SUSE update for the Linux Kernel



Risk Medium
Patch available YES
Number of vulnerabilities 48
CVE-ID CVE-2021-46955
CVE-2021-47041
CVE-2021-47074
CVE-2021-47113
CVE-2021-47131
CVE-2021-47184
CVE-2021-47185
CVE-2021-47194
CVE-2021-47198
CVE-2021-47201
CVE-2021-47202
CVE-2021-47203
CVE-2021-47206
CVE-2021-47207
CVE-2021-47212
CVE-2021-47216
CVE-2022-48631
CVE-2022-48638
CVE-2022-48650
CVE-2022-48651
CVE-2022-48654
CVE-2022-48672
CVE-2022-48686
CVE-2022-48687
CVE-2022-48693
CVE-2022-48695
CVE-2022-48701
CVE-2022-48702
CVE-2023-2860
CVE-2023-6270
CVE-2024-0639
CVE-2024-0841
CVE-2024-22099
CVE-2024-23307
CVE-2024-26610
CVE-2024-26688
CVE-2024-26689
CVE-2024-26733
CVE-2024-26739
CVE-2024-26744
CVE-2024-26816
CVE-2024-26840
CVE-2024-26852
CVE-2024-26862
CVE-2024-26898
CVE-2024-26903
CVE-2024-26906
CVE-2024-27043
CWE-ID CWE-125
CWE-667
CWE-401
CWE-399
CWE-416
CWE-476
CWE-665
CWE-119
CWE-388
CWE-20
CWE-193
CWE-200
CWE-190
CWE-366
Exploitation vector Network
Public exploit N/A
Vulnerable software
 SUSE Linux Enterprise Live Patching
Operating systems & Components / Operating system

SUSE Linux Enterprise Micro for Rancher
Operating systems & Components / Operating system

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux
Operating systems & Components / Operating system

SUSE Linux Enterprise High Availability Extension 15
Operating systems & Components / Operating system

SUSE Linux Enterprise Server for SAP Applications 15
Operating systems & Components / Operating system

SUSE Linux Enterprise Server 15 SP3 LTSS
Operating systems & Components / Operating system

SUSE Linux Enterprise Server 15
Operating systems & Components / Operating system

SUSE Linux Enterprise High Performance Computing LTSS 15
Operating systems & Components / Operating system

SUSE Linux Enterprise High Performance Computing 15
Operating systems & Components / Operating system

SUSE Enterprise Storage
Operating systems & Components / Operating system

SUSE Manager Retail Branch Server
Operating systems & Components / Operating system

SUSE Linux Enterprise Micro
Operating systems & Components / Operating system

openSUSE Leap
Operating systems & Components / Operating system

SUSE Manager Server
Operating systems & Components / Operating system

SUSE Manager Proxy
Operating systems & Components / Operating system

kernel-64kb
Operating systems & Components / Operating system package or component

dtb-marvell
Operating systems & Components / Operating system package or component

dtb-exynos
Operating systems & Components / Operating system package or component

kernel-64kb-debuginfo
Operating systems & Components / Operating system package or component

dtb-mediatek
Operating systems & Components / Operating system package or component

dtb-apm
Operating systems & Components / Operating system package or component

dtb-broadcom
Operating systems & Components / Operating system package or component

ocfs2-kmp-64kb-debuginfo
Operating systems & Components / Operating system package or component

dtb-renesas
Operating systems & Components / Operating system package or component

kernel-64kb-devel
Operating systems & Components / Operating system package or component

dlm-kmp-64kb-debuginfo
Operating systems & Components / Operating system package or component

dtb-amlogic
Operating systems & Components / Operating system package or component

kernel-64kb-optional-debuginfo
Operating systems & Components / Operating system package or component

kernel-64kb-extra
Operating systems & Components / Operating system package or component

dtb-rockchip
Operating systems & Components / Operating system package or component

dtb-sprd
Operating systems & Components / Operating system package or component

dtb-cavium
Operating systems & Components / Operating system package or component

gfs2-kmp-64kb
Operating systems & Components / Operating system package or component

kernel-64kb-debugsource
Operating systems & Components / Operating system package or component

dtb-allwinner
Operating systems & Components / Operating system package or component

dtb-freescale
Operating systems & Components / Operating system package or component

dtb-zte
Operating systems & Components / Operating system package or component

kernel-64kb-livepatch-devel
Operating systems & Components / Operating system package or component

dtb-xilinx
Operating systems & Components / Operating system package or component

kselftests-kmp-64kb
Operating systems & Components / Operating system package or component

reiserfs-kmp-64kb
Operating systems & Components / Operating system package or component

dtb-hisilicon
Operating systems & Components / Operating system package or component

reiserfs-kmp-64kb-debuginfo
Operating systems & Components / Operating system package or component

dtb-al
Operating systems & Components / Operating system package or component

dtb-lg
Operating systems & Components / Operating system package or component

kernel-64kb-extra-debuginfo
Operating systems & Components / Operating system package or component

cluster-md-kmp-64kb-debuginfo
Operating systems & Components / Operating system package or component

dtb-qcom
Operating systems & Components / Operating system package or component

dtb-arm
Operating systems & Components / Operating system package or component

dtb-altera
Operating systems & Components / Operating system package or component

dtb-amd
Operating systems & Components / Operating system package or component

dtb-socionext
Operating systems & Components / Operating system package or component

dtb-nvidia
Operating systems & Components / Operating system package or component

kernel-64kb-devel-debuginfo
Operating systems & Components / Operating system package or component

cluster-md-kmp-64kb
Operating systems & Components / Operating system package or component

gfs2-kmp-64kb-debuginfo
Operating systems & Components / Operating system package or component

dlm-kmp-64kb
Operating systems & Components / Operating system package or component

ocfs2-kmp-64kb
Operating systems & Components / Operating system package or component

kernel-64kb-optional
Operating systems & Components / Operating system package or component

kselftests-kmp-64kb-debuginfo
Operating systems & Components / Operating system package or component

dtb-aarch64
Operating systems & Components / Operating system package or component

kernel-zfcpdump-debugsource
Operating systems & Components / Operating system package or component

kernel-zfcpdump-debuginfo
Operating systems & Components / Operating system package or component

kernel-zfcpdump
Operating systems & Components / Operating system package or component

kernel-preempt
Operating systems & Components / Operating system package or component

dlm-kmp-preempt
Operating systems & Components / Operating system package or component

reiserfs-kmp-preempt
Operating systems & Components / Operating system package or component

kernel-preempt-optional-debuginfo
Operating systems & Components / Operating system package or component

kselftests-kmp-preempt
Operating systems & Components / Operating system package or component

kernel-preempt-debugsource
Operating systems & Components / Operating system package or component

kernel-preempt-debuginfo
Operating systems & Components / Operating system package or component

cluster-md-kmp-preempt
Operating systems & Components / Operating system package or component

kselftests-kmp-preempt-debuginfo
Operating systems & Components / Operating system package or component

gfs2-kmp-preempt-debuginfo
Operating systems & Components / Operating system package or component

ocfs2-kmp-preempt-debuginfo
Operating systems & Components / Operating system package or component

kernel-preempt-devel-debuginfo
Operating systems & Components / Operating system package or component

reiserfs-kmp-preempt-debuginfo
Operating systems & Components / Operating system package or component

kernel-preempt-extra-debuginfo
Operating systems & Components / Operating system package or component

cluster-md-kmp-preempt-debuginfo
Operating systems & Components / Operating system package or component

kernel-preempt-extra
Operating systems & Components / Operating system package or component

gfs2-kmp-preempt
Operating systems & Components / Operating system package or component

dlm-kmp-preempt-debuginfo
Operating systems & Components / Operating system package or component

ocfs2-kmp-preempt
Operating systems & Components / Operating system package or component

kernel-preempt-optional
Operating systems & Components / Operating system package or component

kernel-preempt-devel
Operating systems & Components / Operating system package or component

kernel-preempt-livepatch-devel
Operating systems & Components / Operating system package or component

kernel-livepatch-5_3_18-150300_59_161-preempt-debuginfo
Operating systems & Components / Operating system package or component

kernel-livepatch-5_3_18-150300_59_161-preempt
Operating systems & Components / Operating system package or component

kernel-livepatch-5_3_18-150300_59_161-default-debuginfo
Operating systems & Components / Operating system package or component

kernel-livepatch-SLE15-SP3_Update_44-debugsource
Operating systems & Components / Operating system package or component

kernel-livepatch-5_3_18-150300_59_161-default
Operating systems & Components / Operating system package or component

kernel-default
Operating systems & Components / Operating system package or component

dlm-kmp-default-debuginfo
Operating systems & Components / Operating system package or component

kernel-default-optional-debuginfo
Operating systems & Components / Operating system package or component

kernel-default-devel-debuginfo
Operating systems & Components / Operating system package or component

kernel-obs-qa
Operating systems & Components / Operating system package or component

kernel-obs-build
Operating systems & Components / Operating system package or component

ocfs2-kmp-default-debuginfo
Operating systems & Components / Operating system package or component

kselftests-kmp-default
Operating systems & Components / Operating system package or component

dlm-kmp-default
Operating systems & Components / Operating system package or component

kselftests-kmp-default-debuginfo
Operating systems & Components / Operating system package or component

kernel-default-extra-debuginfo
Operating systems & Components / Operating system package or component

kernel-default-livepatch
Operating systems & Components / Operating system package or component

kernel-default-extra
Operating systems & Components / Operating system package or component

kernel-default-optional
Operating systems & Components / Operating system package or component

kernel-default-debuginfo
Operating systems & Components / Operating system package or component

gfs2-kmp-default-debuginfo
Operating systems & Components / Operating system package or component

cluster-md-kmp-default
Operating systems & Components / Operating system package or component

cluster-md-kmp-default-debuginfo
Operating systems & Components / Operating system package or component

kernel-default-debugsource
Operating systems & Components / Operating system package or component

ocfs2-kmp-default
Operating systems & Components / Operating system package or component

kernel-default-base-rebuild
Operating systems & Components / Operating system package or component

reiserfs-kmp-default
Operating systems & Components / Operating system package or component

kernel-syms
Operating systems & Components / Operating system package or component

kernel-obs-build-debugsource
Operating systems & Components / Operating system package or component

kernel-default-livepatch-devel
Operating systems & Components / Operating system package or component

reiserfs-kmp-default-debuginfo
Operating systems & Components / Operating system package or component

gfs2-kmp-default
Operating systems & Components / Operating system package or component

kernel-default-base
Operating systems & Components / Operating system package or component

kernel-default-devel
Operating systems & Components / Operating system package or component

kernel-debug-debugsource
Operating systems & Components / Operating system package or component

kernel-kvmsmall-debugsource
Operating systems & Components / Operating system package or component

kernel-kvmsmall-livepatch-devel
Operating systems & Components / Operating system package or component

kernel-debug-devel
Operating systems & Components / Operating system package or component

kernel-kvmsmall-debuginfo
Operating systems & Components / Operating system package or component

kernel-debug-debuginfo
Operating systems & Components / Operating system package or component

kernel-kvmsmall-devel-debuginfo
Operating systems & Components / Operating system package or component

kernel-debug-devel-debuginfo
Operating systems & Components / Operating system package or component

kernel-kvmsmall-devel
Operating systems & Components / Operating system package or component

kernel-debug-livepatch-devel
Operating systems & Components / Operating system package or component

kernel-debug
Operating systems & Components / Operating system package or component

kernel-kvmsmall
Operating systems & Components / Operating system package or component

kernel-source
Operating systems & Components / Operating system package or component

kernel-source-vanilla
Operating systems & Components / Operating system package or component

kernel-devel
Operating systems & Components / Operating system package or component

kernel-docs-html
Operating systems & Components / Operating system package or component

kernel-macros
Operating systems & Components / Operating system package or component

kernel-docs
Operating systems & Components / Operating system package or component

Vendor SUSE

Security Bulletin

This security bulletin contains information about 48 vulnerabilities.

