.191.1

kernel-obs-build-debugsource: before 5.3.18-150200.24.191.1

kernel-preempt-debugsource: before 5.3.18-150200.24.191.1

kernel-syms: before 5.3.18-150200.24.191.1

kernel-obs-build: before 5.3.18-150200.24.191.1

kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.191.1

kernel-default-base: before 5.3.18-150200.24.191.1.150200.9.97.1

kernel-preempt: before 5.3.18-150200.24.191.1

dlm-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

ocfs2-kmp-default: before 5.3.18-150200.24.191.1

dlm-kmp-default: before 5.3.18-150200.24.191.1

gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

gfs2-kmp-default: before 5.3.18-150200.24.191.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

cluster-md-kmp-default: before 5.3.18-150200.24.191.1

kernel-default-debugsource: before 5.3.18-150200.24.191.1

kernel-default-livepatch-devel: before 5.3.18-150200.24.191.1

kernel-livepatch-5_3_18-150200_24_191-default: before 1-150200.5.3.1

kernel-default-debuginfo: before 5.3.18-150200.24.191.1

kernel-default-livepatch: before 5.3.18-150200.24.191.1

kernel-livepatch-SLE15-SP2_Update_48-debugsource: before 1-150200.5.3.1

kernel-livepatch-5_3_18-150200_24_191-default-debuginfo: before 1-150200.5.3.1

kernel-default: before 5.3.18-150200.24.191.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241650-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

11) Buffer overflow

EUVDB-ID: #VU93156

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47203

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the lpfc_drain_txq() function in drivers/scsi/lpfc/lpfc_sli.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP2

SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2

SUSE Linux Enterprise High Availability Extension 15: SP2

SUSE Linux Enterprise Server for SAP Applications 15: SP2

SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise Server 15: SP2

SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise High Performance Computing 15: SP2

SUSE Manager Server: 4.1

SUSE Manager Retail Branch Server: 4.1

SUSE Manager Proxy: 4.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

reiserfs-kmp-default: before 5.3.18-150200.24.191.1

kernel-docs: before 5.3.18-150200.24.191.1

kernel-devel: before 5.3.18-150200.24.191.1

kernel-source: before 5.3.18-150200.24.191.1

kernel-macros: before 5.3.18-150200.24.191.1

kernel-preempt-devel: before 5.3.18-150200.24.191.1

kernel-default-devel-debuginfo: before 5.3.18-150200.24.191.1

kernel-preempt-debuginfo: before 5.3.18-150200.24.191.1

kernel-default-devel: before 5.3.18-150200.24.191.1

kernel-obs-build-debugsource: before 5.3.18-150200.24.191.1

kernel-preempt-debugsource: before 5.3.18-150200.24.191.1

kernel-syms: before 5.3.18-150200.24.191.1

kernel-obs-build: before 5.3.18-150200.24.191.1

kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.191.1

kernel-default-base: before 5.3.18-150200.24.191.1.150200.9.97.1

kernel-preempt: before 5.3.18-150200.24.191.1

dlm-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

ocfs2-kmp-default: before 5.3.18-150200.24.191.1

dlm-kmp-default: before 5.3.18-150200.24.191.1

gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

gfs2-kmp-default: before 5.3.18-150200.24.191.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

cluster-md-kmp-default: before 5.3.18-150200.24.191.1

kernel-default-debugsource: before 5.3.18-150200.24.191.1

kernel-default-livepatch-devel: before 5.3.18-150200.24.191.1

kernel-livepatch-5_3_18-150200_24_191-default: before 1-150200.5.3.1

kernel-default-debuginfo: before 5.3.18-150200.24.191.1

kernel-default-livepatch: before 5.3.18-150200.24.191.1

kernel-livepatch-SLE15-SP2_Update_48-debugsource: before 1-150200.5.3.1

kernel-livepatch-5_3_18-150200_24_191-default-debuginfo: before 1-150200.5.3.1

kernel-default: before 5.3.18-150200.24.191.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241650-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

12) NULL pointer dereference

EUVDB-ID: #VU92072

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47206

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the ohci_hcd_tmio_drv_probe() function in drivers/usb/host/ohci-tmio.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP2

SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2

SUSE Linux Enterprise High Availability Extension 15: SP2

SUSE Linux Enterprise Server for SAP Applications 15: SP2

SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise Server 15: SP2

SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise High Performance Computing 15: SP2

SUSE Manager Server: 4.1

SUSE Manager Retail Branch Server: 4.1

SUSE Manager Proxy: 4.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

reiserfs-kmp-default: before 5.3.18-150200.24.191.1

kernel-docs: before 5.3.18-150200.24.191.1

kernel-devel: before 5.3.18-150200.24.191.1

kernel-source: before 5.3.18-150200.24.191.1

kernel-macros: before 5.3.18-150200.24.191.1

kernel-preempt-devel: before 5.3.18-150200.24.191.1

kernel-default-devel-debuginfo: before 5.3.18-150200.24.191.1

kernel-preempt-debuginfo: before 5.3.18-150200.24.191.1

kernel-default-devel: before 5.3.18-150200.24.191.1

kernel-obs-build-debugsource: before 5.3.18-150200.24.191.1

kernel-preempt-debugsource: before 5.3.18-150200.24.191.1

kernel-syms: before 5.3.18-150200.24.191.1

kernel-obs-build: before 5.3.18-150200.24.191.1

kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.191.1

kernel-default-base: before 5.3.18-150200.24.191.1.150200.9.97.1

kernel-preempt: before 5.3.18-150200.24.191.1

dlm-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

ocfs2-kmp-default: before 5.3.18-150200.24.191.1

dlm-kmp-default: before 5.3.18-150200.24.191.1

gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

gfs2-kmp-default: before 5.3.18-150200.24.191.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

cluster-md-kmp-default: before 5.3.18-150200.24.191.1

kernel-default-debugsource: before 5.3.18-150200.24.191.1

kernel-default-livepatch-devel: before 5.3.18-150200.24.191.1

kernel-livepatch-5_3_18-150200_24_191-default: before 1-150200.5.3.1

kernel-default-debuginfo: before 5.3.18-150200.24.191.1

kernel-default-livepatch: before 5.3.18-150200.24.191.1

kernel-livepatch-SLE15-SP2_Update_48-debugsource: before 1-150200.5.3.1

kernel-livepatch-5_3_18-150200_24_191-default-debuginfo: before 1-150200.5.3.1

kernel-default: before 5.3.18-150200.24.191.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241650-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

13) NULL pointer dereference

EUVDB-ID: #VU90583

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47207

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the snd_gf1_dma_interrupt() function in sound/isa/gus/gus_dma.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP2

SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2

SUSE Linux Enterprise High Availability Extension 15: SP2

SUSE Linux Enterprise Server for SAP Applications 15: SP2

SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise Server 15: SP2

SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise High Performance Computing 15: SP2

SUSE Manager Server: 4.1

SUSE Manager Retail Branch Server: 4.1

SUSE Manager Proxy: 4.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

reiserfs-kmp-default: before 5.3.18-150200.24.191.1

kernel-docs: before 5.3.18-150200.24.191.1

kernel-devel: before 5.3.18-150200.24.191.1

kernel-source: before 5.3.18-150200.24.191.1

kernel-macros: before 5.3.18-150200.24.191.1

kernel-preempt-devel: before 5.3.18-150200.24.191.1

kernel-default-devel-debuginfo: before 5.3.18-150200.24.191.1

kernel-preempt-debuginfo: before 5.3.18-150200.24.191.1

kernel-default-devel: before 5.3.18-150200.24.191.1

kernel-obs-build-debugsource: before 5.3.18-150200.24.191.1

kernel-preempt-debugsource: before 5.3.18-150200.24.191.1

kernel-syms: before 5.3.18-150200.24.191.1

kernel-obs-build: before 5.3.18-150200.24.191.1

kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.191.1

kernel-default-base: before 5.3.18-150200.24.191.1.150200.9.97.1

kernel-preempt: before 5.3.18-150200.24.191.1

dlm-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

ocfs2-kmp-default: before 5.3.18-150200.24.191.1

dlm-kmp-default: before 5.3.18-150200.24.191.1

gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

gfs2-kmp-default: before 5.3.18-150200.24.191.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

cluster-md-kmp-default: before 5.3.18-150200.24.191.1

kernel-default-debugsource: before 5.3.18-150200.24.191.1

kernel-default-livepatch-devel: before 5.3.18-150200.24.191.1

kernel-livepatch-5_3_18-150200_24_191-default: before 1-150200.5.3.1

kernel-default-debuginfo: before 5.3.18-150200.24.191.1

kernel-default-livepatch: before 5.3.18-150200.24.191.1

kernel-livepatch-SLE15-SP2_Update_48-debugsource: before 1-150200.5.3.1

kernel-livepatch-5_3_18-150200_24_191-default-debuginfo: before 1-150200.5.3.1

kernel-default: before 5.3.18-150200.24.191.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241650-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