1) Out-of-bounds read

EUVDB-ID: #VU88889

Risk: Medium

CVSSv3.1: 4.2 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-46955

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition within the ovs_fragment() function in net/openvswitch/actions.c when running openvswitch on kernels built with KASAN. A remote attacker can send specially crafted IPv4 packets to the system, trigger an out-of-bounds read error and read contents of memory on the system or crash the kernel.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.161.1

dtb-marvell: before 5.3.18-150300.59.161.1

dtb-exynos: before 5.3.18-150300.59.161.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-mediatek: before 5.3.18-150300.59.161.1

dtb-apm: before 5.3.18-150300.59.161.1

dtb-broadcom: before 5.3.18-150300.59.161.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-renesas: before 5.3.18-150300.59.161.1

kernel-64kb-devel: before 5.3.18-150300.59.161.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-amlogic: before 5.3.18-150300.59.161.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.161.1

kernel-64kb-extra: before 5.3.18-150300.59.161.1

dtb-rockchip: before 5.3.18-150300.59.161.1

dtb-sprd: before 5.3.18-150300.59.161.1

dtb-cavium: before 5.3.18-150300.59.161.1

gfs2-kmp-64kb: before 5.3.18-150300.59.161.1

kernel-64kb-debugsource: before 5.3.18-150300.59.161.1

dtb-allwinner: before 5.3.18-150300.59.161.1

dtb-freescale: before 5.3.18-150300.59.161.1

dtb-zte: before 5.3.18-150300.59.161.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.161.1

dtb-xilinx: before 5.3.18-150300.59.161.1

kselftests-kmp-64kb: before 5.3.18-150300.59.161.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.161.1

dtb-hisilicon: before 5.3.18-150300.59.161.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-al: before 5.3.18-150300.59.161.1

dtb-lg: before 5.3.18-150300.59.161.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-qcom: before 5.3.18-150300.59.161.1

dtb-arm: before 5.3.18-150300.59.161.1

dtb-altera: before 5.3.18-150300.59.161.1

dtb-amd: before 5.3.18-150300.59.161.1

dtb-socionext: before 5.3.18-150300.59.161.1

dtb-nvidia: before 5.3.18-150300.59.161.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.161.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dlm-kmp-64kb: before 5.3.18-150300.59.161.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.161.1

kernel-64kb-optional: before 5.3.18-150300.59.161.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-aarch64: before 5.3.18-150300.59.161.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.161.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.161.1

kernel-zfcpdump: before 5.3.18-150300.59.161.1

kernel-preempt: before 5.3.18-150300.59.161.1

dlm-kmp-preempt: before 5.3.18-150300.59.161.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.161.1

kselftests-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-debugsource: before 5.3.18-150300.59.161.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.161.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.161.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-extra: before 5.3.18-150300.59.161.1

gfs2-kmp-preempt: before 5.3.18-150300.59.161.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-optional: before 5.3.18-150300.59.161.1

kernel-preempt-devel: before 5.3.18-150300.59.161.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-livepatch-5_3_18-150300_59_161-preempt-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-preempt: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-default-debuginfo: before 1-150300.7.3.1

kernel-livepatch-SLE15-SP3_Update_44-debugsource: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-default: before 1-150300.7.3.1

kernel-default: before 5.3.18-150300.59.161.1

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-obs-qa: before 5.3.18-150300.59.161.1

kernel-obs-build: before 5.3.18-150300.59.161.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kselftests-kmp-default: before 5.3.18-150300.59.161.1

dlm-kmp-default: before 5.3.18-150300.59.161.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-livepatch: before 5.3.18-150300.59.161.1

kernel-default-extra: before 5.3.18-150300.59.161.1

kernel-default-optional: before 5.3.18-150300.59.161.1

kernel-default-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-default: before 5.3.18-150300.59.161.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-debugsource: before 5.3.18-150300.59.161.1

ocfs2-kmp-default: before 5.3.18-150300.59.161.1

kernel-default-base-rebuild: before 5.3.18-150300.59.161.1.150300.18.94.1

reiserfs-kmp-default: before 5.3.18-150300.59.161.1

kernel-syms: before 5.3.18-150300.59.161.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.161.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.161.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-default: before 5.3.18-150300.59.161.1

kernel-default-base: before 5.3.18-150300.59.161.1.150300.18.94.1

kernel-default-devel: before 5.3.18-150300.59.161.1

kernel-debug-debugsource: before 5.3.18-150300.59.161.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.161.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-debug-devel: before 5.3.18-150300.59.161.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.161.1

kernel-debug-debuginfo: before 5.3.18-150300.59.161.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.161.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-debug: before 5.3.18-150300.59.161.1

kernel-kvmsmall: before 5.3.18-150300.59.161.1

kernel-source: before 5.3.18-150300.59.161.1

kernel-source-vanilla: before 5.3.18-150300.59.161.1

kernel-devel: before 5.3.18-150300.59.161.1

kernel-docs-html: before 5.3.18-150300.59.161.2

kernel-macros: before 5.3.18-150300.59.161.1

kernel-docs: before 5.3.18-150300.59.161.2

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241642-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Improper locking

EUVDB-ID: #VU89745

Risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47041

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the nvmet_tcp_state_change() function in drivers/nvme/target/tcp.c. An remote attacker can send specially crafted packets to the system and perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.161.1

dtb-marvell: before 5.3.18-150300.59.161.1

dtb-exynos: before 5.3.18-150300.59.161.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-mediatek: before 5.3.18-150300.59.161.1

dtb-apm: before 5.3.18-150300.59.161.1

dtb-broadcom: before 5.3.18-150300.59.161.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-renesas: before 5.3.18-150300.59.161.1

kernel-64kb-devel: before 5.3.18-150300.59.161.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-amlogic: before 5.3.18-150300.59.161.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.161.1

kernel-64kb-extra: before 5.3.18-150300.59.161.1

dtb-rockchip: before 5.3.18-150300.59.161.1

dtb-sprd: before 5.3.18-150300.59.161.1

dtb-cavium: before 5.3.18-150300.59.161.1

gfs2-kmp-64kb: before 5.3.18-150300.59.161.1

kernel-64kb-debugsource: before 5.3.18-150300.59.161.1

dtb-allwinner: before 5.3.18-150300.59.161.1

dtb-freescale: before 5.3.18-150300.59.161.1

dtb-zte: before 5.3.18-150300.59.161.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.161.1

dtb-xilinx: before 5.3.18-150300.59.161.1

kselftests-kmp-64kb: before 5.3.18-150300.59.161.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.161.1

dtb-hisilicon: before 5.3.18-150300.59.161.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-al: before 5.3.18-150300.59.161.1

dtb-lg: before 5.3.18-150300.59.161.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-qcom: before 5.3.18-150300.59.161.1

dtb-arm: before 5.3.18-150300.59.161.1

dtb-altera: before 5.3.18-150300.59.161.1

dtb-amd: before 5.3.18-150300.59.161.1

dtb-socionext: before 5.3.18-150300.59.161.1

dtb-nvidia: before 5.3.18-150300.59.161.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.161.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dlm-kmp-64kb: before 5.3.18-150300.59.161.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.161.1

kernel-64kb-optional: before 5.3.18-150300.59.161.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-aarch64: before 5.3.18-150300.59.161.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.161.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.161.1

kernel-zfcpdump: before 5.3.18-150300.59.161.1

kernel-preempt: before 5.3.18-150300.59.161.1

dlm-kmp-preempt: before 5.3.18-150300.59.161.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.161.1

kselftests-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-debugsource: before 5.3.18-150300.59.161.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.161.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.161.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-extra: before 5.3.18-150300.59.161.1

gfs2-kmp-preempt: before 5.3.18-150300.59.161.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-optional: before 5.3.18-150300.59.161.1

kernel-preempt-devel: before 5.3.18-150300.59.161.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-livepatch-5_3_18-150300_59_161-preempt-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-preempt: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-default-debuginfo: before 1-150300.7.3.1

kernel-livepatch-SLE15-SP3_Update_44-debugsource: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-default: before 1-150300.7.3.1

kernel-default: before 5.3.18-150300.59.161.1

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-obs-qa: before 5.3.18-150300.59.161.1

kernel-obs-build: before 5.3.18-150300.59.161.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kselftests-kmp-default: before 5.3.18-150300.59.161.1

dlm-kmp-default: before 5.3.18-150300.59.161.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-livepatch: before 5.3.18-150300.59.161.1

kernel-default-extra: before 5.3.18-150300.59.161.1

kernel-default-optional: before 5.3.18-150300.59.161.1

kernel-default-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-default: before 5.3.18-150300.59.161.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-debugsource: before 5.3.18-150300.59.161.1

ocfs2-kmp-default: before 5.3.18-150300.59.161.1

kernel-default-base-rebuild: before 5.3.18-150300.59.161.1.150300.18.94.1

reiserfs-kmp-default: before 5.3.18-150300.59.161.1

kernel-syms: before 5.3.18-150300.59.161.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.161.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.161.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-default: before 5.3.18-150300.59.161.1

kernel-default-base: before 5.3.18-150300.59.161.1.150300.18.94.1

kernel-default-devel: before 5.3.18-150300.59.161.1

kernel-debug-debugsource: before 5.3.18-150300.59.161.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.161.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-debug-devel: before 5.3.18-150300.59.161.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.161.1

kernel-debug-debuginfo: before 5.3.18-150300.59.161.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.161.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-debug: before 5.3.18-150300.59.161.1

kernel-kvmsmall: before 5.3.18-150300.59.161.1

kernel-source: before 5.3.18-150300.59.161.1

kernel-source-vanilla: before 5.3.18-150300.59.161.1

kernel-devel: before 5.3.18-150300.59.161.1

kernel-docs-html: before 5.3.18-150300.59.161.2

kernel-macros: before 5.3.18-150300.59.161.1

kernel-docs: before 5.3.18-150300.59.161.2

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241642-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Memory leak

EUVDB-ID: #VU90027

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47074

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the nvme_loop_create_ctrl() function in drivers/nvme/target/loop.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.161.1

dtb-marvell: before 5.3.18-150300.59.161.1

dtb-exynos: before 5.3.18-150300.59.161.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-mediatek: before 5.3.18-150300.59.161.1

dtb-apm: before 5.3.18-150300.59.161.1

dtb-broadcom: before 5.3.18-150300.59.161.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-renesas: before 5.3.18-150300.59.161.1

kernel-64kb-devel: before 5.3.18-150300.59.161.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-amlogic: before 5.3.18-150300.59.161.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.161.1

kernel-64kb-extra: before 5.3.18-150300.59.161.1

dtb-rockchip: before 5.3.18-150300.59.161.1

dtb-sprd: before 5.3.18-150300.59.161.1

dtb-cavium: before 5.3.18-150300.59.161.1

gfs2-kmp-64kb: before 5.3.18-150300.59.161.1

kernel-64kb-debugsource: before 5.3.18-150300.59.161.1

dtb-allwinner: before 5.3.18-150300.59.161.1

dtb-freescale: before 5.3.18-150300.59.161.1

dtb-zte: before 5.3.18-150300.59.161.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.161.1

dtb-xilinx: before 5.3.18-150300.59.161.1

kselftests-kmp-64kb: before 5.3.18-150300.59.161.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.161.1

dtb-hisilicon: before 5.3.18-150300.59.161.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-al: before 5.3.18-150300.59.161.1

dtb-lg: before 5.3.18-150300.59.161.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-qcom: before 5.3.18-150300.59.161.1

dtb-arm: before 5.3.18-150300.59.161.1

dtb-altera: before 5.3.18-150300.59.161.1

dtb-amd: before 5.3.18-150300.59.161.1

dtb-socionext: before 5.3.18-150300.59.161.1

dtb-nvidia: before 5.3.18-150300.59.161.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.161.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dlm-kmp-64kb: before 5.3.18-150300.59.161.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.161.1

kernel-64kb-optional: before 5.3.18-150300.59.161.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-aarch64: before 5.3.18-150300.59.161.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.161.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.161.1

kernel-zfcpdump: before 5.3.18-150300.59.161.1

kernel-preempt: before 5.3.18-150300.59.161.1

dlm-kmp-preempt: before 5.3.18-150300.59.161.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.161.1

kselftests-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-debugsource: before 5.3.18-150300.59.161.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.161.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.161.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-extra: before 5.3.18-150300.59.161.1

gfs2-kmp-preempt: before 5.3.18-150300.59.161.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-optional: before 5.3.18-150300.59.161.1

kernel-preempt-devel: before 5.3.18-150300.59.161.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-livepatch-5_3_18-150300_59_161-preempt-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-preempt: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-default-debuginfo: before 1-150300.7.3.1

kernel-livepatch-SLE15-SP3_Update_44-debugsource: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-default: before 1-150300.7.3.1

kernel-default: before 5.3.18-150300.59.161.1

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-obs-qa: before 5.3.18-150300.59.161.1

kernel-obs-build: before 5.3.18-150300.59.161.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kselftests-kmp-default: before 5.3.18-150300.59.161.1

dlm-kmp-default: before 5.3.18-150300.59.161.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-livepatch: before 5.3.18-150300.59.161.1

kernel-default-extra: before 5.3.18-150300.59.161.1

kernel-default-optional: before 5.3.18-150300.59.161.1

kernel-default-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-default: before 5.3.18-150300.59.161.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-debugsource: before 5.3.18-150300.59.161.1

ocfs2-kmp-default: before 5.3.18-150300.59.161.1

kernel-default-base-rebuild: before 5.3.18-150300.59.161.1.150300.18.94.1

reiserfs-kmp-default: before 5.3.18-150300.59.161.1

kernel-syms: before 5.3.18-150300.59.161.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.161.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.161.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-default: before 5.3.18-150300.59.161.1

kernel-default-base: before 5.3.18-150300.59.161.1.150300.18.94.1

kernel-default-devel: before 5.3.18-150300.59.161.1

kernel-debug-debugsource: before 5.3.18-150300.59.161.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.161.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-debug-devel: before 5.3.18-150300.59.161.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.161.1

kernel-debug-debuginfo: before 5.3.18-150300.59.161.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.161.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-debug: before 5.3.18-150300.59.161.1

kernel-kvmsmall: before 5.3.18-150300.59.161.1

kernel-source: before 5.3.18-150300.59.161.1

kernel-source-vanilla: before 5.3.18-150300.59.161.1

kernel-devel: before 5.3.18-150300.59.161.1

kernel-docs-html: before 5.3.18-150300.59.161.2

kernel-macros: before 5.3.18-150300.59.161.1

kernel-docs: before 5.3.18-150300.59.161.2

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241642-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Resource management error