14) Error Handling

EUVDB-ID: #VU89241

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47212

CWE-ID: CWE-388 - Error Handling

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to incorrect error handling within the mlx5_internal_err_ret_value() function in drivers/net/ethernet/mellanox/mlx5/core/cmd.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP2

SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2

SUSE Linux Enterprise High Availability Extension 15: SP2

SUSE Linux Enterprise Server for SAP Applications 15: SP2

SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise Server 15: SP2

SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise High Performance Computing 15: SP2

SUSE Manager Server: 4.1

SUSE Manager Retail Branch Server: 4.1

SUSE Manager Proxy: 4.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

reiserfs-kmp-default: before 5.3.18-150200.24.191.1

kernel-docs: before 5.3.18-150200.24.191.1

kernel-devel: before 5.3.18-150200.24.191.1

kernel-source: before 5.3.18-150200.24.191.1

kernel-macros: before 5.3.18-150200.24.191.1

kernel-preempt-devel: before 5.3.18-150200.24.191.1

kernel-default-devel-debuginfo: before 5.3.18-150200.24.191.1

kernel-preempt-debuginfo: before 5.3.18-150200.24.191.1

kernel-default-devel: before 5.3.18-150200.24.191.1

kernel-obs-build-debugsource: before 5.3.18-150200.24.191.1

kernel-preempt-debugsource: before 5.3.18-150200.24.191.1

kernel-syms: before 5.3.18-150200.24.191.1

kernel-obs-build: before 5.3.18-150200.24.191.1

kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.191.1

kernel-default-base: before 5.3.18-150200.24.191.1.150200.9.97.1

kernel-preempt: before 5.3.18-150200.24.191.1

dlm-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

ocfs2-kmp-default: before 5.3.18-150200.24.191.1

dlm-kmp-default: before 5.3.18-150200.24.191.1

gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

gfs2-kmp-default: before 5.3.18-150200.24.191.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

cluster-md-kmp-default: before 5.3.18-150200.24.191.1

kernel-default-debugsource: before 5.3.18-150200.24.191.1

kernel-default-livepatch-devel: before 5.3.18-150200.24.191.1

kernel-livepatch-5_3_18-150200_24_191-default: before 1-150200.5.3.1

kernel-default-debuginfo: before 5.3.18-150200.24.191.1

kernel-default-livepatch: before 5.3.18-150200.24.191.1

kernel-livepatch-SLE15-SP2_Update_48-debugsource: before 1-150200.5.3.1

kernel-livepatch-5_3_18-150200_24_191-default-debuginfo: before 1-150200.5.3.1

kernel-default: before 5.3.18-150200.24.191.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241650-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

15) Improper locking

EUVDB-ID: #VU92033

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48631

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the __ext4_ext_check() function in fs/ext4/extents.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP2

SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2

SUSE Linux Enterprise High Availability Extension 15: SP2

SUSE Linux Enterprise Server for SAP Applications 15: SP2

SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise Server 15: SP2

SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise High Performance Computing 15: SP2

SUSE Manager Server: 4.1

SUSE Manager Retail Branch Server: 4.1

SUSE Manager Proxy: 4.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

reiserfs-kmp-default: before 5.3.18-150200.24.191.1

kernel-docs: before 5.3.18-150200.24.191.1

kernel-devel: before 5.3.18-150200.24.191.1

kernel-source: before 5.3.18-150200.24.191.1

kernel-macros: before 5.3.18-150200.24.191.1

kernel-preempt-devel: before 5.3.18-150200.24.191.1

kernel-default-devel-debuginfo: before 5.3.18-150200.24.191.1

kernel-preempt-debuginfo: before 5.3.18-150200.24.191.1

kernel-default-devel: before 5.3.18-150200.24.191.1

kernel-obs-build-debugsource: before 5.3.18-150200.24.191.1

kernel-preempt-debugsource: before 5.3.18-150200.24.191.1

kernel-syms: before 5.3.18-150200.24.191.1

kernel-obs-build: before 5.3.18-150200.24.191.1

kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.191.1

kernel-default-base: before 5.3.18-150200.24.191.1.150200.9.97.1

kernel-preempt: before 5.3.18-150200.24.191.1

dlm-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

ocfs2-kmp-default: before 5.3.18-150200.24.191.1

dlm-kmp-default: before 5.3.18-150200.24.191.1

gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

gfs2-kmp-default: before 5.3.18-150200.24.191.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

cluster-md-kmp-default: before 5.3.18-150200.24.191.1

kernel-default-debugsource: before 5.3.18-150200.24.191.1

kernel-default-livepatch-devel: before 5.3.18-150200.24.191.1

kernel-livepatch-5_3_18-150200_24_191-default: before 1-150200.5.3.1

kernel-default-debuginfo: before 5.3.18-150200.24.191.1

kernel-default-livepatch: before 5.3.18-150200.24.191.1

kernel-livepatch-SLE15-SP2_Update_48-debugsource: before 1-150200.5.3.1

kernel-livepatch-5_3_18-150200_24_191-default-debuginfo: before 1-150200.5.3.1

kernel-default: before 5.3.18-150200.24.191.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241650-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

16) Out-of-bounds read

EUVDB-ID: #VU89680

Risk: Medium

CVSSv4.0: 1.3 [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2022-48651

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition in drivers/net/ipvlan/ipvlan_core.c. A remote attacker on the local network can send specially crafted packets to the system, trigger an out-of-bounds read error and read contents of memory on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP2

SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2

SUSE Linux Enterprise High Availability Extension 15: SP2

SUSE Linux Enterprise Server for SAP Applications 15: SP2

SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise Server 15: SP2

SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise High Performance Computing 15: SP2

SUSE Manager Server: 4.1

SUSE Manager Retail Branch Server: 4.1

SUSE Manager Proxy: 4.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

reiserfs-kmp-default: before 5.3.18-150200.24.191.1

kernel-docs: before 5.3.18-150200.24.191.1

kernel-devel: before 5.3.18-150200.24.191.1

kernel-source: before 5.3.18-150200.24.191.1

kernel-macros: before 5.3.18-150200.24.191.1

kernel-preempt-devel: before 5.3.18-150200.24.191.1

kernel-default-devel-debuginfo: before 5.3.18-150200.24.191.1

kernel-preempt-debuginfo: before 5.3.18-150200.24.191.1

kernel-default-devel: before 5.3.18-150200.24.191.1

kernel-obs-build-debugsource: before 5.3.18-150200.24.191.1

kernel-preempt-debugsource: before 5.3.18-150200.24.191.1

kernel-syms: before 5.3.18-150200.24.191.1

kernel-obs-build: before 5.3.18-150200.24.191.1

kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.191.1

kernel-default-base: before 5.3.18-150200.24.191.1.150200.9.97.1

kernel-preempt: before 5.3.18-150200.24.191.1

dlm-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

ocfs2-kmp-default: before 5.3.18-150200.24.191.1

dlm-kmp-default: before 5.3.18-150200.24.191.1

gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

gfs2-kmp-default: before 5.3.18-150200.24.191.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

cluster-md-kmp-default: before 5.3.18-150200.24.191.1

kernel-default-debugsource: before 5.3.18-150200.24.191.1

kernel-default-livepatch-devel: before 5.3.18-150200.24.191.1

kernel-livepatch-5_3_18-150200_24_191-default: before 1-150200.5.3.1

kernel-default-debuginfo: before 5.3.18-150200.24.191.1

kernel-default-livepatch: before 5.3.18-150200.24.191.1

kernel-livepatch-SLE15-SP2_Update_48-debugsource: before 1-150200.5.3.1

kernel-livepatch-5_3_18-150200_24_191-default-debuginfo: before 1-150200.5.3.1

kernel-default: before 5.3.18-150200.24.191.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241650-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

17) Memory leak

EUVDB-ID: #VU91645

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48654

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to memory leak within the nf_osf_find() function in net/netfilter/nfnetlink_osf.c. A local user can gain access to sensitive information.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP2

SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2

SUSE Linux Enterprise High Availability Extension 15: SP2

SUSE Linux Enterprise Server for SAP Applications 15: SP2

SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise Server 15: SP2

SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise High Performance Computing 15: SP2

SUSE Manager Server: 4.1

SUSE Manager Retail Branch Server: 4.1

SUSE Manager Proxy: 4.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

reiserfs-kmp-default: before 5.3.18-150200.24.191.1

kernel-docs: before 5.3.18-150200.24.191.1

kernel-devel: before 5.3.18-150200.24.191.1

kernel-source: before 5.3.18-150200.24.191.1

kernel-macros: before 5.3.18-150200.24.191.1

kernel-preempt-devel: before 5.3.18-150200.24.191.1

kernel-default-devel-debuginfo: before 5.3.18-150200.24.191.1

kernel-preempt-debuginfo: before 5.3.18-150200.24.191.1

kernel-default-devel: before 5.3.18-150200.24.191.1

kernel-obs-build-debugsource: before 5.3.18-150200.24.191.1

kernel-preempt-debugsource: before 5.3.18-150200.24.191.1

kernel-syms: before 5.3.18-150200.24.191.1

kernel-obs-build: before 5.3.18-150200.24.191.1

kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.191.1

kernel-default-base: before 5.3.18-150200.24.191.1.150200.9.97.1

kernel-preempt: before 5.3.18-150200.24.191.1

dlm-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

ocfs2-kmp-default: before 5.3.18-150200.24.191.1

dlm-kmp-default: before 5.3.18-150200.24.191.1

gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

gfs2-kmp-default: before 5.3.18-150200.24.191.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

cluster-md-kmp-default: before 5.3.18-150200.24.191.1

kernel-default-debugsource: before 5.3.18-150200.24.191.1

kernel-default-livepatch-devel: before 5.3.18-150200.24.191.1

kernel-livepatch-5_3_18-150200_24_191-default: before 1-150200.5.3.1

kernel-default-debuginfo: before 5.3.18-150200.24.191.1

kernel-default-livepatch: before 5.3.18-150200.24.191.1

kernel-livepatch-SLE15-SP2_Update_48-debugsource: before 1-150200.5.3.1

kernel-livepatch-5_3_18-150200_24_191-default-debuginfo: before 1-150200.5.3.1

kernel-default: before 5.3.18-150200.24.191.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241650-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

18) Out-of-bounds read

EUVDB-ID: #VU90314

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48687

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to an out-of-bounds read error within the seg6_genl_sethmac() function in net/ipv6/seg6.c. A local user can gain access to sensitive information.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP2

SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2

SUSE Linux Enterprise High Availability Extension 15: SP2

SUSE Linux Enterprise Server for SAP Applications 15: SP2

SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise Server 15: SP2

SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise High Performance Computing 15: SP2

SUSE Manager Server: 4.1

SUSE Manager Retail Branch Server: 4.1

SUSE Manager Proxy: 4.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

reiserfs-kmp-default: before 5.3.18-150200.24.191.1

kernel-docs: before 5.3.18-150200.24.191.1

kernel-devel: before 5.3.18-150200.24.191.1

kernel-source: before 5.3.18-150200.24.191.1

kernel-macros: before 5.3.18-150200.24.191.1

kernel-preempt-devel: before 5.3.18-150200.24.191.1

kernel-default-devel-debuginfo: before 5.3.18-150200.24.191.1

kernel-preempt-debuginfo: before 5.3.18-150200.24.191.1

kernel-default-devel: before 5.3.18-150200.24.191.1

kernel-obs-build-debugsource: before 5.3.18-150200.24.191.1

kernel-preempt-debugsource: before 5.3.18-150200.24.191.1

kernel-syms: before 5.3.18-150200.24.191.1

kernel-obs-build: before 5.3.18-150200.24.191.1

kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.191.1

kernel-default-base: before 5.3.18-150200.24.191.1.150200.9.97.1

kernel-preempt: before 5.3.18-150200.24.191.1

dlm-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

ocfs2-kmp-default: before 5.3.18-150200.24.191.1

dlm-kmp-default: before 5.3.18-150200.24.191.1

gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

gfs2-kmp-default: before 5.3.18-150200.24.191.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

cluster-md-kmp-default: before 5.3.18-150200.24.191.1

kernel-default-debugsource: before 5.3.18-150200.24.191.1

kernel-default-livepatch-devel: before 5.3.18-150200.24.191.1

kernel-livepatch-5_3_18-150200_24_191-default: before 1-150200.5.3.1

kernel-default-debuginfo: before 5.3.18-150200.24.191.1

kernel-default-livepatch: before 5.3.18-150200.24.191.1

kernel-livepatch-SLE15-SP2_Update_48-debugsource: before 1-150200.5.3.1

kernel-livepatch-5_3_18-150200_24_191-default-debuginfo: before 1-150200.5.3.1

kernel-default: before 5.3.18-150200.24.191.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241650-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

19) Out-of-bounds read

EUVDB-ID: #VU78675

Risk: Low

CVSSv4.0: 1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-2860

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition within the SR-IPv6 implementation when processing seg6 attributes. A local user can trigger an out-of-bounds read error and read contents of memory on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP2

SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2

SUSE Linux Enterprise High Availability Extension 15: SP2

SUSE Linux Enterprise Server for SAP Applications 15: SP2

SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise Server 15: SP2

SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise High Performance Computing 15: SP2

SUSE Manager Server: 4.1

SUSE Manager Retail Branch Server: 4.1

SUSE Manager Proxy: 4.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

reiserfs-kmp-default: before 5.3.18-150200.24.191.1

kernel-docs: before 5.3.18-150200.24.191.1

kernel-devel: before 5.3.18-150200.24.191.1

kernel-source: before 5.3.18-150200.24.191.1

kernel-macros: before 5.3.18-150200.24.191.1

kernel-preempt-devel: before 5.3.18-150200.24.191.1

kernel-default-devel-debuginfo: before 5.3.18-150200.24.191.1

kernel-preempt-debuginfo: before 5.3.18-150200.24.191.1

kernel-default-devel: before 5.3.18-150200.24.191.1

kernel-obs-build-debugsource: before 5.3.18-150200.24.191.1

kernel-preempt-debugsource: before 5.3.18-150200.24.191.1

kernel-syms: before 5.3.18-150200.24.191.1

kernel-obs-build: before 5.3.18-150200.24.191.1

kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.191.1

kernel-default-base: before 5.3.18-150200.24.191.1.150200.9.97.1

kernel-preempt: before 5.3.18-150200.24.191.1

dlm-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

ocfs2-kmp-default: before 5.3.18-150200.24.191.1

dlm-kmp-default: before 5.3.18-150200.24.191.1

gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

gfs2-kmp-default: before 5.3.18-150200.24.191.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

cluster-md-kmp-default: before 5.3.18-150200.24.191.1

kernel-default-debugsource: before 5.3.18-150200.24.191.1

kernel-default-livepatch-devel: before 5.3.18-150200.24.191.1

kernel-livepatch-5_3_18-150200_24_191-default: before 1-150200.5.3.1

kernel-default-debuginfo: before 5.3.18-150200.24.191.1

kernel-default-livepatch: before 5.3.18-150200.24.191.1

kernel-livepatch-SLE15-SP2_Update_48-debugsource: before 1-150200.5.3.1

kernel-livepatch-5_3_18-150200_24_191-default-debuginfo: before 1-150200.5.3.1

kernel-default: before 5.3.18-150200.24.191.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241650-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

20) Use-after-free

EUVDB-ID: #VU91599

Risk: Low

CVSSv4.0: 4.4 [CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-6270

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the aoecmd_cfg_pkts() function in the ATA over Ethernet (AoE) driver. A local user can trigger a use-after-free error and escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP2

SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2

SUSE Linux Enterprise High Availability Extension 15: SP2

SUSE Linux Enterprise Server for SAP Applications 15: SP2

SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise Server 15: SP2

SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise High Performance Computing 15: SP2

SUSE Manager Server: 4.1

SUSE Manager Retail Branch Server: 4.1

SUSE Manager Proxy: 4.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

reiserfs-kmp-default: before 5.3.18-150200.24.191.1

kernel-docs: before 5.3.18-150200.24.191.1

kernel-devel: before 5.3.18-150200.24.191.1

kernel-source: before 5.3.18-150200.24.191.1

kernel-macros: before 5.3.18-150200.24.191.1

kernel-preempt-devel: before 5.3.18-150200.24.191.1

kernel-default-devel-debuginfo: before 5.3.18-150200.24.191.1

kernel-preempt-debuginfo: before 5.3.18-150200.24.191.1

kernel-default-devel: before 5.3.18-150200.24.191.1

kernel-obs-build-debugsource: before 5.3.18-150200.24.191.1

kernel-preempt-debugsource: before 5.3.18-150200.24.191.1

kernel-syms: before 5.3.18-150200.24.191.1

kernel-obs-build: before 5.3.18-150200.24.191.1

kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.191.1

kernel-default-base: before 5.3.18-150200.24.191.1.150200.9.97.1

kernel-preempt: before 5.3.18-150200.24.191.1

dlm-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

ocfs2-kmp-default: before 5.3.18-150200.24.191.1

dlm-kmp-default: before 5.3.18-150200.24.191.1

gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

gfs2-kmp-default: before 5.3.18-150200.24.191.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

cluster-md-kmp-default: before 5.3.18-150200.24.191.1

kernel-default-debugsource: before 5.3.18-150200.24.191.1

kernel-default-livepatch-devel: before 5.3.18-150200.24.191.1

kernel-livepatch-5_3_18-150200_24_191-default: before 1-150200.5.3.1

kernel-default-debuginfo: before 5.3.18-150200.24.191.1

kernel-default-livepatch: before 5.3.18-150200.24.191.1

kernel-livepatch-SLE15-SP2_Update_48-debugsource: before 1-150200.5.3.1

kernel-livepatch-5_3_18-150200_24_191-default-debuginfo: before 1-150200.5.3.1

kernel-default: before 5.3.18-150200.24.191.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241650-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

21) Improper locking

EUVDB-ID: #VU88894

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-0639

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service attack.