EUVDB-ID: #VU89258

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47113

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper management of internal resources within the btrfs_rename_exchange() function in fs/btrfs/inode.c. A local user can corrupt the filesystem and perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.161.1

dtb-marvell: before 5.3.18-150300.59.161.1

dtb-exynos: before 5.3.18-150300.59.161.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-mediatek: before 5.3.18-150300.59.161.1

dtb-apm: before 5.3.18-150300.59.161.1

dtb-broadcom: before 5.3.18-150300.59.161.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-renesas: before 5.3.18-150300.59.161.1

kernel-64kb-devel: before 5.3.18-150300.59.161.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-amlogic: before 5.3.18-150300.59.161.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.161.1

kernel-64kb-extra: before 5.3.18-150300.59.161.1

dtb-rockchip: before 5.3.18-150300.59.161.1

dtb-sprd: before 5.3.18-150300.59.161.1

dtb-cavium: before 5.3.18-150300.59.161.1

gfs2-kmp-64kb: before 5.3.18-150300.59.161.1

kernel-64kb-debugsource: before 5.3.18-150300.59.161.1

dtb-allwinner: before 5.3.18-150300.59.161.1

dtb-freescale: before 5.3.18-150300.59.161.1

dtb-zte: before 5.3.18-150300.59.161.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.161.1

dtb-xilinx: before 5.3.18-150300.59.161.1

kselftests-kmp-64kb: before 5.3.18-150300.59.161.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.161.1

dtb-hisilicon: before 5.3.18-150300.59.161.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-al: before 5.3.18-150300.59.161.1

dtb-lg: before 5.3.18-150300.59.161.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-qcom: before 5.3.18-150300.59.161.1

dtb-arm: before 5.3.18-150300.59.161.1

dtb-altera: before 5.3.18-150300.59.161.1

dtb-amd: before 5.3.18-150300.59.161.1

dtb-socionext: before 5.3.18-150300.59.161.1

dtb-nvidia: before 5.3.18-150300.59.161.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.161.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dlm-kmp-64kb: before 5.3.18-150300.59.161.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.161.1

kernel-64kb-optional: before 5.3.18-150300.59.161.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-aarch64: before 5.3.18-150300.59.161.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.161.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.161.1

kernel-zfcpdump: before 5.3.18-150300.59.161.1

kernel-preempt: before 5.3.18-150300.59.161.1

dlm-kmp-preempt: before 5.3.18-150300.59.161.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.161.1

kselftests-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-debugsource: before 5.3.18-150300.59.161.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.161.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.161.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-extra: before 5.3.18-150300.59.161.1

gfs2-kmp-preempt: before 5.3.18-150300.59.161.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-optional: before 5.3.18-150300.59.161.1

kernel-preempt-devel: before 5.3.18-150300.59.161.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-livepatch-5_3_18-150300_59_161-preempt-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-preempt: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-default-debuginfo: before 1-150300.7.3.1

kernel-livepatch-SLE15-SP3_Update_44-debugsource: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-default: before 1-150300.7.3.1

kernel-default: before 5.3.18-150300.59.161.1

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-obs-qa: before 5.3.18-150300.59.161.1

kernel-obs-build: before 5.3.18-150300.59.161.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kselftests-kmp-default: before 5.3.18-150300.59.161.1

dlm-kmp-default: before 5.3.18-150300.59.161.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-livepatch: before 5.3.18-150300.59.161.1

kernel-default-extra: before 5.3.18-150300.59.161.1

kernel-default-optional: before 5.3.18-150300.59.161.1

kernel-default-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-default: before 5.3.18-150300.59.161.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-debugsource: before 5.3.18-150300.59.161.1

ocfs2-kmp-default: before 5.3.18-150300.59.161.1

kernel-default-base-rebuild: before 5.3.18-150300.59.161.1.150300.18.94.1

reiserfs-kmp-default: before 5.3.18-150300.59.161.1

kernel-syms: before 5.3.18-150300.59.161.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.161.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.161.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-default: before 5.3.18-150300.59.161.1

kernel-default-base: before 5.3.18-150300.59.161.1.150300.18.94.1

kernel-default-devel: before 5.3.18-150300.59.161.1

kernel-debug-debugsource: before 5.3.18-150300.59.161.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.161.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-debug-devel: before 5.3.18-150300.59.161.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.161.1

kernel-debug-debuginfo: before 5.3.18-150300.59.161.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.161.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-debug: before 5.3.18-150300.59.161.1

kernel-kvmsmall: before 5.3.18-150300.59.161.1

kernel-source: before 5.3.18-150300.59.161.1

kernel-source-vanilla: before 5.3.18-150300.59.161.1

kernel-devel: before 5.3.18-150300.59.161.1

kernel-docs-html: before 5.3.18-150300.59.161.2

kernel-macros: before 5.3.18-150300.59.161.1

kernel-docs: before 5.3.18-150300.59.161.2

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241642-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Use-after-free

EUVDB-ID: #VU90223

Risk: Low

CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47131

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the tls_ctx_create() function in net/tls/tls_main.c, within the tls_validate_xmit_skb() function in net/tls/tls_device_fallback.c, within the tls_device_gc_task(), tls_device_rx_resync_new_rec(), tls_device_decrypted() and tls_device_down() functions in net/tls/tls_device.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.161.1

dtb-marvell: before 5.3.18-150300.59.161.1

dtb-exynos: before 5.3.18-150300.59.161.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-mediatek: before 5.3.18-150300.59.161.1

dtb-apm: before 5.3.18-150300.59.161.1

dtb-broadcom: before 5.3.18-150300.59.161.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-renesas: before 5.3.18-150300.59.161.1

kernel-64kb-devel: before 5.3.18-150300.59.161.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-amlogic: before 5.3.18-150300.59.161.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.161.1

kernel-64kb-extra: before 5.3.18-150300.59.161.1

dtb-rockchip: before 5.3.18-150300.59.161.1

dtb-sprd: before 5.3.18-150300.59.161.1

dtb-cavium: before 5.3.18-150300.59.161.1

gfs2-kmp-64kb: before 5.3.18-150300.59.161.1

kernel-64kb-debugsource: before 5.3.18-150300.59.161.1

dtb-allwinner: before 5.3.18-150300.59.161.1

dtb-freescale: before 5.3.18-150300.59.161.1

dtb-zte: before 5.3.18-150300.59.161.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.161.1

dtb-xilinx: before 5.3.18-150300.59.161.1

kselftests-kmp-64kb: before 5.3.18-150300.59.161.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.161.1

dtb-hisilicon: before 5.3.18-150300.59.161.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-al: before 5.3.18-150300.59.161.1

dtb-lg: before 5.3.18-150300.59.161.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-qcom: before 5.3.18-150300.59.161.1

dtb-arm: before 5.3.18-150300.59.161.1

dtb-altera: before 5.3.18-150300.59.161.1

dtb-amd: before 5.3.18-150300.59.161.1

dtb-socionext: before 5.3.18-150300.59.161.1

dtb-nvidia: before 5.3.18-150300.59.161.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.161.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dlm-kmp-64kb: before 5.3.18-150300.59.161.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.161.1

kernel-64kb-optional: before 5.3.18-150300.59.161.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-aarch64: before 5.3.18-150300.59.161.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.161.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.161.1

kernel-zfcpdump: before 5.3.18-150300.59.161.1

kernel-preempt: before 5.3.18-150300.59.161.1

dlm-kmp-preempt: before 5.3.18-150300.59.161.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.161.1

kselftests-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-debugsource: before 5.3.18-150300.59.161.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.161.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.161.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-extra: before 5.3.18-150300.59.161.1

gfs2-kmp-preempt: before 5.3.18-150300.59.161.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-optional: before 5.3.18-150300.59.161.1

kernel-preempt-devel: before 5.3.18-150300.59.161.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-livepatch-5_3_18-150300_59_161-preempt-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-preempt: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-default-debuginfo: before 1-150300.7.3.1

kernel-livepatch-SLE15-SP3_Update_44-debugsource: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-default: before 1-150300.7.3.1

kernel-default: before 5.3.18-150300.59.161.1

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-obs-qa: before 5.3.18-150300.59.161.1

kernel-obs-build: before 5.3.18-150300.59.161.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kselftests-kmp-default: before 5.3.18-150300.59.161.1

dlm-kmp-default: before 5.3.18-150300.59.161.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-livepatch: before 5.3.18-150300.59.161.1

kernel-default-extra: before 5.3.18-150300.59.161.1

kernel-default-optional: before 5.3.18-150300.59.161.1

kernel-default-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-default: before 5.3.18-150300.59.161.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-debugsource: before 5.3.18-150300.59.161.1

ocfs2-kmp-default: before 5.3.18-150300.59.161.1

kernel-default-base-rebuild: before 5.3.18-150300.59.161.1.150300.18.94.1

reiserfs-kmp-default: before 5.3.18-150300.59.161.1

kernel-syms: before 5.3.18-150300.59.161.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.161.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.161.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-default: before 5.3.18-150300.59.161.1

kernel-default-base: before 5.3.18-150300.59.161.1.150300.18.94.1

kernel-default-devel: before 5.3.18-150300.59.161.1

kernel-debug-debugsource: before 5.3.18-150300.59.161.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.161.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-debug-devel: before 5.3.18-150300.59.161.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.161.1

kernel-debug-debuginfo: before 5.3.18-150300.59.161.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.161.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-debug: before 5.3.18-150300.59.161.1

kernel-kvmsmall: before 5.3.18-150300.59.161.1

kernel-source: before 5.3.18-150300.59.161.1

kernel-source-vanilla: before 5.3.18-150300.59.161.1

kernel-devel: before 5.3.18-150300.59.161.1

kernel-docs-html: before 5.3.18-150300.59.161.2

kernel-macros: before 5.3.18-150300.59.161.1

kernel-docs: before 5.3.18-150300.59.161.2

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241642-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) NULL pointer dereference

EUVDB-ID: #VU90587

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47184

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the i40e_sync_filters_subtask() and i40e_vsi_release() functions in drivers/net/ethernet/intel/i40e/i40e_main.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.161.1

dtb-marvell: before 5.3.18-150300.59.161.1

dtb-exynos: before 5.3.18-150300.59.161.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-mediatek: before 5.3.18-150300.59.161.1

dtb-apm: before 5.3.18-150300.59.161.1

dtb-broadcom: before 5.3.18-150300.59.161.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-renesas: before 5.3.18-150300.59.161.1

kernel-64kb-devel: before 5.3.18-150300.59.161.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-amlogic: before 5.3.18-150300.59.161.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.161.1

kernel-64kb-extra: before 5.3.18-150300.59.161.1

dtb-rockchip: before 5.3.18-150300.59.161.1

dtb-sprd: before 5.3.18-150300.59.161.1

dtb-cavium: before 5.3.18-150300.59.161.1

gfs2-kmp-64kb: before 5.3.18-150300.59.161.1

kernel-64kb-debugsource: before 5.3.18-150300.59.161.1

dtb-allwinner: before 5.3.18-150300.59.161.1

dtb-freescale: before 5.3.18-150300.59.161.1

dtb-zte: before 5.3.18-150300.59.161.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.161.1

dtb-xilinx: before 5.3.18-150300.59.161.1

kselftests-kmp-64kb: before 5.3.18-150300.59.161.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.161.1

dtb-hisilicon: before 5.3.18-150300.59.161.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-al: before 5.3.18-150300.59.161.1

dtb-lg: before 5.3.18-150300.59.161.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-qcom: before 5.3.18-150300.59.161.1

dtb-arm: before 5.3.18-150300.59.161.1

dtb-altera: before 5.3.18-150300.59.161.1

dtb-amd: before 5.3.18-150300.59.161.1

dtb-socionext: before 5.3.18-150300.59.161.1

dtb-nvidia: before 5.3.18-150300.59.161.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.161.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dlm-kmp-64kb: before 5.3.18-150300.59.161.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.161.1

kernel-64kb-optional: before 5.3.18-150300.59.161.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-aarch64: before 5.3.18-150300.59.161.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.161.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.161.1