The vulnerability exists due to improper locking within the sctp_auto_asconf_init() function in net/sctp/socket.c. A local user can crash the kernel.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP2

SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2

SUSE Linux Enterprise High Availability Extension 15: SP2

SUSE Linux Enterprise Server for SAP Applications 15: SP2

SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise Server 15: SP2

SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise High Performance Computing 15: SP2

SUSE Manager Server: 4.1

SUSE Manager Retail Branch Server: 4.1

SUSE Manager Proxy: 4.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

reiserfs-kmp-default: before 5.3.18-150200.24.191.1

kernel-docs: before 5.3.18-150200.24.191.1

kernel-devel: before 5.3.18-150200.24.191.1

kernel-source: before 5.3.18-150200.24.191.1

kernel-macros: before 5.3.18-150200.24.191.1

kernel-preempt-devel: before 5.3.18-150200.24.191.1

kernel-default-devel-debuginfo: before 5.3.18-150200.24.191.1

kernel-preempt-debuginfo: before 5.3.18-150200.24.191.1

kernel-default-devel: before 5.3.18-150200.24.191.1

kernel-obs-build-debugsource: before 5.3.18-150200.24.191.1

kernel-preempt-debugsource: before 5.3.18-150200.24.191.1

kernel-syms: before 5.3.18-150200.24.191.1

kernel-obs-build: before 5.3.18-150200.24.191.1

kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.191.1

kernel-default-base: before 5.3.18-150200.24.191.1.150200.9.97.1

kernel-preempt: before 5.3.18-150200.24.191.1

dlm-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

ocfs2-kmp-default: before 5.3.18-150200.24.191.1

dlm-kmp-default: before 5.3.18-150200.24.191.1

gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

gfs2-kmp-default: before 5.3.18-150200.24.191.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

cluster-md-kmp-default: before 5.3.18-150200.24.191.1

kernel-default-debugsource: before 5.3.18-150200.24.191.1

kernel-default-livepatch-devel: before 5.3.18-150200.24.191.1

kernel-livepatch-5_3_18-150200_24_191-default: before 1-150200.5.3.1

kernel-default-debuginfo: before 5.3.18-150200.24.191.1

kernel-default-livepatch: before 5.3.18-150200.24.191.1

kernel-livepatch-SLE15-SP2_Update_48-debugsource: before 1-150200.5.3.1

kernel-livepatch-5_3_18-150200_24_191-default-debuginfo: before 1-150200.5.3.1

kernel-default: before 5.3.18-150200.24.191.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241650-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

22) NULL pointer dereference

EUVDB-ID: #VU89389

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-0841

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error within the hugetlbfs_fill_super() function in the Linux kernel hugetlbfs (HugeTLB pages) functionality. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP2

SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2

SUSE Linux Enterprise High Availability Extension 15: SP2

SUSE Linux Enterprise Server for SAP Applications 15: SP2

SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise Server 15: SP2

SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise High Performance Computing 15: SP2

SUSE Manager Server: 4.1

SUSE Manager Retail Branch Server: 4.1

SUSE Manager Proxy: 4.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

reiserfs-kmp-default: before 5.3.18-150200.24.191.1

kernel-docs: before 5.3.18-150200.24.191.1

kernel-devel: before 5.3.18-150200.24.191.1

kernel-source: before 5.3.18-150200.24.191.1

kernel-macros: before 5.3.18-150200.24.191.1

kernel-preempt-devel: before 5.3.18-150200.24.191.1

kernel-default-devel-debuginfo: before 5.3.18-150200.24.191.1

kernel-preempt-debuginfo: before 5.3.18-150200.24.191.1

kernel-default-devel: before 5.3.18-150200.24.191.1

kernel-obs-build-debugsource: before 5.3.18-150200.24.191.1

kernel-preempt-debugsource: before 5.3.18-150200.24.191.1

kernel-syms: before 5.3.18-150200.24.191.1

kernel-obs-build: before 5.3.18-150200.24.191.1

kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.191.1

kernel-default-base: before 5.3.18-150200.24.191.1.150200.9.97.1

kernel-preempt: before 5.3.18-150200.24.191.1

dlm-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

ocfs2-kmp-default: before 5.3.18-150200.24.191.1

dlm-kmp-default: before 5.3.18-150200.24.191.1

gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

gfs2-kmp-default: before 5.3.18-150200.24.191.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

cluster-md-kmp-default: before 5.3.18-150200.24.191.1

kernel-default-debugsource: before 5.3.18-150200.24.191.1

kernel-default-livepatch-devel: before 5.3.18-150200.24.191.1

kernel-livepatch-5_3_18-150200_24_191-default: before 1-150200.5.3.1

kernel-default-debuginfo: before 5.3.18-150200.24.191.1

kernel-default-livepatch: before 5.3.18-150200.24.191.1

kernel-livepatch-SLE15-SP2_Update_48-debugsource: before 1-150200.5.3.1

kernel-livepatch-5_3_18-150200_24_191-default-debuginfo: before 1-150200.5.3.1

kernel-default: before 5.3.18-150200.24.191.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241650-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

23) NULL pointer dereference

EUVDB-ID: #VU87192

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-22099

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error within the rfcomm_check_security() function in /net/bluetooth/rfcomm/core.c. A local user can pass specially crafted data to the application and perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP2

SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2

SUSE Linux Enterprise High Availability Extension 15: SP2

SUSE Linux Enterprise Server for SAP Applications 15: SP2

SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise Server 15: SP2

SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise High Performance Computing 15: SP2

SUSE Manager Server: 4.1

SUSE Manager Retail Branch Server: 4.1

SUSE Manager Proxy: 4.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

reiserfs-kmp-default: before 5.3.18-150200.24.191.1

kernel-docs: before 5.3.18-150200.24.191.1

kernel-devel: before 5.3.18-150200.24.191.1

kernel-source: before 5.3.18-150200.24.191.1

kernel-macros: before 5.3.18-150200.24.191.1

kernel-preempt-devel: before 5.3.18-150200.24.191.1

kernel-default-devel-debuginfo: before 5.3.18-150200.24.191.1

kernel-preempt-debuginfo: before 5.3.18-150200.24.191.1

kernel-default-devel: before 5.3.18-150200.24.191.1

kernel-obs-build-debugsource: before 5.3.18-150200.24.191.1

kernel-preempt-debugsource: before 5.3.18-150200.24.191.1

kernel-syms: before 5.3.18-150200.24.191.1

kernel-obs-build: before 5.3.18-150200.24.191.1

kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.191.1

kernel-default-base: before 5.3.18-150200.24.191.1.150200.9.97.1

kernel-preempt: before 5.3.18-150200.24.191.1

dlm-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

ocfs2-kmp-default: before 5.3.18-150200.24.191.1

dlm-kmp-default: before 5.3.18-150200.24.191.1

gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

gfs2-kmp-default: before 5.3.18-150200.24.191.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

cluster-md-kmp-default: before 5.3.18-150200.24.191.1

kernel-default-debugsource: before 5.3.18-150200.24.191.1

kernel-default-livepatch-devel: before 5.3.18-150200.24.191.1

kernel-livepatch-5_3_18-150200_24_191-default: before 1-150200.5.3.1

kernel-default-debuginfo: before 5.3.18-150200.24.191.1

kernel-default-livepatch: before 5.3.18-150200.24.191.1

kernel-livepatch-SLE15-SP2_Update_48-debugsource: before 1-150200.5.3.1

kernel-livepatch-5_3_18-150200_24_191-default-debuginfo: before 1-150200.5.3.1

kernel-default: before 5.3.18-150200.24.191.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241650-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

24) Integer overflow

EUVDB-ID: #VU88102

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-23307

CWE-ID: CWE-190 - Integer overflow

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to integer overflow in raid5_cache_count() function. A local user can trigger an integer overflow and execute arbitrary code with elevated privileges.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP2

SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2

SUSE Linux Enterprise High Availability Extension 15: SP2

SUSE Linux Enterprise Server for SAP Applications 15: SP2

SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise Server 15: SP2

SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise High Performance Computing 15: SP2