kernel-zfcpdump: before 5.3.18-150300.59.161.1

kernel-preempt: before 5.3.18-150300.59.161.1

dlm-kmp-preempt: before 5.3.18-150300.59.161.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.161.1

kselftests-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-debugsource: before 5.3.18-150300.59.161.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.161.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.161.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-extra: before 5.3.18-150300.59.161.1

gfs2-kmp-preempt: before 5.3.18-150300.59.161.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-optional: before 5.3.18-150300.59.161.1

kernel-preempt-devel: before 5.3.18-150300.59.161.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-livepatch-5_3_18-150300_59_161-preempt-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-preempt: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-default-debuginfo: before 1-150300.7.3.1

kernel-livepatch-SLE15-SP3_Update_44-debugsource: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-default: before 1-150300.7.3.1

kernel-default: before 5.3.18-150300.59.161.1

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-obs-qa: before 5.3.18-150300.59.161.1

kernel-obs-build: before 5.3.18-150300.59.161.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kselftests-kmp-default: before 5.3.18-150300.59.161.1

dlm-kmp-default: before 5.3.18-150300.59.161.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-livepatch: before 5.3.18-150300.59.161.1

kernel-default-extra: before 5.3.18-150300.59.161.1

kernel-default-optional: before 5.3.18-150300.59.161.1

kernel-default-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-default: before 5.3.18-150300.59.161.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-debugsource: before 5.3.18-150300.59.161.1

ocfs2-kmp-default: before 5.3.18-150300.59.161.1

kernel-default-base-rebuild: before 5.3.18-150300.59.161.1.150300.18.94.1

reiserfs-kmp-default: before 5.3.18-150300.59.161.1

kernel-syms: before 5.3.18-150300.59.161.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.161.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.161.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-default: before 5.3.18-150300.59.161.1

kernel-default-base: before 5.3.18-150300.59.161.1.150300.18.94.1

kernel-default-devel: before 5.3.18-150300.59.161.1

kernel-debug-debugsource: before 5.3.18-150300.59.161.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.161.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-debug-devel: before 5.3.18-150300.59.161.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.161.1

kernel-debug-debuginfo: before 5.3.18-150300.59.161.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.161.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-debug: before 5.3.18-150300.59.161.1

kernel-kvmsmall: before 5.3.18-150300.59.161.1

kernel-source: before 5.3.18-150300.59.161.1

kernel-source-vanilla: before 5.3.18-150300.59.161.1

kernel-devel: before 5.3.18-150300.59.161.1

kernel-docs-html: before 5.3.18-150300.59.161.2

kernel-macros: before 5.3.18-150300.59.161.1

kernel-docs: before 5.3.18-150300.59.161.2

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241642-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Improper locking

EUVDB-ID: #VU91528

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47185

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the flush_to_ldisc() function in drivers/tty/tty_buffer.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.161.1

dtb-marvell: before 5.3.18-150300.59.161.1

dtb-exynos: before 5.3.18-150300.59.161.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-mediatek: before 5.3.18-150300.59.161.1

dtb-apm: before 5.3.18-150300.59.161.1

dtb-broadcom: before 5.3.18-150300.59.161.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-renesas: before 5.3.18-150300.59.161.1

kernel-64kb-devel: before 5.3.18-150300.59.161.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-amlogic: before 5.3.18-150300.59.161.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.161.1

kernel-64kb-extra: before 5.3.18-150300.59.161.1

dtb-rockchip: before 5.3.18-150300.59.161.1

dtb-sprd: before 5.3.18-150300.59.161.1

dtb-cavium: before 5.3.18-150300.59.161.1

gfs2-kmp-64kb: before 5.3.18-150300.59.161.1

kernel-64kb-debugsource: before 5.3.18-150300.59.161.1

dtb-allwinner: before 5.3.18-150300.59.161.1

dtb-freescale: before 5.3.18-150300.59.161.1

dtb-zte: before 5.3.18-150300.59.161.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.161.1

dtb-xilinx: before 5.3.18-150300.59.161.1

kselftests-kmp-64kb: before 5.3.18-150300.59.161.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.161.1

dtb-hisilicon: before 5.3.18-150300.59.161.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-al: before 5.3.18-150300.59.161.1

dtb-lg: before 5.3.18-150300.59.161.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-qcom: before 5.3.18-150300.59.161.1

dtb-arm: before 5.3.18-150300.59.161.1

dtb-altera: before 5.3.18-150300.59.161.1

dtb-amd: before 5.3.18-150300.59.161.1

dtb-socionext: before 5.3.18-150300.59.161.1

dtb-nvidia: before 5.3.18-150300.59.161.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.161.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dlm-kmp-64kb: before 5.3.18-150300.59.161.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.161.1

kernel-64kb-optional: before 5.3.18-150300.59.161.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-aarch64: before 5.3.18-150300.59.161.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.161.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.161.1

kernel-zfcpdump: before 5.3.18-150300.59.161.1

kernel-preempt: before 5.3.18-150300.59.161.1

dlm-kmp-preempt: before 5.3.18-150300.59.161.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.161.1

kselftests-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-debugsource: before 5.3.18-150300.59.161.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.161.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.161.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-extra: before 5.3.18-150300.59.161.1

gfs2-kmp-preempt: before 5.3.18-150300.59.161.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-optional: before 5.3.18-150300.59.161.1

kernel-preempt-devel: before 5.3.18-150300.59.161.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-livepatch-5_3_18-150300_59_161-preempt-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-preempt: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-default-debuginfo: before 1-150300.7.3.1

kernel-livepatch-SLE15-SP3_Update_44-debugsource: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-default: before 1-150300.7.3.1

kernel-default: before 5.3.18-150300.59.161.1

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-obs-qa: before 5.3.18-150300.59.161.1

kernel-obs-build: before 5.3.18-150300.59.161.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kselftests-kmp-default: before 5.3.18-150300.59.161.1

dlm-kmp-default: before 5.3.18-150300.59.161.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-livepatch: before 5.3.18-150300.59.161.1

kernel-default-extra: before 5.3.18-150300.59.161.1

kernel-default-optional: before 5.3.18-150300.59.161.1

kernel-default-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-default: before 5.3.18-150300.59.161.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-debugsource: before 5.3.18-150300.59.161.1

ocfs2-kmp-default: before 5.3.18-150300.59.161.1

kernel-default-base-rebuild: before 5.3.18-150300.59.161.1.150300.18.94.1

reiserfs-kmp-default: before 5.3.18-150300.59.161.1

kernel-syms: before 5.3.18-150300.59.161.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.161.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.161.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-default: before 5.3.18-150300.59.161.1

kernel-default-base: before 5.3.18-150300.59.161.1.150300.18.94.1

kernel-default-devel: before 5.3.18-150300.59.161.1

kernel-debug-debugsource: before 5.3.18-150300.59.161.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.161.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-debug-devel: before 5.3.18-150300.59.161.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.161.1

kernel-debug-debuginfo: before 5.3.18-150300.59.161.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.161.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-debug: before 5.3.18-150300.59.161.1

kernel-kvmsmall: before 5.3.18-150300.59.161.1

kernel-source: before 5.3.18-150300.59.161.1

kernel-source-vanilla: before 5.3.18-150300.59.161.1

kernel-devel: before 5.3.18-150300.59.161.1

kernel-docs-html: before 5.3.18-150300.59.161.2

kernel-macros: before 5.3.18-150300.59.161.1

kernel-docs: before 5.3.18-150300.59.161.2

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241642-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) Improper initialization

EUVDB-ID: #VU92392

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47194

CWE-ID: CWE-665 - Improper Initialization

Exploit availability: No

Description

The vulnerability allows a local user to execute arbitrary code.

The vulnerability exists due to improper initialization error within the cfg80211_change_iface() function in net/wireless/util.c. A local user can execute arbitrary code.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.161.1

dtb-marvell: before 5.3.18-150300.59.161.1

dtb-exynos: before 5.3.18-150300.59.161.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-mediatek: before 5.3.18-150300.59.161.1

dtb-apm: before 5.3.18-150300.59.161.1

dtb-broadcom: before 5.3.18-150300.59.161.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-renesas: before 5.3.18-150300.59.161.1

kernel-64kb-devel: before 5.3.18-150300.59.161.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-amlogic: before 5.3.18-150300.59.161.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.161.1

kernel-64kb-extra: before 5.3.18-150300.59.161.1

dtb-rockchip: before 5.3.18-150300.59.161.1

dtb-sprd: before 5.3.18-150300.59.161.1

dtb-cavium: before 5.3.18-150300.59.161.1

gfs2-kmp-64kb: before 5.3.18-150300.59.161.1

kernel-64kb-debugsource: before 5.3.18-150300.59.161.1

dtb-allwinner: before 5.3.18-150300.59.161.1

dtb-freescale: before 5.3.18-150300.59.161.1

dtb-zte: before 5.3.18-150300.59.161.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.161.1

dtb-xilinx: before 5.3.18-150300.59.161.1

kselftests-kmp-64kb: before 5.3.18-150300.59.161.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.161.1

dtb-hisilicon: before 5.3.18-150300.59.161.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-al: before 5.3.18-150300.59.161.1

dtb-lg: before 5.3.18-150300.59.161.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-qcom: before 5.3.18-150300.59.161.1

dtb-arm: before 5.3.18-150300.59.161.1

dtb-altera: before 5.3.18-150300.59.161.1

dtb-amd: before 5.3.18-150300.59.161.1

dtb-socionext: before 5.3.18-150300.59.161.1

dtb-nvidia: before 5.3.18-150300.59.161.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.161.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dlm-kmp-64kb: before 5.3.18-150300.59.161.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.161.1

kernel-64kb-optional: before 5.3.18-150300.59.161.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-aarch64: before 5.3.18-150300.59.161.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.161.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.161.1

kernel-zfcpdump: before 5.3.18-150300.59.161.1

kernel-preempt: before 5.3.18-150300.59.161.1

dlm-kmp-preempt: before 5.3.18-150300.59.161.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.161.1

kselftests-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-debugsource: before 5.3.18-150300.59.161.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.161.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.161.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-extra: before 5.3.18-150300.59.161.1

gfs2-kmp-preempt: before 5.3.18-150300.59.161.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-optional: before 5.3.18-150300.59.161.1

kernel-preempt-devel: before 5.3.18-150300.59.161.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-livepatch-5_3_18-150300_59_161-preempt-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-preempt: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-default-debuginfo: before 1-150300.7.3.1

kernel-livepatch-SLE15-SP3_Update_44-debugsource: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-default: before 1-150300.7.3.1

kernel-default: before 5.3.18-150300.59.161.1

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-obs-qa: before 5.3.18-150300.59.161.1

kernel-obs-build: before 5.3.18-150300.59.161.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kselftests-kmp-default: before 5.3.18-150300.59.161.1

dlm-kmp-default: before 5.3.18-150300.59.161.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-livepatch: before 5.3.18-150300.59.161.1

kernel-default-extra: before 5.3.18-150300.59.161.1

kernel-default-optional: before 5.3.18-150300.59.161.1

kernel-default-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-default: before 5.3.18-150300.59.161.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-debugsource: before 5.3.18-150300.59.161.1

ocfs2-kmp-default: before 5.3.18-150300.59.161.1

kernel-default-base-rebuild: before 5.3.18-150300.59.161.1.150300.18.94.1

reiserfs-kmp-default: before 5.3.18-150300.59.161.1

kernel-syms: before 5.3.18-150300.59.161.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.161.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.161.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-default: before 5.3.18-150300.59.161.1

kernel-default-base: before 5.3.18-150300.59.161.1.150300.18.94.1

kernel-default-devel: before 5.3.18-150300.59.161.1

kernel-debug-debugsource: before 5.3.18-150300.59.161.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.161.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-debug-devel: before 5.3.18-150300.59.161.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.161.1

kernel-debug-debuginfo: before 5.3.18-150300.59.161.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.161.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-debug: before 5.3.18-150300.59.161.1

kernel-kvmsmall: before 5.3.18-150300.59.161.1

kernel-source: before 5.3.18-150300.59.161.1

kernel-source-vanilla: before 5.3.18-150300.59.161.1

kernel-devel: before 5.3.18-150300.59.161.1

kernel-docs-html: before 5.3.18-150300.59.161.2

kernel-macros: before 5.3.18-150300.59.161.1

kernel-docs: before 5.3.18-150300.59.161.2

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241642-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