SUSE Manager Server: 4.1

SUSE Manager Retail Branch Server: 4.1

SUSE Manager Proxy: 4.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

reiserfs-kmp-default: before 5.3.18-150200.24.191.1

kernel-docs: before 5.3.18-150200.24.191.1

kernel-devel: before 5.3.18-150200.24.191.1

kernel-source: before 5.3.18-150200.24.191.1

kernel-macros: before 5.3.18-150200.24.191.1

kernel-preempt-devel: before 5.3.18-150200.24.191.1

kernel-default-devel-debuginfo: before 5.3.18-150200.24.191.1

kernel-preempt-debuginfo: before 5.3.18-150200.24.191.1

kernel-default-devel: before 5.3.18-150200.24.191.1

kernel-obs-build-debugsource: before 5.3.18-150200.24.191.1

kernel-preempt-debugsource: before 5.3.18-150200.24.191.1

kernel-syms: before 5.3.18-150200.24.191.1

kernel-obs-build: before 5.3.18-150200.24.191.1

kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.191.1

kernel-default-base: before 5.3.18-150200.24.191.1.150200.9.97.1

kernel-preempt: before 5.3.18-150200.24.191.1

dlm-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

ocfs2-kmp-default: before 5.3.18-150200.24.191.1

dlm-kmp-default: before 5.3.18-150200.24.191.1

gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

gfs2-kmp-default: before 5.3.18-150200.24.191.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

cluster-md-kmp-default: before 5.3.18-150200.24.191.1

kernel-default-debugsource: before 5.3.18-150200.24.191.1

kernel-default-livepatch-devel: before 5.3.18-150200.24.191.1

kernel-livepatch-5_3_18-150200_24_191-default: before 1-150200.5.3.1

kernel-default-debuginfo: before 5.3.18-150200.24.191.1

kernel-default-livepatch: before 5.3.18-150200.24.191.1

kernel-livepatch-SLE15-SP2_Update_48-debugsource: before 1-150200.5.3.1

kernel-livepatch-5_3_18-150200_24_191-default-debuginfo: before 1-150200.5.3.1

kernel-default: before 5.3.18-150200.24.191.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241650-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

25) NULL pointer dereference

EUVDB-ID: #VU90603

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-26688

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the hugetlbfs_parse_param() function in fs/hugetlbfs/inode.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP2

SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2

SUSE Linux Enterprise High Availability Extension 15: SP2

SUSE Linux Enterprise Server for SAP Applications 15: SP2

SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise Server 15: SP2

SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise High Performance Computing 15: SP2

SUSE Manager Server: 4.1

SUSE Manager Retail Branch Server: 4.1

SUSE Manager Proxy: 4.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

reiserfs-kmp-default: before 5.3.18-150200.24.191.1

kernel-docs: before 5.3.18-150200.24.191.1

kernel-devel: before 5.3.18-150200.24.191.1

kernel-source: before 5.3.18-150200.24.191.1

kernel-macros: before 5.3.18-150200.24.191.1

kernel-preempt-devel: before 5.3.18-150200.24.191.1

kernel-default-devel-debuginfo: before 5.3.18-150200.24.191.1

kernel-preempt-debuginfo: before 5.3.18-150200.24.191.1

kernel-default-devel: before 5.3.18-150200.24.191.1

kernel-obs-build-debugsource: before 5.3.18-150200.24.191.1

kernel-preempt-debugsource: before 5.3.18-150200.24.191.1

kernel-syms: before 5.3.18-150200.24.191.1

kernel-obs-build: before 5.3.18-150200.24.191.1

kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.191.1

kernel-default-base: before 5.3.18-150200.24.191.1.150200.9.97.1

kernel-preempt: before 5.3.18-150200.24.191.1

dlm-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

ocfs2-kmp-default: before 5.3.18-150200.24.191.1

dlm-kmp-default: before 5.3.18-150200.24.191.1

gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

gfs2-kmp-default: before 5.3.18-150200.24.191.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

cluster-md-kmp-default: before 5.3.18-150200.24.191.1

kernel-default-debugsource: before 5.3.18-150200.24.191.1

kernel-default-livepatch-devel: before 5.3.18-150200.24.191.1

kernel-livepatch-5_3_18-150200_24_191-default: before 1-150200.5.3.1

kernel-default-debuginfo: before 5.3.18-150200.24.191.1

kernel-default-livepatch: before 5.3.18-150200.24.191.1

kernel-livepatch-SLE15-SP2_Update_48-debugsource: before 1-150200.5.3.1

kernel-livepatch-5_3_18-150200_24_191-default-debuginfo: before 1-150200.5.3.1

kernel-default: before 5.3.18-150200.24.191.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241650-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

26) Use-after-free

EUVDB-ID: #VU90220

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-26689

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the __prep_cap() and __send_cap() functions in fs/ceph/caps.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP2

SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2

SUSE Linux Enterprise High Availability Extension 15: SP2

SUSE Linux Enterprise Server for SAP Applications 15: SP2

SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise Server 15: SP2

SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise High Performance Computing 15: SP2

SUSE Manager Server: 4.1

SUSE Manager Retail Branch Server: 4.1

SUSE Manager Proxy: 4.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

reiserfs-kmp-default: before 5.3.18-150200.24.191.1

kernel-docs: before 5.3.18-150200.24.191.1

kernel-devel: before 5.3.18-150200.24.191.1

kernel-source: before 5.3.18-150200.24.191.1

kernel-macros: before 5.3.18-150200.24.191.1

kernel-preempt-devel: before 5.3.18-150200.24.191.1

kernel-default-devel-debuginfo: before 5.3.18-150200.24.191.1

kernel-preempt-debuginfo: before 5.3.18-150200.24.191.1

kernel-default-devel: before 5.3.18-150200.24.191.1

kernel-obs-build-debugsource: before 5.3.18-150200.24.191.1

kernel-preempt-debugsource: before 5.3.18-150200.24.191.1

kernel-syms: before 5.3.18-150200.24.191.1

kernel-obs-build: before 5.3.18-150200.24.191.1

kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.191.1

kernel-default-base: before 5.3.18-150200.24.191.1.150200.9.97.1

kernel-preempt: before 5.3.18-150200.24.191.1

dlm-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

ocfs2-kmp-default: before 5.3.18-150200.24.191.1

dlm-kmp-default: before 5.3.18-150200.24.191.1

gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

gfs2-kmp-default: before 5.3.18-150200.24.191.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

cluster-md-kmp-default: before 5.3.18-150200.24.191.1

kernel-default-debugsource: before 5.3.18-150200.24.191.1

kernel-default-livepatch-devel: before 5.3.18-150200.24.191.1

kernel-livepatch-5_3_18-150200_24_191-default: before 1-150200.5.3.1

kernel-default-debuginfo: before 5.3.18-150200.24.191.1

kernel-default-livepatch: before 5.3.18-150200.24.191.1

kernel-livepatch-SLE15-SP2_Update_48-debugsource: before 1-150200.5.3.1

kernel-livepatch-5_3_18-150200_24_191-default-debuginfo: before 1-150200.5.3.1

kernel-default: before 5.3.18-150200.24.191.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241650-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

27) Buffer overflow

EUVDB-ID: #VU92952

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-26733

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to memory corruption within the arp_req_get() function in net/ipv4/arp.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP2

SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2

SUSE Linux Enterprise High Availability Extension 15: SP2

SUSE Linux Enterprise Server for SAP Applications 15: SP2

SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise Server 15: SP2

SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise High Performance Computing 15: SP2

SUSE Manager Server: 4.1

SUSE Manager Retail Branch Server: 4.1

SUSE Manager Proxy: 4.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

reiserfs-kmp-default: before 5.3.18-150200.24.191.1

kernel-docs: before 5.3.18-150200.24.191.1

kernel-devel: before 5.3.18-150200.24.191.1

kernel-source: before 5.3.18-150200.24.191.1

kernel-macros: before 5.3.18-150200.24.191.1

kernel-preempt-devel: before 5.3.18-150200.24.191.1

kernel-default-devel-debuginfo: before 5.3.18-150200.24.191.1

kernel-preempt-debuginfo: before 5.3.18-150200.24.191.1

kernel-default-devel: before 5.3.18-150200.24.191.1

kernel-obs-build-debugsource: before 5.3.18-150200.24.191.1

kernel-preempt-debugsource: before 5.3.18-150200.24.191.1

kernel-syms: before 5.3.18-150200.24.191.1

kernel-obs-build: before 5.3.18-150200.24.191.1

kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.191.1

kernel-default-base: before 5.3.18-150200.24.191.1.150200.9.97.1

kernel-preempt: before 5.3.18-150200.24.191.1

dlm-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

ocfs2-kmp-default: before 5.3.18-150200.24.191.1

dlm-kmp-default: before 5.3.18-150200.24.191.1

gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

gfs2-kmp-default: before 5.3.18-150200.24.191.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

cluster-md-kmp-default: before 5.3.18-150200.24.191.1

kernel-default-debugsource: before 5.3.18-150200.24.191.1

kernel-default-livepatch-devel: before 5.3.18-150200.24.191.1

kernel-livepatch-5_3_18-150200_24_191-default: before 1-150200.5.3.1

kernel-default-debuginfo: before 5.3.18-150200.24.191.1

kernel-default-livepatch: before 5.3.18-150200.24.191.1

kernel-livepatch-SLE15-SP2_Update_48-debugsource: before 1-150200.5.3.1

kernel-livepatch-5_3_18-150200_24_191-default-debuginfo: before 1-150200.5.3.1

kernel-default: before 5.3.18-150200.24.191.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241650-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