9) Use-after-free

EUVDB-ID: #VU90208

Risk: Low

CVSSv3.1: 6.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47198

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the lpfc_mbx_cmpl_fc_reg_login() function in drivers/scsi/lpfc/lpfc_hbadisc.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.161.1

dtb-marvell: before 5.3.18-150300.59.161.1

dtb-exynos: before 5.3.18-150300.59.161.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-mediatek: before 5.3.18-150300.59.161.1

dtb-apm: before 5.3.18-150300.59.161.1

dtb-broadcom: before 5.3.18-150300.59.161.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-renesas: before 5.3.18-150300.59.161.1

kernel-64kb-devel: before 5.3.18-150300.59.161.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-amlogic: before 5.3.18-150300.59.161.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.161.1

kernel-64kb-extra: before 5.3.18-150300.59.161.1

dtb-rockchip: before 5.3.18-150300.59.161.1

dtb-sprd: before 5.3.18-150300.59.161.1

dtb-cavium: before 5.3.18-150300.59.161.1

gfs2-kmp-64kb: before 5.3.18-150300.59.161.1

kernel-64kb-debugsource: before 5.3.18-150300.59.161.1

dtb-allwinner: before 5.3.18-150300.59.161.1

dtb-freescale: before 5.3.18-150300.59.161.1

dtb-zte: before 5.3.18-150300.59.161.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.161.1

dtb-xilinx: before 5.3.18-150300.59.161.1

kselftests-kmp-64kb: before 5.3.18-150300.59.161.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.161.1

dtb-hisilicon: before 5.3.18-150300.59.161.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-al: before 5.3.18-150300.59.161.1

dtb-lg: before 5.3.18-150300.59.161.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-qcom: before 5.3.18-150300.59.161.1

dtb-arm: before 5.3.18-150300.59.161.1

dtb-altera: before 5.3.18-150300.59.161.1

dtb-amd: before 5.3.18-150300.59.161.1

dtb-socionext: before 5.3.18-150300.59.161.1

dtb-nvidia: before 5.3.18-150300.59.161.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.161.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dlm-kmp-64kb: before 5.3.18-150300.59.161.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.161.1

kernel-64kb-optional: before 5.3.18-150300.59.161.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-aarch64: before 5.3.18-150300.59.161.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.161.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.161.1

kernel-zfcpdump: before 5.3.18-150300.59.161.1

kernel-preempt: before 5.3.18-150300.59.161.1

dlm-kmp-preempt: before 5.3.18-150300.59.161.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.161.1

kselftests-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-debugsource: before 5.3.18-150300.59.161.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.161.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.161.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-extra: before 5.3.18-150300.59.161.1

gfs2-kmp-preempt: before 5.3.18-150300.59.161.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-optional: before 5.3.18-150300.59.161.1

kernel-preempt-devel: before 5.3.18-150300.59.161.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-livepatch-5_3_18-150300_59_161-preempt-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-preempt: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-default-debuginfo: before 1-150300.7.3.1

kernel-livepatch-SLE15-SP3_Update_44-debugsource: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-default: before 1-150300.7.3.1

kernel-default: before 5.3.18-150300.59.161.1

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-obs-qa: before 5.3.18-150300.59.161.1

kernel-obs-build: before 5.3.18-150300.59.161.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kselftests-kmp-default: before 5.3.18-150300.59.161.1

dlm-kmp-default: before 5.3.18-150300.59.161.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-livepatch: before 5.3.18-150300.59.161.1

kernel-default-extra: before 5.3.18-150300.59.161.1

kernel-default-optional: before 5.3.18-150300.59.161.1

kernel-default-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-default: before 5.3.18-150300.59.161.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-debugsource: before 5.3.18-150300.59.161.1

ocfs2-kmp-default: before 5.3.18-150300.59.161.1

kernel-default-base-rebuild: before 5.3.18-150300.59.161.1.150300.18.94.1

reiserfs-kmp-default: before 5.3.18-150300.59.161.1

kernel-syms: before 5.3.18-150300.59.161.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.161.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.161.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-default: before 5.3.18-150300.59.161.1

kernel-default-base: before 5.3.18-150300.59.161.1.150300.18.94.1

kernel-default-devel: before 5.3.18-150300.59.161.1

kernel-debug-debugsource: before 5.3.18-150300.59.161.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.161.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-debug-devel: before 5.3.18-150300.59.161.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.161.1

kernel-debug-debuginfo: before 5.3.18-150300.59.161.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.161.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-debug: before 5.3.18-150300.59.161.1

kernel-kvmsmall: before 5.3.18-150300.59.161.1

kernel-source: before 5.3.18-150300.59.161.1

kernel-source-vanilla: before 5.3.18-150300.59.161.1

kernel-devel: before 5.3.18-150300.59.161.1

kernel-docs-html: before 5.3.18-150300.59.161.2

kernel-macros: before 5.3.18-150300.59.161.1

kernel-docs: before 5.3.18-150300.59.161.2

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241642-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

10) Resource management error

EUVDB-ID: #VU92971

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47201

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the iavf_disable_vf() function in drivers/net/ethernet/intel/iavf/iavf_main.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.161.1

dtb-marvell: before 5.3.18-150300.59.161.1

dtb-exynos: before 5.3.18-150300.59.161.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-mediatek: before 5.3.18-150300.59.161.1

dtb-apm: before 5.3.18-150300.59.161.1

dtb-broadcom: before 5.3.18-150300.59.161.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-renesas: before 5.3.18-150300.59.161.1

kernel-64kb-devel: before 5.3.18-150300.59.161.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-amlogic: before 5.3.18-150300.59.161.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.161.1

kernel-64kb-extra: before 5.3.18-150300.59.161.1

dtb-rockchip: before 5.3.18-150300.59.161.1

dtb-sprd: before 5.3.18-150300.59.161.1

dtb-cavium: before 5.3.18-150300.59.161.1

gfs2-kmp-64kb: before 5.3.18-150300.59.161.1

kernel-64kb-debugsource: before 5.3.18-150300.59.161.1

dtb-allwinner: before 5.3.18-150300.59.161.1

dtb-freescale: before 5.3.18-150300.59.161.1

dtb-zte: before 5.3.18-150300.59.161.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.161.1

dtb-xilinx: before 5.3.18-150300.59.161.1

kselftests-kmp-64kb: before 5.3.18-150300.59.161.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.161.1

dtb-hisilicon: before 5.3.18-150300.59.161.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-al: before 5.3.18-150300.59.161.1

dtb-lg: before 5.3.18-150300.59.161.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-qcom: before 5.3.18-150300.59.161.1

dtb-arm: before 5.3.18-150300.59.161.1

dtb-altera: before 5.3.18-150300.59.161.1

dtb-amd: before 5.3.18-150300.59.161.1

dtb-socionext: before 5.3.18-150300.59.161.1

dtb-nvidia: before 5.3.18-150300.59.161.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.161.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dlm-kmp-64kb: before 5.3.18-150300.59.161.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.161.1

kernel-64kb-optional: before 5.3.18-150300.59.161.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-aarch64: before 5.3.18-150300.59.161.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.161.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.161.1

kernel-zfcpdump: before 5.3.18-150300.59.161.1

kernel-preempt: before 5.3.18-150300.59.161.1

dlm-kmp-preempt: before 5.3.18-150300.59.161.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.161.1

kselftests-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-debugsource: before 5.3.18-150300.59.161.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.161.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.161.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-extra: before 5.3.18-150300.59.161.1

gfs2-kmp-preempt: before 5.3.18-150300.59.161.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-optional: before 5.3.18-150300.59.161.1

kernel-preempt-devel: before 5.3.18-150300.59.161.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-livepatch-5_3_18-150300_59_161-preempt-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-preempt: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-default-debuginfo: before 1-150300.7.3.1

kernel-livepatch-SLE15-SP3_Update_44-debugsource: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-default: before 1-150300.7.3.1

kernel-default: before 5.3.18-150300.59.161.1

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-obs-qa: before 5.3.18-150300.59.161.1

kernel-obs-build: before 5.3.18-150300.59.161.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kselftests-kmp-default: before 5.3.18-150300.59.161.1

dlm-kmp-default: before 5.3.18-150300.59.161.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-livepatch: before 5.3.18-150300.59.161.1

kernel-default-extra: before 5.3.18-150300.59.161.1

kernel-default-optional: before 5.3.18-150300.59.161.1

kernel-default-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-default: before 5.3.18-150300.59.161.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-debugsource: before 5.3.18-150300.59.161.1

ocfs2-kmp-default: before 5.3.18-150300.59.161.1

kernel-default-base-rebuild: before 5.3.18-150300.59.161.1.150300.18.94.1

reiserfs-kmp-default: before 5.3.18-150300.59.161.1

kernel-syms: before 5.3.18-150300.59.161.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.161.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.161.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-default: before 5.3.18-150300.59.161.1

kernel-default-base: before 5.3.18-150300.59.161.1.150300.18.94.1

kernel-default-devel: before 5.3.18-150300.59.161.1

kernel-debug-debugsource: before 5.3.18-150300.59.161.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.161.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-debug-devel: before 5.3.18-150300.59.161.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.161.1

kernel-debug-debuginfo: before 5.3.18-150300.59.161.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.161.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-debug: before 5.3.18-150300.59.161.1

kernel-kvmsmall: before 5.3.18-150300.59.161.1

kernel-source: before 5.3.18-150300.59.161.1

kernel-source-vanilla: before 5.3.18-150300.59.161.1

kernel-devel: before 5.3.18-150300.59.161.1

kernel-docs-html: before 5.3.18-150300.59.161.2

kernel-macros: before 5.3.18-150300.59.161.1

kernel-docs: before 5.3.18-150300.59.161.2

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241642-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

11) NULL pointer dereference

EUVDB-ID: #VU90582

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47202

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the of_thermal_get_temp(), of_thermal_set_emul_temp(), of_thermal_get_trend() and of_thermal_set_trip_temp() functions in drivers/thermal/of-thermal.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.161.1

dtb-marvell: before 5.3.18-150300.59.161.1

dtb-exynos: before 5.3.18-150300.59.161.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-mediatek: before 5.3.18-150300.59.161.1

dtb-apm: before 5.3.18-150300.59.161.1

dtb-broadcom: before 5.3.18-150300.59.161.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-renesas: before 5.3.18-150300.59.161.1

kernel-64kb-devel: before 5.3.18-150300.59.161.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-amlogic: before 5.3.18-150300.59.161.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.161.1

kernel-64kb-extra: before 5.3.18-150300.59.161.1

dtb-rockchip: before 5.3.18-150300.59.161.1

dtb-sprd: before 5.3.18-150300.59.161.1

dtb-cavium: before 5.3.18-150300.59.161.1

gfs2-kmp-64kb: before 5.3.18-150300.59.161.1

kernel-64kb-debugsource: before 5.3.18-150300.59.161.1

dtb-allwinner: before 5.3.18-150300.59.161.1

dtb-freescale: before 5.3.18-150300.59.161.1

dtb-zte: before 5.3.18-150300.59.161.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.161.1

dtb-xilinx: before 5.3.18-150300.59.161.1

kselftests-kmp-64kb: before 5.3.18-150300.59.161.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.161.1

dtb-hisilicon: before 5.3.18-150300.59.161.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-al: before 5.3.18-150300.59.161.1

dtb-lg: before 5.3.18-150300.59.161.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-qcom: before 5.3.18-150300.59.161.1

dtb-arm: before 5.3.18-150300.59.161.1

dtb-altera: before 5.3.18-150300.59.161.1

dtb-amd: before 5.3.18-150300.59.161.1

dtb-socionext: before 5.3.18-150300.59.161.1

dtb-nvidia: before 5.3.18-150300.59.161.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.161.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dlm-kmp-64kb: before 5.3.18-150300.59.161.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.161.1

kernel-64kb-optional: before 5.3.18-150300.59.161.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-aarch64: before 5.3.18-150300.59.161.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.161.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.161.1

kernel-zfcpdump: before 5.3.18-150300.59.161.1

kernel-preempt: before 5.3.18-150300.59.161.1

dlm-kmp-preempt: before 5.3.18-150300.59.161.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.161.1

kselftests-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-debugsource: before 5.3.18-150300.59.161.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.161.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.161.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-extra: before 5.3.18-150300.59.161.1

gfs2-kmp-preempt: before 5.3.18-150300.59.161.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-optional: before 5.3.18-150300.59.161.1

kernel-preempt-devel: before 5.3.18-150300.59.161.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-livepatch-5_3_18-150300_59_161-preempt-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-preempt: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-default-debuginfo: before 1-150300.7.3.1

kernel-livepatch-SLE15-SP3_Update_44-debugsource: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-default: before 1-150300.7.3.1

kernel-default: before 5.3.18-150300.59.161.1

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-obs-qa: before 5.3.18-150300.59.161.1

kernel-obs-build: before 5.3.18-150300.59.161.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kselftests-kmp-default: before 5.3.18-150300.59.161.1

dlm-kmp-default: before 5.3.18-150300.59.161.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-livepatch: before 5.3.18-150300.59.161.1

kernel-default-extra: before 5.3.18-150300.59.161.1

kernel-default-optional: before 5.3.18-150300.59.161.1

kernel-default-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-default: before 5.3.18-150300.59.161.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-debugsource: before 5.3.18-150300.59.161.1

ocfs2-kmp-default: before 5.3.18-150300.59.161.1

kernel-default-base-rebuild: before 5.3.18-150300.59.161.1.150300.18.94.1

reiserfs-kmp-default: before 5.3.18-150300.59.161.1

kernel-syms: before 5.3.18-150300.59.161.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.161.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.161.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-default: before 5.3.18-150300.59.161.1

kernel-default-base: before 5.3.18-150300.59.161.1.150300.18.94.1

kernel-default-devel: before 5.3.18-150300.59.161.1

kernel-debug-debugsource: before 5.3.18-150300.59.161.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.161.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-debug-devel: before 5.3.18-150300.59.161.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.161.1

kernel-debug-debuginfo: before 5.3.18-150300.59.161.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.161.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-debug: before 5.3.18-150300.59.161.1

kernel-kvmsmall: before 5.3.18-150300.59.161.1

kernel-source: before 5.3.18-150300.59.161.1

kernel-source-vanilla: before 5.3.18-150300.59.161.1

kernel-devel: before 5.3.18-150300.59.161.1

kernel-docs-html: before 5.3.18-150300.59.161.2

kernel-macros: before 5.3.18-150300.59.161.1

kernel-docs: before 5.3.18-150300.59.161.2

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241642-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

12) Buffer overflow

EUVDB-ID: #VU93156

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47203

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the lpfc_drain_txq() function in drivers/scsi/lpfc/lpfc_sli.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.161.1

dtb-marvell: before 5.3.18-150300.59.161.1

dtb-exynos: before 5.3.18-150300.59.161.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-mediatek: before 5.3.18-150300.59.161.1

dtb-apm: before 5.3.18-150300.59.161.1

dtb-broadcom: before 5.3.18-150300.59.161.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-renesas: before 5.3.18-150300.59.161.1

kernel-64kb-devel: before 5.3.18-150300.59.161.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-amlogic: before 5.3.18-150300.59.161.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.161.1

kernel-64kb-extra: before 5.3.18-150300.59.161.1

dtb-rockchip: before 5.3.18-150300.59.161.1

dtb-sprd: before 5.3.18-150300.59.161.1

dtb-cavium: before 5.3.18-150300.59.161.1

gfs2-kmp-64kb: before 5.3.18-150300.59.161.1

kernel-64kb-debugsource: before 5.3.18-150300.59.161.1

dtb-allwinner: before 5.3.18-150300.59.161.1

dtb-freescale: before 5.3.18-150300.59.161.1

dtb-zte: before 5.3.18-150300.59.161.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.161.1

dtb-xilinx: before 5.3.18-150300.59.161.1

kselftests-kmp-64kb: before 5.3.18-150300.59.161.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.161.1

dtb-hisilicon: before 5.3.18-150300.59.161.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-al: before 5.3.18-150300.59.161.1

dtb-lg: before 5.3.18-150300.59.161.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-qcom: before 5.3.18-150300.59.161.1

dtb-arm: before 5.3.18-150300.59.161.1

dtb-altera: before 5.3.18-150300.59.161.1

dtb-amd: before 5.3.18-150300.59.161.1

dtb-socionext: before 5.3.18-150300.59.161.1

dtb-nvidia: before 5.3.18-150300.59.161.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.161.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dlm-kmp-64kb: before 5.3.18-150300.59.161.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.161.1

kernel-64kb-optional: before 5.3.18-150300.59.161.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-aarch64: before 5.3.18-150300.59.161.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.161.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.161.1

kernel-zfcpdump: before 5.3.18-150300.59.161.1

kernel-preempt: before 5.3.18-150300.59.161.1

dlm-kmp-preempt: before 5.3.18-150300.59.161.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.161.1

kselftests-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-debugsource: before 5.3.18-150300.59.161.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.161.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.161.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-extra: before 5.3.18-150300.59.161.1

gfs2-kmp-preempt: before 5.3.18-150300.59.161.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-optional: before 5.3.18-150300.59.161.1

kernel-preempt-devel: before 5.3.18-150300.59.161.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-livepatch-5_3_18-150300_59_161-preempt-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-preempt: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-default-debuginfo: before 1-150300.7.3.1

kernel-livepatch-SLE15-SP3_Update_44-debugsource: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-default: before 1-150300.7.3.1

kernel-default: before 5.3.18-150300.59.161.1

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-obs-qa: before 5.3.18-150300.59.161.1

kernel-obs-build: before 5.3.18-150300.59.161.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kselftests-kmp-default: before 5.3.18-150300.59.161.1

dlm-kmp-default: before 5.3.18-150300.59.161.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-livepatch: before 5.3.18-150300.59.161.1

kernel-default-extra: before 5.3.18-150300.59.161.1

kernel-default-optional: before 5.3.18-150300.59.161.1

kernel-default-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-default: before 5.3.18-150300.59.161.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-debugsource: before 5.3.18-150300.59.161.1

ocfs2-kmp-default: before 5.3.18-150300.59.161.1

kernel-default-base-rebuild: before 5.3.18-150300.59.161.1.150300.18.94.1

reiserfs-kmp-default: before 5.3.18-150300.59.161.1

kernel-syms: before 5.3.18-150300.59.161.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.161.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.161.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-default: before 5.3.18-150300.59.161.1

kernel-default-base: before 5.3.18-150300.59.161.1.150300.18.94.1

kernel-default-devel: before 5.3.18-150300.59.161.1

kernel-debug-debugsource: before 5.3.18-150300.59.161.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.161.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-debug-devel: before 5.3.18-150300.59.161.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.161.1

kernel-debug-debuginfo: before 5.3.18-150300.59.161.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.161.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-debug: before 5.3.18-150300.59.161.1

kernel-kvmsmall: before 5.3.18-150300.59.161.1

kernel-source: before 5.3.18-150300.59.161.1

kernel-source-vanilla: before 5.3.18-150300.59.161.1

kernel-devel: before 5.3.18-150300.59.161.1

kernel-docs-html: before 5.3.18-150300.59.161.2

kernel-macros: before 5.3.18-150300.59.161.1

kernel-docs: before 5.3.18-150300.59.161.2

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241642-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

13) NULL pointer dereference

EUVDB-ID: #VU92072

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47206

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the ohci_hcd_tmio_drv_probe() function in drivers/usb/host/ohci-tmio.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.161.1

dtb-marvell: before 5.3.18-150300.59.161.1

dtb-exynos: before 5.3.18-150300.59.161.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-mediatek: before 5.3.18-150300.59.161.1

dtb-apm: before 5.3.18-150300.59.161.1

dtb-broadcom: before 5.3.18-150300.59.161.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-renesas: before 5.3.18-150300.59.161.1

kernel-64kb-devel: before 5.3.18-150300.59.161.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-amlogic: before 5.3.18-150300.59.161.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.161.1

kernel-64kb-extra: before 5.3.18-150300.59.161.1

dtb-rockchip: before 5.3.18-150300.59.161.1

dtb-sprd: before 5.3.18-150300.59.161.1

dtb-cavium: before 5.3.18-150300.59.161.1

gfs2-kmp-64kb: before 5.3.18-150300.59.161.1

kernel-64kb-debugsource: before 5.3.18-150300.59.161.1

dtb-allwinner: before 5.3.18-150300.59.161.1

dtb-freescale: before 5.3.18-150300.59.161.1

dtb-zte: before 5.3.18-150300.59.161.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.161.1

dtb-xilinx: before 5.3.18-150300.59.161.1

kselftests-kmp-64kb: before 5.3.18-150300.59.161.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.161.1

dtb-hisilicon: before 5.3.18-150300.59.161.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-al: before 5.3.18-150300.59.161.1

dtb-lg: before 5.3.18-150300.59.161.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-qcom: before 5.3.18-150300.59.161.1

dtb-arm: before 5.3.18-150300.59.161.1

dtb-altera: before 5.3.18-150300.59.161.1

dtb-amd: before 5.3.18-150300.59.161.1

dtb-socionext: before 5.3.18-150300.59.161.1

dtb-nvidia: before 5.3.18-150300.59.161.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.161.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dlm-kmp-64kb: before 5.3.18-150300.59.161.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.161.1

kernel-64kb-optional: before 5.3.18-150300.59.161.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-aarch64: before 5.3.18-150300.59.161.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.161.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.161.1

kernel-zfcpdump: before 5.3.18-150300.59.161.1

kernel-preempt: before 5.3.18-150300.59.161.1

dlm-kmp-preempt: before 5.3.18-150300.59.161.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.161.1

kselftests-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-debugsource: before 5.3.18-150300.59.161.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.161.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.161.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-extra: before 5.3.18-150300.59.161.1

gfs2-kmp-preempt: before 5.3.18-150300.59.161.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-optional: before 5.3.18-150300.59.161.1

kernel-preempt-devel: before 5.3.18-150300.59.161.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-livepatch-5_3_18-150300_59_161-preempt-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-preempt: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-default-debuginfo: before 1-150300.7.3.1

kernel-livepatch-SLE15-SP3_Update_44-debugsource: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-default: before 1-150300.7.3.1

kernel-default: before 5.3.18-150300.59.161.1

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-obs-qa: before 5.3.18-150300.59.161.1

kernel-obs-build: before 5.3.18-150300.59.161.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kselftests-kmp-default: before 5.3.18-150300.59.161.1

dlm-kmp-default: before 5.3.18-150300.59.161.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-livepatch: before 5.3.18-150300.59.161.1

kernel-default-extra: before 5.3.18-150300.59.161.1

kernel-default-optional: before 5.3.18-150300.59.161.1

kernel-default-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-default: before 5.3.18-150300.59.161.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-debugsource: before 5.3.18-150300.59.161.1

ocfs2-kmp-default: before 5.3.18-150300.59.161.1

kernel-default-base-rebuild: before 5.3.18-150300.59.161.1.150300.18.94.1

reiserfs-kmp-default: before 5.3.18-150300.59.161.1

kernel-syms: before 5.3.18-150300.59.161.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.161.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.161.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-default: before 5.3.18-150300.59.161.1

kernel-default-base: before 5.3.18-150300.59.161.1.150300.18.94.1

kernel-default-devel: before 5.3.18-150300.59.161.1

kernel-debug-debugsource: before 5.3.18-150300.59.161.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.161.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-debug-devel: before 5.3.18-150300.59.161.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.161.1

kernel-debug-debuginfo: before 5.3.18-150300.59.161.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.161.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-debug: before 5.3.18-150300.59.161.1

kernel-kvmsmall: before 5.3.18-150300.59.161.1

kernel-source: before 5.3.18-150300.59.161.1

kernel-source-vanilla: before 5.3.18-150300.59.161.1

kernel-devel: before 5.3.18-150300.59.161.1

kernel-docs-html: before 5.3.18-150300.59.161.2

kernel-macros: before 5.3.18-150300.59.161.1

kernel-docs: before 5.3.18-150300.59.161.2

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241642-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

14) NULL pointer dereference

EUVDB-ID: #VU90583

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47207

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the snd_gf1_dma_interrupt() function in sound/isa/gus/gus_dma.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.161.1

dtb-marvell: before 5.3.18-150300.59.161.1

dtb-exynos: before 5.3.18-150300.59.161.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-mediatek: before 5.3.18-150300.59.161.1

dtb-apm: before 5.3.18-150300.59.161.1

dtb-broadcom: before 5.3.18-150300.59.161.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-renesas: before 5.3.18-150300.59.161.1

kernel-64kb-devel: before 5.3.18-150300.59.161.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-amlogic: before 5.3.18-150300.59.161.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.161.1

kernel-64kb-extra: before 5.3.18-150300.59.161.1

dtb-rockchip: before 5.3.18-150300.59.161.1

dtb-sprd: before 5.3.18-150300.59.161.1

dtb-cavium: before 5.3.18-150300.59.161.1

gfs2-kmp-64kb: before 5.3.18-150300.59.161.1

kernel-64kb-debugsource: before 5.3.18-150300.59.161.1

dtb-allwinner: before 5.3.18-150300.59.161.1

dtb-freescale: before 5.3.18-150300.59.161.1

dtb-zte: before 5.3.18-150300.59.161.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.161.1

dtb-xilinx: before 5.3.18-150300.59.161.1

kselftests-kmp-64kb: before 5.3.18-150300.59.161.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.161.1

dtb-hisilicon: before 5.3.18-150300.59.161.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-al: before 5.3.18-150300.59.161.1

dtb-lg: before 5.3.18-150300.59.161.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-qcom: before 5.3.18-150300.59.161.1

dtb-arm: before 5.3.18-150300.59.161.1

dtb-altera: before 5.3.18-150300.59.161.1

dtb-amd: before 5.3.18-150300.59.161.1

dtb-socionext: before 5.3.18-150300.59.161.1

dtb-nvidia: before 5.3.18-150300.59.161.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.161.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dlm-kmp-64kb: before 5.3.18-150300.59.161.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.161.1

kernel-64kb-optional: before 5.3.18-150300.59.161.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-aarch64: before 5.3.18-150300.59.161.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.161.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.161.1