28) Use-after-free

EUVDB-ID: #VU90214

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-26739

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the tcf_mirred_to_dev() function in net/sched/act_mirred.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP2

SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2

SUSE Linux Enterprise High Availability Extension 15: SP2

SUSE Linux Enterprise Server for SAP Applications 15: SP2

SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise Server 15: SP2

SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise High Performance Computing 15: SP2

SUSE Manager Server: 4.1

SUSE Manager Retail Branch Server: 4.1

SUSE Manager Proxy: 4.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

reiserfs-kmp-default: before 5.3.18-150200.24.191.1

kernel-docs: before 5.3.18-150200.24.191.1

kernel-devel: before 5.3.18-150200.24.191.1

kernel-source: before 5.3.18-150200.24.191.1

kernel-macros: before 5.3.18-150200.24.191.1

kernel-preempt-devel: before 5.3.18-150200.24.191.1

kernel-default-devel-debuginfo: before 5.3.18-150200.24.191.1

kernel-preempt-debuginfo: before 5.3.18-150200.24.191.1

kernel-default-devel: before 5.3.18-150200.24.191.1

kernel-obs-build-debugsource: before 5.3.18-150200.24.191.1

kernel-preempt-debugsource: before 5.3.18-150200.24.191.1

kernel-syms: before 5.3.18-150200.24.191.1

kernel-obs-build: before 5.3.18-150200.24.191.1

kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.191.1

kernel-default-base: before 5.3.18-150200.24.191.1.150200.9.97.1

kernel-preempt: before 5.3.18-150200.24.191.1

dlm-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

ocfs2-kmp-default: before 5.3.18-150200.24.191.1

dlm-kmp-default: before 5.3.18-150200.24.191.1

gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

gfs2-kmp-default: before 5.3.18-150200.24.191.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

cluster-md-kmp-default: before 5.3.18-150200.24.191.1

kernel-default-debugsource: before 5.3.18-150200.24.191.1

kernel-default-livepatch-devel: before 5.3.18-150200.24.191.1

kernel-livepatch-5_3_18-150200_24_191-default: before 1-150200.5.3.1

kernel-default-debuginfo: before 5.3.18-150200.24.191.1

kernel-default-livepatch: before 5.3.18-150200.24.191.1

kernel-livepatch-SLE15-SP2_Update_48-debugsource: before 1-150200.5.3.1

kernel-livepatch-5_3_18-150200_24_191-default-debuginfo: before 1-150200.5.3.1

kernel-default: before 5.3.18-150200.24.191.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241650-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

29) NULL pointer dereference

EUVDB-ID: #VU90596

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-26744

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the module_param() function in drivers/infiniband/ulp/srpt/ib_srpt.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP2

SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2

SUSE Linux Enterprise High Availability Extension 15: SP2

SUSE Linux Enterprise Server for SAP Applications 15: SP2

SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise Server 15: SP2

SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise High Performance Computing 15: SP2

SUSE Manager Server: 4.1

SUSE Manager Retail Branch Server: 4.1

SUSE Manager Proxy: 4.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

reiserfs-kmp-default: before 5.3.18-150200.24.191.1

kernel-docs: before 5.3.18-150200.24.191.1

kernel-devel: before 5.3.18-150200.24.191.1

kernel-source: before 5.3.18-150200.24.191.1

kernel-macros: before 5.3.18-150200.24.191.1

kernel-preempt-devel: before 5.3.18-150200.24.191.1

kernel-default-devel-debuginfo: before 5.3.18-150200.24.191.1

kernel-preempt-debuginfo: before 5.3.18-150200.24.191.1

kernel-default-devel: before 5.3.18-150200.24.191.1

kernel-obs-build-debugsource: before 5.3.18-150200.24.191.1

kernel-preempt-debugsource: before 5.3.18-150200.24.191.1

kernel-syms: before 5.3.18-150200.24.191.1

kernel-obs-build: before 5.3.18-150200.24.191.1

kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.191.1

kernel-default-base: before 5.3.18-150200.24.191.1.150200.9.97.1

kernel-preempt: before 5.3.18-150200.24.191.1

dlm-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

ocfs2-kmp-default: before 5.3.18-150200.24.191.1

dlm-kmp-default: before 5.3.18-150200.24.191.1

gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

gfs2-kmp-default: before 5.3.18-150200.24.191.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

cluster-md-kmp-default: before 5.3.18-150200.24.191.1

kernel-default-debugsource: before 5.3.18-150200.24.191.1

kernel-default-livepatch-devel: before 5.3.18-150200.24.191.1

kernel-livepatch-5_3_18-150200_24_191-default: before 1-150200.5.3.1

kernel-default-debuginfo: before 5.3.18-150200.24.191.1

kernel-default-livepatch: before 5.3.18-150200.24.191.1

kernel-livepatch-SLE15-SP2_Update_48-debugsource: before 1-150200.5.3.1

kernel-livepatch-5_3_18-150200_24_191-default-debuginfo: before 1-150200.5.3.1

kernel-default: before 5.3.18-150200.24.191.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241650-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

30) Memory leak

EUVDB-ID: #VU91650

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-26816

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the print_absolute_relocs() function in arch/x86/tools/relocs.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP2

SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2

SUSE Linux Enterprise High Availability Extension 15: SP2

SUSE Linux Enterprise Server for SAP Applications 15: SP2

SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise Server 15: SP2

SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise High Performance Computing 15: SP2

SUSE Manager Server: 4.1

SUSE Manager Retail Branch Server: 4.1

SUSE Manager Proxy: 4.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

reiserfs-kmp-default: before 5.3.18-150200.24.191.1

kernel-docs: before 5.3.18-150200.24.191.1

kernel-devel: before 5.3.18-150200.24.191.1

kernel-source: before 5.3.18-150200.24.191.1

kernel-macros: before 5.3.18-150200.24.191.1

kernel-preempt-devel: before 5.3.18-150200.24.191.1

kernel-default-devel-debuginfo: before 5.3.18-150200.24.191.1

kernel-preempt-debuginfo: before 5.3.18-150200.24.191.1

kernel-default-devel: before 5.3.18-150200.24.191.1

kernel-obs-build-debugsource: before 5.3.18-150200.24.191.1

kernel-preempt-debugsource: before 5.3.18-150200.24.191.1

kernel-syms: before 5.3.18-150200.24.191.1

kernel-obs-build: before 5.3.18-150200.24.191.1

kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.191.1

kernel-default-base: before 5.3.18-150200.24.191.1.150200.9.97.1

kernel-preempt: before 5.3.18-150200.24.191.1

dlm-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

ocfs2-kmp-default: before 5.3.18-150200.24.191.1

dlm-kmp-default: before 5.3.18-150200.24.191.1

gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

gfs2-kmp-default: before 5.3.18-150200.24.191.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

cluster-md-kmp-default: before 5.3.18-150200.24.191.1

kernel-default-debugsource: before 5.3.18-150200.24.191.1

kernel-default-livepatch-devel: before 5.3.18-150200.24.191.1

kernel-livepatch-5_3_18-150200_24_191-default: before 1-150200.5.3.1

kernel-default-debuginfo: before 5.3.18-150200.24.191.1

kernel-default-livepatch: before 5.3.18-150200.24.191.1

kernel-livepatch-SLE15-SP2_Update_48-debugsource: before 1-150200.5.3.1

kernel-livepatch-5_3_18-150200_24_191-default-debuginfo: before 1-150200.5.3.1

kernel-default: before 5.3.18-150200.24.191.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241650-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

31) Memory leak

EUVDB-ID: #VU90005

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-26840

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the kmem_cache_free() and cachefiles_daemon_unbind() functions in fs/cachefiles/bind.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP2

SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2

SUSE Linux Enterprise High Availability Extension 15: SP2

SUSE Linux Enterprise Server for SAP Applications 15: SP2

SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise Server 15: SP2

SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise High Performance Computing 15: SP2

SUSE Manager Server: 4.1

SUSE Manager Retail Branch Server: 4.1

SUSE Manager Proxy: 4.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

reiserfs-kmp-default: before 5.3.18-150200.24.191.1

kernel-docs: before 5.3.18-150200.24.191.1

kernel-devel: before 5.3.18-150200.24.191.1

kernel-source: before 5.3.18-150200.24.191.1

kernel-macros: before 5.3.18-150200.24.191.1

kernel-preempt-devel: before 5.3.18-150200.24.191.1

kernel-default-devel-debuginfo: before 5.3.18-150200.24.191.1

kernel-preempt-debuginfo: before 5.3.18-150200.24.191.1

kernel-default-devel: before 5.3.18-150200.24.191.1

kernel-obs-build-debugsource: before 5.3.18-150200.24.191.1

kernel-preempt-debugsource: before 5.3.18-150200.24.191.1

kernel-syms: before 5.3.18-150200.24.191.1

kernel-obs-build: before 5.3.18-150200.24.191.1

kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.191.1

kernel-default-base: before 5.3.18-150200.24.191.1.150200.9.97.1

kernel-preempt: before 5.3.18-150200.24.191.1

dlm-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

ocfs2-kmp-default: before 5.3.18-150200.24.191.1

dlm-kmp-default: before 5.3.18-150200.24.191.1

gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

gfs2-kmp-default: before 5.3.18-150200.24.191.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

cluster-md-kmp-default: before 5.3.18-150200.24.191.1

kernel-default-debugsource: before 5.3.18-150200.24.191.1

kernel-default-livepatch-devel: before 5.3.18-150200.24.191.1

kernel-livepatch-5_3_18-150200_24_191-default: before 1-150200.5.3.1

kernel-default-debuginfo: before 5.3.18-150200.24.191.1

kernel-default-livepatch: before 5.3.18-150200.24.191.1

kernel-livepatch-SLE15-SP2_Update_48-debugsource: before 1-150200.5.3.1

kernel-livepatch-5_3_18-150200_24_191-default-debuginfo: before 1-150200.5.3.1

kernel-default: before 5.3.18-150200.24.191.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241650-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

32) Use-after-free

EUVDB-ID: #VU90194

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-26852

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the ip6_route_multipath_add() and list_for_each_entry_safe() functions in net/ipv6/route.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP2

SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2

SUSE Linux Enterprise High Availability Extension 15: SP2

SUSE Linux Enterprise Server for SAP Applications 15: SP2

SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise Server 15: SP2

SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise High Performance Computing 15: SP2

SUSE Manager Server: 4.1

SUSE Manager Retail Branch Server: 4.1

SUSE Manager Proxy: 4.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

reiserfs-kmp-default: before 5.3.18-150200.24.191.1

kernel-docs: before 5.3.18-150200.24.191.1

kernel-devel: before 5.3.18-150200.24.191.1

kernel-source: before 5.3.18-150200.24.191.1

kernel-macros: before 5.3.18-150200.24.191.1

kernel-preempt-devel: before 5.3.18-150200.24.191.1

kernel-default-devel-debuginfo: before 5.3.18-150200.24.191.1

kernel-preempt-debuginfo: before 5.3.18-150200.24.191.1

kernel-default-devel: before 5.3.18-150200.24.191.1

kernel-obs-build-debugsource: before 5.3.18-150200.24.191.1

kernel-preempt-debugsource: before 5.3.18-150200.24.191.1

kernel-syms: before 5.3.18-150200.24.191.1

kernel-obs-build: before 5.3.18-150200.24.191.1

kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.191.1

kernel-default-base: before 5.3.18-150200.24.191.1.150200.9.97.1

kernel-preempt: before 5.3.18-150200.24.191.1

dlm-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

ocfs2-kmp-default: before 5.3.18-150200.24.191.1

dlm-kmp-default: before 5.3.18-150200.24.191.1

gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

gfs2-kmp-default: before 5.3.18-150200.24.191.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

cluster-md-kmp-default: before 5.3.18-150200.24.191.1

kernel-default-debugsource: before 5.3.18-150200.24.191.1

kernel-default-livepatch-devel: before 5.3.18-150200.24.191.1

kernel-livepatch-5_3_18-150200_24_191-default: before 1-150200.5.3.1

kernel-default-debuginfo: before 5.3.18-150200.24.191.1

kernel-default-livepatch: before 5.3.18-150200.24.191.1

kernel-livepatch-SLE15-SP2_Update_48-debugsource: before 1-150200.5.3.1

kernel-livepatch-5_3_18-150200_24_191-default-debuginfo: before 1-150200.5.3.1

kernel-default: before 5.3.18-150200.24.191.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241650-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

33) Race condition within a thread

EUVDB-ID: #VU91434

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-26862

CWE-ID: CWE-366 - Race Condition within a Thread

Exploit availability: No

Description

The vulnerability allows a local user to manipulate data.

The vulnerability exists due to a data race within the packet_setsockopt() and packet_getsockopt() functions in net/packet/af_packet.c, within the dev_queue_xmit_nit() function in net/core/dev.c. A local user can manipulate data.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP2

SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2

SUSE Linux Enterprise High Availability Extension 15: SP2

SUSE Linux Enterprise Server for SAP Applications 15: SP2

SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise Server 15: SP2

SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise High Performance Computing 15: SP2

SUSE Manager Server: 4.1

SUSE Manager Retail Branch Server: 4.1

SUSE Manager Proxy: 4.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

reiserfs-kmp-default: before 5.3.18-150200.24.191.1

kernel-docs: before 5.3.18-150200.24.191.1

kernel-devel: before 5.3.18-150200.24.191.1

kernel-source: before 5.3.18-150200.24.191.1

kernel-macros: before 5.3.18-150200.24.191.1

kernel-preempt-devel: before 5.3.18-150200.24.191.1

kernel-default-devel-debuginfo: before 5.3.18-150200.24.191.1

kernel-preempt-debuginfo: before 5.3.18-150200.24.191.1

kernel-default-devel: before 5.3.18-150200.24.191.1

kernel-obs-build-debugsource: before 5.3.18-150200.24.191.1

kernel-preempt-debugsource: before 5.3.18-150200.24.191.1

kernel-syms: before 5.3.18-150200.24.191.1

kernel-obs-build: before 5.3.18-150200.24.191.1

kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.191.1

kernel-default-base: before 5.3.18-150200.24.191.1.150200.9.97.1

kernel-preempt: before 5.3.18-150200.24.191.1

dlm-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

ocfs2-kmp-default: before 5.3.18-150200.24.191.1

dlm-kmp-default: before 5.3.18-150200.24.191.1

gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

gfs2-kmp-default: before 5.3.18-150200.24.191.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

cluster-md-kmp-default: before 5.3.18-150200.24.191.1

kernel-default-debugsource: before 5.3.18-150200.24.191.1

kernel-default-livepatch-devel: before 5.3.18-150200.24.191.1

kernel-livepatch-5_3_18-150200_24_191-default: before 1-150200.5.3.1

kernel-default-debuginfo: before 5.3.18-150200.24.191.1

kernel-default-livepatch: before 5.3.18-150200.24.191.1

kernel-livepatch-SLE15-SP2_Update_48-debugsource: before 1-150200.5.3.1

kernel-livepatch-5_3_18-150200_24_191-default-debuginfo: before 1-150200.5.3.1

kernel-default: before 5.3.18-150200.24.191.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241650-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

34) Use-after-free

EUVDB-ID: #VU90197

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-26898

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the tx() function in drivers/block/aoe/aoenet.c, within the aoecmd_cfg_pkts() function in drivers/block/aoe/aoecmd.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP2

SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2

SUSE Linux Enterprise High Availability Extension 15: SP2

SUSE Linux Enterprise Server for SAP Applications 15: SP2

SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise Server 15: SP2

SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise High Performance Computing 15: SP2

SUSE Manager Server: 4.1

SUSE Manager Retail Branch Server: 4.1

SUSE Manager Proxy: 4.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

reiserfs-kmp-default: before 5.3.18-150200.24.191.1

kernel-docs: before 5.3.18-150200.24.191.1

kernel-devel: before 5.3.18-150200.24.191.1

kernel-source: before 5.3.18-150200.24.191.1

kernel-macros: before 5.3.18-150200.24.191.1

kernel-preempt-devel: before 5.3.18-150200.24.191.1

kernel-default-devel-debuginfo: before 5.3.18-150200.24.191.1

kernel-preempt-debuginfo: before 5.3.18-150200.24.191.1

kernel-default-devel: before 5.3.18-150200.24.191.1

kernel-obs-build-debugsource: before 5.3.18-150200.24.191.1

kernel-preempt-debugsource: before 5.3.18-150200.24.191.1

kernel-syms: before 5.3.18-150200.24.191.1

kernel-obs-build: before 5.3.18-150200.24.191.1

kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.191.1

kernel-default-base: before 5.3.18-150200.24.191.1.150200.9.97.1

kernel-preempt: before 5.3.18-150200.24.191.1

dlm-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

ocfs2-kmp-default: before 5.3.18-150200.24.191.1

dlm-kmp-default: before 5.3.18-150200.24.191.1

gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

gfs2-kmp-default: before 5.3.18-150200.24.191.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

cluster-md-kmp-default: before 5.3.18-150200.24.191.1

kernel-default-debugsource: before 5.3.18-150200.24.191.1

kernel-default-livepatch-devel: before 5.3.18-150200.24.191.1

kernel-livepatch-5_3_18-150200_24_191-default: before 1-150200.5.3.1

kernel-default-debuginfo: before 5.3.18-150200.24.191.1

kernel-default-livepatch: before 5.3.18-150200.24.191.1

kernel-livepatch-SLE15-SP2_Update_48-debugsource: before 1-150200.5.3.1

kernel-livepatch-5_3_18-150200_24_191-default-debuginfo: before 1-150200.5.3.1

kernel-default: before 5.3.18-150200.24.191.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241650-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