kernel-zfcpdump: before 5.3.18-150300.59.161.1

kernel-preempt: before 5.3.18-150300.59.161.1

dlm-kmp-preempt: before 5.3.18-150300.59.161.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.161.1

kselftests-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-debugsource: before 5.3.18-150300.59.161.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.161.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.161.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-extra: before 5.3.18-150300.59.161.1

gfs2-kmp-preempt: before 5.3.18-150300.59.161.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-optional: before 5.3.18-150300.59.161.1

kernel-preempt-devel: before 5.3.18-150300.59.161.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-livepatch-5_3_18-150300_59_161-preempt-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-preempt: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-default-debuginfo: before 1-150300.7.3.1

kernel-livepatch-SLE15-SP3_Update_44-debugsource: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-default: before 1-150300.7.3.1

kernel-default: before 5.3.18-150300.59.161.1

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-obs-qa: before 5.3.18-150300.59.161.1

kernel-obs-build: before 5.3.18-150300.59.161.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kselftests-kmp-default: before 5.3.18-150300.59.161.1

dlm-kmp-default: before 5.3.18-150300.59.161.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-livepatch: before 5.3.18-150300.59.161.1

kernel-default-extra: before 5.3.18-150300.59.161.1

kernel-default-optional: before 5.3.18-150300.59.161.1

kernel-default-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-default: before 5.3.18-150300.59.161.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-debugsource: before 5.3.18-150300.59.161.1

ocfs2-kmp-default: before 5.3.18-150300.59.161.1

kernel-default-base-rebuild: before 5.3.18-150300.59.161.1.150300.18.94.1

reiserfs-kmp-default: before 5.3.18-150300.59.161.1

kernel-syms: before 5.3.18-150300.59.161.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.161.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.161.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-default: before 5.3.18-150300.59.161.1

kernel-default-base: before 5.3.18-150300.59.161.1.150300.18.94.1

kernel-default-devel: before 5.3.18-150300.59.161.1

kernel-debug-debugsource: before 5.3.18-150300.59.161.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.161.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-debug-devel: before 5.3.18-150300.59.161.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.161.1

kernel-debug-debuginfo: before 5.3.18-150300.59.161.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.161.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-debug: before 5.3.18-150300.59.161.1

kernel-kvmsmall: before 5.3.18-150300.59.161.1

kernel-source: before 5.3.18-150300.59.161.1

kernel-source-vanilla: before 5.3.18-150300.59.161.1

kernel-devel: before 5.3.18-150300.59.161.1

kernel-docs-html: before 5.3.18-150300.59.161.2

kernel-macros: before 5.3.18-150300.59.161.1

kernel-docs: before 5.3.18-150300.59.161.2

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241642-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

15) Error Handling

EUVDB-ID: #VU89241

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47212

CWE-ID: CWE-388 - Error Handling

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to incorrect error handling within the mlx5_internal_err_ret_value() function in drivers/net/ethernet/mellanox/mlx5/core/cmd.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.161.1

dtb-marvell: before 5.3.18-150300.59.161.1

dtb-exynos: before 5.3.18-150300.59.161.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-mediatek: before 5.3.18-150300.59.161.1

dtb-apm: before 5.3.18-150300.59.161.1

dtb-broadcom: before 5.3.18-150300.59.161.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-renesas: before 5.3.18-150300.59.161.1

kernel-64kb-devel: before 5.3.18-150300.59.161.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-amlogic: before 5.3.18-150300.59.161.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.161.1

kernel-64kb-extra: before 5.3.18-150300.59.161.1

dtb-rockchip: before 5.3.18-150300.59.161.1

dtb-sprd: before 5.3.18-150300.59.161.1

dtb-cavium: before 5.3.18-150300.59.161.1

gfs2-kmp-64kb: before 5.3.18-150300.59.161.1

kernel-64kb-debugsource: before 5.3.18-150300.59.161.1

dtb-allwinner: before 5.3.18-150300.59.161.1

dtb-freescale: before 5.3.18-150300.59.161.1

dtb-zte: before 5.3.18-150300.59.161.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.161.1

dtb-xilinx: before 5.3.18-150300.59.161.1

kselftests-kmp-64kb: before 5.3.18-150300.59.161.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.161.1

dtb-hisilicon: before 5.3.18-150300.59.161.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-al: before 5.3.18-150300.59.161.1

dtb-lg: before 5.3.18-150300.59.161.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-qcom: before 5.3.18-150300.59.161.1

dtb-arm: before 5.3.18-150300.59.161.1

dtb-altera: before 5.3.18-150300.59.161.1

dtb-amd: before 5.3.18-150300.59.161.1

dtb-socionext: before 5.3.18-150300.59.161.1

dtb-nvidia: before 5.3.18-150300.59.161.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.161.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dlm-kmp-64kb: before 5.3.18-150300.59.161.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.161.1

kernel-64kb-optional: before 5.3.18-150300.59.161.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-aarch64: before 5.3.18-150300.59.161.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.161.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.161.1

kernel-zfcpdump: before 5.3.18-150300.59.161.1

kernel-preempt: before 5.3.18-150300.59.161.1

dlm-kmp-preempt: before 5.3.18-150300.59.161.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.161.1

kselftests-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-debugsource: before 5.3.18-150300.59.161.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.161.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.161.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-extra: before 5.3.18-150300.59.161.1

gfs2-kmp-preempt: before 5.3.18-150300.59.161.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-optional: before 5.3.18-150300.59.161.1

kernel-preempt-devel: before 5.3.18-150300.59.161.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-livepatch-5_3_18-150300_59_161-preempt-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-preempt: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-default-debuginfo: before 1-150300.7.3.1

kernel-livepatch-SLE15-SP3_Update_44-debugsource: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-default: before 1-150300.7.3.1

kernel-default: before 5.3.18-150300.59.161.1

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-obs-qa: before 5.3.18-150300.59.161.1

kernel-obs-build: before 5.3.18-150300.59.161.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kselftests-kmp-default: before 5.3.18-150300.59.161.1

dlm-kmp-default: before 5.3.18-150300.59.161.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-livepatch: before 5.3.18-150300.59.161.1

kernel-default-extra: before 5.3.18-150300.59.161.1

kernel-default-optional: before 5.3.18-150300.59.161.1

kernel-default-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-default: before 5.3.18-150300.59.161.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-debugsource: before 5.3.18-150300.59.161.1

ocfs2-kmp-default: before 5.3.18-150300.59.161.1

kernel-default-base-rebuild: before 5.3.18-150300.59.161.1.150300.18.94.1

reiserfs-kmp-default: before 5.3.18-150300.59.161.1

kernel-syms: before 5.3.18-150300.59.161.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.161.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.161.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-default: before 5.3.18-150300.59.161.1

kernel-default-base: before 5.3.18-150300.59.161.1.150300.18.94.1

kernel-default-devel: before 5.3.18-150300.59.161.1

kernel-debug-debugsource: before 5.3.18-150300.59.161.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.161.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-debug-devel: before 5.3.18-150300.59.161.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.161.1

kernel-debug-debuginfo: before 5.3.18-150300.59.161.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.161.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-debug: before 5.3.18-150300.59.161.1

kernel-kvmsmall: before 5.3.18-150300.59.161.1

kernel-source: before 5.3.18-150300.59.161.1

kernel-source-vanilla: before 5.3.18-150300.59.161.1

kernel-devel: before 5.3.18-150300.59.161.1

kernel-docs-html: before 5.3.18-150300.59.161.2

kernel-macros: before 5.3.18-150300.59.161.1

kernel-docs: before 5.3.18-150300.59.161.2

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241642-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

16) Memory leak

EUVDB-ID: #VU91648

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47216

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the asc_prt_adv_board_info() function in drivers/scsi/advansys.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.161.1

dtb-marvell: before 5.3.18-150300.59.161.1

dtb-exynos: before 5.3.18-150300.59.161.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-mediatek: before 5.3.18-150300.59.161.1

dtb-apm: before 5.3.18-150300.59.161.1

dtb-broadcom: before 5.3.18-150300.59.161.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-renesas: before 5.3.18-150300.59.161.1

kernel-64kb-devel: before 5.3.18-150300.59.161.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-amlogic: before 5.3.18-150300.59.161.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.161.1

kernel-64kb-extra: before 5.3.18-150300.59.161.1

dtb-rockchip: before 5.3.18-150300.59.161.1

dtb-sprd: before 5.3.18-150300.59.161.1

dtb-cavium: before 5.3.18-150300.59.161.1

gfs2-kmp-64kb: before 5.3.18-150300.59.161.1

kernel-64kb-debugsource: before 5.3.18-150300.59.161.1

dtb-allwinner: before 5.3.18-150300.59.161.1

dtb-freescale: before 5.3.18-150300.59.161.1

dtb-zte: before 5.3.18-150300.59.161.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.161.1

dtb-xilinx: before 5.3.18-150300.59.161.1

kselftests-kmp-64kb: before 5.3.18-150300.59.161.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.161.1

dtb-hisilicon: before 5.3.18-150300.59.161.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-al: before 5.3.18-150300.59.161.1

dtb-lg: before 5.3.18-150300.59.161.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-qcom: before 5.3.18-150300.59.161.1

dtb-arm: before 5.3.18-150300.59.161.1

dtb-altera: before 5.3.18-150300.59.161.1

dtb-amd: before 5.3.18-150300.59.161.1

dtb-socionext: before 5.3.18-150300.59.161.1

dtb-nvidia: before 5.3.18-150300.59.161.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.161.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dlm-kmp-64kb: before 5.3.18-150300.59.161.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.161.1

kernel-64kb-optional: before 5.3.18-150300.59.161.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-aarch64: before 5.3.18-150300.59.161.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.161.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.161.1

kernel-zfcpdump: before 5.3.18-150300.59.161.1

kernel-preempt: before 5.3.18-150300.59.161.1

dlm-kmp-preempt: before 5.3.18-150300.59.161.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.161.1

kselftests-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-debugsource: before 5.3.18-150300.59.161.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.161.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.161.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-extra: before 5.3.18-150300.59.161.1

gfs2-kmp-preempt: before 5.3.18-150300.59.161.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-optional: before 5.3.18-150300.59.161.1

kernel-preempt-devel: before 5.3.18-150300.59.161.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-livepatch-5_3_18-150300_59_161-preempt-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-preempt: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-default-debuginfo: before 1-150300.7.3.1

kernel-livepatch-SLE15-SP3_Update_44-debugsource: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-default: before 1-150300.7.3.1

kernel-default: before 5.3.18-150300.59.161.1

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-obs-qa: before 5.3.18-150300.59.161.1

kernel-obs-build: before 5.3.18-150300.59.161.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kselftests-kmp-default: before 5.3.18-150300.59.161.1

dlm-kmp-default: before 5.3.18-150300.59.161.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-livepatch: before 5.3.18-150300.59.161.1

kernel-default-extra: before 5.3.18-150300.59.161.1

kernel-default-optional: before 5.3.18-150300.59.161.1

kernel-default-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-default: before 5.3.18-150300.59.161.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-debugsource: before 5.3.18-150300.59.161.1

ocfs2-kmp-default: before 5.3.18-150300.59.161.1

kernel-default-base-rebuild: before 5.3.18-150300.59.161.1.150300.18.94.1

reiserfs-kmp-default: before 5.3.18-150300.59.161.1

kernel-syms: before 5.3.18-150300.59.161.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.161.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.161.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-default: before 5.3.18-150300.59.161.1

kernel-default-base: before 5.3.18-150300.59.161.1.150300.18.94.1

kernel-default-devel: before 5.3.18-150300.59.161.1

kernel-debug-debugsource: before 5.3.18-150300.59.161.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.161.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-debug-devel: before 5.3.18-150300.59.161.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.161.1

kernel-debug-debuginfo: before 5.3.18-150300.59.161.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.161.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-debug: before 5.3.18-150300.59.161.1

kernel-kvmsmall: before 5.3.18-150300.59.161.1

kernel-source: before 5.3.18-150300.59.161.1

kernel-source-vanilla: before 5.3.18-150300.59.161.1

kernel-devel: before 5.3.18-150300.59.161.1

kernel-docs-html: before 5.3.18-150300.59.161.2

kernel-macros: before 5.3.18-150300.59.161.1

kernel-docs: before 5.3.18-150300.59.161.2

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241642-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