35) NULL pointer dereference

EUVDB-ID: #VU92070

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-26903

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the rfcomm_process_rx() function in net/bluetooth/rfcomm/core.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP2

SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2

SUSE Linux Enterprise High Availability Extension 15: SP2

SUSE Linux Enterprise Server for SAP Applications 15: SP2

SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise Server 15: SP2

SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise High Performance Computing 15: SP2

SUSE Manager Server: 4.1

SUSE Manager Retail Branch Server: 4.1

SUSE Manager Proxy: 4.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

reiserfs-kmp-default: before 5.3.18-150200.24.191.1

kernel-docs: before 5.3.18-150200.24.191.1

kernel-devel: before 5.3.18-150200.24.191.1

kernel-source: before 5.3.18-150200.24.191.1

kernel-macros: before 5.3.18-150200.24.191.1

kernel-preempt-devel: before 5.3.18-150200.24.191.1

kernel-default-devel-debuginfo: before 5.3.18-150200.24.191.1

kernel-preempt-debuginfo: before 5.3.18-150200.24.191.1

kernel-default-devel: before 5.3.18-150200.24.191.1

kernel-obs-build-debugsource: before 5.3.18-150200.24.191.1

kernel-preempt-debugsource: before 5.3.18-150200.24.191.1

kernel-syms: before 5.3.18-150200.24.191.1

kernel-obs-build: before 5.3.18-150200.24.191.1

kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.191.1

kernel-default-base: before 5.3.18-150200.24.191.1.150200.9.97.1

kernel-preempt: before 5.3.18-150200.24.191.1

dlm-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

ocfs2-kmp-default: before 5.3.18-150200.24.191.1

dlm-kmp-default: before 5.3.18-150200.24.191.1

gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

gfs2-kmp-default: before 5.3.18-150200.24.191.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

cluster-md-kmp-default: before 5.3.18-150200.24.191.1

kernel-default-debugsource: before 5.3.18-150200.24.191.1

kernel-default-livepatch-devel: before 5.3.18-150200.24.191.1

kernel-livepatch-5_3_18-150200_24_191-default: before 1-150200.5.3.1

kernel-default-debuginfo: before 5.3.18-150200.24.191.1

kernel-default-livepatch: before 5.3.18-150200.24.191.1

kernel-livepatch-SLE15-SP2_Update_48-debugsource: before 1-150200.5.3.1

kernel-livepatch-5_3_18-150200_24_191-default-debuginfo: before 1-150200.5.3.1

kernel-default: before 5.3.18-150200.24.191.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241650-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

36) Improper error handling

EUVDB-ID: #VU92944

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-26906

CWE-ID: CWE-388 - Error Handling

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the copy_from_kernel_nofault_allowed() function in arch/x86/mm/maccess.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP2

SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2

SUSE Linux Enterprise High Availability Extension 15: SP2

SUSE Linux Enterprise Server for SAP Applications 15: SP2

SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise Server 15: SP2

SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise High Performance Computing 15: SP2

SUSE Manager Server: 4.1

SUSE Manager Retail Branch Server: 4.1

SUSE Manager Proxy: 4.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

reiserfs-kmp-default: before 5.3.18-150200.24.191.1

kernel-docs: before 5.3.18-150200.24.191.1

kernel-devel: before 5.3.18-150200.24.191.1

kernel-source: before 5.3.18-150200.24.191.1

kernel-macros: before 5.3.18-150200.24.191.1

kernel-preempt-devel: before 5.3.18-150200.24.191.1

kernel-default-devel-debuginfo: before 5.3.18-150200.24.191.1

kernel-preempt-debuginfo: before 5.3.18-150200.24.191.1

kernel-default-devel: before 5.3.18-150200.24.191.1

kernel-obs-build-debugsource: before 5.3.18-150200.24.191.1

kernel-preempt-debugsource: before 5.3.18-150200.24.191.1

kernel-syms: before 5.3.18-150200.24.191.1

kernel-obs-build: before 5.3.18-150200.24.191.1

kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.191.1

kernel-default-base: before 5.3.18-150200.24.191.1.150200.9.97.1

kernel-preempt: before 5.3.18-150200.24.191.1

dlm-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

ocfs2-kmp-default: before 5.3.18-150200.24.191.1

dlm-kmp-default: before 5.3.18-150200.24.191.1

gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

gfs2-kmp-default: before 5.3.18-150200.24.191.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

cluster-md-kmp-default: before 5.3.18-150200.24.191.1

kernel-default-debugsource: before 5.3.18-150200.24.191.1

kernel-default-livepatch-devel: before 5.3.18-150200.24.191.1

kernel-livepatch-5_3_18-150200_24_191-default: before 1-150200.5.3.1

kernel-default-debuginfo: before 5.3.18-150200.24.191.1

kernel-default-livepatch: before 5.3.18-150200.24.191.1

kernel-livepatch-SLE15-SP2_Update_48-debugsource: before 1-150200.5.3.1

kernel-livepatch-5_3_18-150200_24_191-default-debuginfo: before 1-150200.5.3.1

kernel-default: before 5.3.18-150200.24.191.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241650-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

37) Use-after-free

EUVDB-ID: #VU90178

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-27043

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the dvb_register_device() function in drivers/media/dvb-core/dvbdev.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP2

SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2

SUSE Linux Enterprise High Availability Extension 15: SP2

SUSE Linux Enterprise Server for SAP Applications 15: SP2

SUSE Linux Enterprise Server 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise Server 15: SP2

SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS: 15-SP2

SUSE Linux Enterprise High Performance Computing 15: SP2

SUSE Manager Server: 4.1

SUSE Manager Retail Branch Server: 4.1

SUSE Manager Proxy: 4.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

reiserfs-kmp-default: before 5.3.18-150200.24.191.1

kernel-docs: before 5.3.18-150200.24.191.1

kernel-devel: before 5.3.18-150200.24.191.1

kernel-source: before 5.3.18-150200.24.191.1

kernel-macros: before 5.3.18-150200.24.191.1

kernel-preempt-devel: before 5.3.18-150200.24.191.1

kernel-default-devel-debuginfo: before 5.3.18-150200.24.191.1

kernel-preempt-debuginfo: before 5.3.18-150200.24.191.1

kernel-default-devel: before 5.3.18-150200.24.191.1

kernel-obs-build-debugsource: before 5.3.18-150200.24.191.1

kernel-preempt-debugsource: before 5.3.18-150200.24.191.1

kernel-syms: before 5.3.18-150200.24.191.1

kernel-obs-build: before 5.3.18-150200.24.191.1

kernel-preempt-devel-debuginfo: before 5.3.18-150200.24.191.1

kernel-default-base: before 5.3.18-150200.24.191.1.150200.9.97.1

kernel-preempt: before 5.3.18-150200.24.191.1

dlm-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

ocfs2-kmp-default: before 5.3.18-150200.24.191.1

dlm-kmp-default: before 5.3.18-150200.24.191.1

gfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

gfs2-kmp-default: before 5.3.18-150200.24.191.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150200.24.191.1

cluster-md-kmp-default: before 5.3.18-150200.24.191.1

kernel-default-debugsource: before 5.3.18-150200.24.191.1

kernel-default-livepatch-devel: before 5.3.18-150200.24.191.1

kernel-livepatch-5_3_18-150200_24_191-default: before 1-150200.5.3.1

kernel-default-debuginfo: before 5.3.18-150200.24.191.1

kernel-default-livepatch: before 5.3.18-150200.24.191.1

kernel-livepatch-SLE15-SP2_Update_48-debugsource: before 1-150200.5.3.1

kernel-livepatch-5_3_18-150200_24_191-default-debuginfo: before 1-150200.5.3.1

kernel-default: before 5.3.18-150200.24.191.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2024/suse-su-20241650-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###