17) Improper locking

EUVDB-ID: #VU92033

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-48631

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the __ext4_ext_check() function in fs/ext4/extents.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.161.1

dtb-marvell: before 5.3.18-150300.59.161.1

dtb-exynos: before 5.3.18-150300.59.161.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-mediatek: before 5.3.18-150300.59.161.1

dtb-apm: before 5.3.18-150300.59.161.1

dtb-broadcom: before 5.3.18-150300.59.161.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-renesas: before 5.3.18-150300.59.161.1

kernel-64kb-devel: before 5.3.18-150300.59.161.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-amlogic: before 5.3.18-150300.59.161.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.161.1

kernel-64kb-extra: before 5.3.18-150300.59.161.1

dtb-rockchip: before 5.3.18-150300.59.161.1

dtb-sprd: before 5.3.18-150300.59.161.1

dtb-cavium: before 5.3.18-150300.59.161.1

gfs2-kmp-64kb: before 5.3.18-150300.59.161.1

kernel-64kb-debugsource: before 5.3.18-150300.59.161.1

dtb-allwinner: before 5.3.18-150300.59.161.1

dtb-freescale: before 5.3.18-150300.59.161.1

dtb-zte: before 5.3.18-150300.59.161.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.161.1

dtb-xilinx: before 5.3.18-150300.59.161.1

kselftests-kmp-64kb: before 5.3.18-150300.59.161.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.161.1

dtb-hisilicon: before 5.3.18-150300.59.161.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-al: before 5.3.18-150300.59.161.1

dtb-lg: before 5.3.18-150300.59.161.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-qcom: before 5.3.18-150300.59.161.1

dtb-arm: before 5.3.18-150300.59.161.1

dtb-altera: before 5.3.18-150300.59.161.1

dtb-amd: before 5.3.18-150300.59.161.1

dtb-socionext: before 5.3.18-150300.59.161.1

dtb-nvidia: before 5.3.18-150300.59.161.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.161.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dlm-kmp-64kb: before 5.3.18-150300.59.161.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.161.1

kernel-64kb-optional: before 5.3.18-150300.59.161.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-aarch64: before 5.3.18-150300.59.161.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.161.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.161.1

kernel-zfcpdump: before 5.3.18-150300.59.161.1

kernel-preempt: before 5.3.18-150300.59.161.1

dlm-kmp-preempt: before 5.3.18-150300.59.161.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.161.1

kselftests-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-debugsource: before 5.3.18-150300.59.161.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.161.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.161.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-extra: before 5.3.18-150300.59.161.1

gfs2-kmp-preempt: before 5.3.18-150300.59.161.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-optional: before 5.3.18-150300.59.161.1

kernel-preempt-devel: before 5.3.18-150300.59.161.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-livepatch-5_3_18-150300_59_161-preempt-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-preempt: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-default-debuginfo: before 1-150300.7.3.1

kernel-livepatch-SLE15-SP3_Update_44-debugsource: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-default: before 1-150300.7.3.1

kernel-default: before 5.3.18-150300.59.161.1

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-obs-qa: before 5.3.18-150300.59.161.1

kernel-obs-build: before 5.3.18-150300.59.161.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kselftests-kmp-default: before 5.3.18-150300.59.161.1

dlm-kmp-default: before 5.3.18-150300.59.161.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-livepatch: before 5.3.18-150300.59.161.1

kernel-default-extra: before 5.3.18-150300.59.161.1

kernel-default-optional: before 5.3.18-150300.59.161.1

kernel-default-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-default: before 5.3.18-150300.59.161.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-debugsource: before 5.3.18-150300.59.161.1

ocfs2-kmp-default: before 5.3.18-150300.59.161.1

kernel-default-base-rebuild: before 5.3.18-150300.59.161.1.150300.18.94.1

reiserfs-kmp-default: before 5.3.18-150300.59.161.1

kernel-syms: before 5.3.18-150300.59.161.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.161.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.161.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-default: before 5.3.18-150300.59.161.1

kernel-default-base: before 5.3.18-150300.59.161.1.150300.18.94.1

kernel-default-devel: before 5.3.18-150300.59.161.1

kernel-debug-debugsource: before 5.3.18-150300.59.161.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.161.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-debug-devel: before 5.3.18-150300.59.161.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.161.1

kernel-debug-debuginfo: before 5.3.18-150300.59.161.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.161.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-debug: before 5.3.18-150300.59.161.1

kernel-kvmsmall: before 5.3.18-150300.59.161.1

kernel-source: before 5.3.18-150300.59.161.1

kernel-source-vanilla: before 5.3.18-150300.59.161.1

kernel-devel: before 5.3.18-150300.59.161.1

kernel-docs-html: before 5.3.18-150300.59.161.2

kernel-macros: before 5.3.18-150300.59.161.1

kernel-docs: before 5.3.18-150300.59.161.2

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241642-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

18) Input validation error

EUVDB-ID: #VU93687

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-48638

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the cgroup_get_from_id() function in kernel/cgroup/cgroup.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.161.1

dtb-marvell: before 5.3.18-150300.59.161.1

dtb-exynos: before 5.3.18-150300.59.161.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-mediatek: before 5.3.18-150300.59.161.1

dtb-apm: before 5.3.18-150300.59.161.1

dtb-broadcom: before 5.3.18-150300.59.161.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-renesas: before 5.3.18-150300.59.161.1

kernel-64kb-devel: before 5.3.18-150300.59.161.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-amlogic: before 5.3.18-150300.59.161.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.161.1

kernel-64kb-extra: before 5.3.18-150300.59.161.1

dtb-rockchip: before 5.3.18-150300.59.161.1

dtb-sprd: before 5.3.18-150300.59.161.1

dtb-cavium: before 5.3.18-150300.59.161.1

gfs2-kmp-64kb: before 5.3.18-150300.59.161.1

kernel-64kb-debugsource: before 5.3.18-150300.59.161.1

dtb-allwinner: before 5.3.18-150300.59.161.1

dtb-freescale: before 5.3.18-150300.59.161.1

dtb-zte: before 5.3.18-150300.59.161.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.161.1

dtb-xilinx: before 5.3.18-150300.59.161.1

kselftests-kmp-64kb: before 5.3.18-150300.59.161.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.161.1

dtb-hisilicon: before 5.3.18-150300.59.161.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-al: before 5.3.18-150300.59.161.1

dtb-lg: before 5.3.18-150300.59.161.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-qcom: before 5.3.18-150300.59.161.1

dtb-arm: before 5.3.18-150300.59.161.1

dtb-altera: before 5.3.18-150300.59.161.1

dtb-amd: before 5.3.18-150300.59.161.1

dtb-socionext: before 5.3.18-150300.59.161.1

dtb-nvidia: before 5.3.18-150300.59.161.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.161.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dlm-kmp-64kb: before 5.3.18-150300.59.161.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.161.1

kernel-64kb-optional: before 5.3.18-150300.59.161.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-aarch64: before 5.3.18-150300.59.161.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.161.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.161.1

kernel-zfcpdump: before 5.3.18-150300.59.161.1

kernel-preempt: before 5.3.18-150300.59.161.1

dlm-kmp-preempt: before 5.3.18-150300.59.161.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.161.1

kselftests-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-debugsource: before 5.3.18-150300.59.161.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.161.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.161.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-extra: before 5.3.18-150300.59.161.1

gfs2-kmp-preempt: before 5.3.18-150300.59.161.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-optional: before 5.3.18-150300.59.161.1

kernel-preempt-devel: before 5.3.18-150300.59.161.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-livepatch-5_3_18-150300_59_161-preempt-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-preempt: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-default-debuginfo: before 1-150300.7.3.1

kernel-livepatch-SLE15-SP3_Update_44-debugsource: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-default: before 1-150300.7.3.1

kernel-default: before 5.3.18-150300.59.161.1

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-obs-qa: before 5.3.18-150300.59.161.1

kernel-obs-build: before 5.3.18-150300.59.161.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kselftests-kmp-default: before 5.3.18-150300.59.161.1

dlm-kmp-default: before 5.3.18-150300.59.161.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-livepatch: before 5.3.18-150300.59.161.1

kernel-default-extra: before 5.3.18-150300.59.161.1

kernel-default-optional: before 5.3.18-150300.59.161.1

kernel-default-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-default: before 5.3.18-150300.59.161.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-debugsource: before 5.3.18-150300.59.161.1

ocfs2-kmp-default: before 5.3.18-150300.59.161.1

kernel-default-base-rebuild: before 5.3.18-150300.59.161.1.150300.18.94.1

reiserfs-kmp-default: before 5.3.18-150300.59.161.1

kernel-syms: before 5.3.18-150300.59.161.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.161.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.161.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-default: before 5.3.18-150300.59.161.1

kernel-default-base: before 5.3.18-150300.59.161.1.150300.18.94.1

kernel-default-devel: before 5.3.18-150300.59.161.1

kernel-debug-debugsource: before 5.3.18-150300.59.161.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.161.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-debug-devel: before 5.3.18-150300.59.161.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.161.1

kernel-debug-debuginfo: before 5.3.18-150300.59.161.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.161.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-debug: before 5.3.18-150300.59.161.1

kernel-kvmsmall: before 5.3.18-150300.59.161.1

kernel-source: before 5.3.18-150300.59.161.1

kernel-source-vanilla: before 5.3.18-150300.59.161.1

kernel-devel: before 5.3.18-150300.59.161.1

kernel-docs-html: before 5.3.18-150300.59.161.2

kernel-macros: before 5.3.18-150300.59.161.1

kernel-docs: before 5.3.18-150300.59.161.2

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241642-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

19) Memory leak

EUVDB-ID: #VU89997

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-48650

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the __qlt_24xx_handle_abts() function in drivers/scsi/qla2xxx/qla_target.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.161.1

dtb-marvell: before 5.3.18-150300.59.161.1

dtb-exynos: before 5.3.18-150300.59.161.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-mediatek: before 5.3.18-150300.59.161.1

dtb-apm: before 5.3.18-150300.59.161.1

dtb-broadcom: before 5.3.18-150300.59.161.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-renesas: before 5.3.18-150300.59.161.1

kernel-64kb-devel: before 5.3.18-150300.59.161.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-amlogic: before 5.3.18-150300.59.161.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.161.1

kernel-64kb-extra: before 5.3.18-150300.59.161.1

dtb-rockchip: before 5.3.18-150300.59.161.1

dtb-sprd: before 5.3.18-150300.59.161.1

dtb-cavium: before 5.3.18-150300.59.161.1

gfs2-kmp-64kb: before 5.3.18-150300.59.161.1

kernel-64kb-debugsource: before 5.3.18-150300.59.161.1

dtb-allwinner: before 5.3.18-150300.59.161.1

dtb-freescale: before 5.3.18-150300.59.161.1

dtb-zte: before 5.3.18-150300.59.161.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.161.1

dtb-xilinx: before 5.3.18-150300.59.161.1

kselftests-kmp-64kb: before 5.3.18-150300.59.161.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.161.1

dtb-hisilicon: before 5.3.18-150300.59.161.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-al: before 5.3.18-150300.59.161.1

dtb-lg: before 5.3.18-150300.59.161.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-qcom: before 5.3.18-150300.59.161.1

dtb-arm: before 5.3.18-150300.59.161.1

dtb-altera: before 5.3.18-150300.59.161.1

dtb-amd: before 5.3.18-150300.59.161.1

dtb-socionext: before 5.3.18-150300.59.161.1

dtb-nvidia: before 5.3.18-150300.59.161.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.161.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dlm-kmp-64kb: before 5.3.18-150300.59.161.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.161.1

kernel-64kb-optional: before 5.3.18-150300.59.161.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-aarch64: before 5.3.18-150300.59.161.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.161.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.161.1

kernel-zfcpdump: before 5.3.18-150300.59.161.1

kernel-preempt: before 5.3.18-150300.59.161.1

dlm-kmp-preempt: before 5.3.18-150300.59.161.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.161.1

kselftests-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-debugsource: before 5.3.18-150300.59.161.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.161.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.161.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-extra: before 5.3.18-150300.59.161.1

gfs2-kmp-preempt: before 5.3.18-150300.59.161.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-optional: before 5.3.18-150300.59.161.1

kernel-preempt-devel: before 5.3.18-150300.59.161.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-livepatch-5_3_18-150300_59_161-preempt-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-preempt: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-default-debuginfo: before 1-150300.7.3.1

kernel-livepatch-SLE15-SP3_Update_44-debugsource: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-default: before 1-150300.7.3.1

kernel-default: before 5.3.18-150300.59.161.1

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-obs-qa: before 5.3.18-150300.59.161.1

kernel-obs-build: before 5.3.18-150300.59.161.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kselftests-kmp-default: before 5.3.18-150300.59.161.1

dlm-kmp-default: before 5.3.18-150300.59.161.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-livepatch: before 5.3.18-150300.59.161.1

kernel-default-extra: before 5.3.18-150300.59.161.1

kernel-default-optional: before 5.3.18-150300.59.161.1

kernel-default-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-default: before 5.3.18-150300.59.161.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-debugsource: before 5.3.18-150300.59.161.1

ocfs2-kmp-default: before 5.3.18-150300.59.161.1

kernel-default-base-rebuild: before 5.3.18-150300.59.161.1.150300.18.94.1

reiserfs-kmp-default: before 5.3.18-150300.59.161.1

kernel-syms: before 5.3.18-150300.59.161.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.161.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.161.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-default: before 5.3.18-150300.59.161.1

kernel-default-base: before 5.3.18-150300.59.161.1.150300.18.94.1

kernel-default-devel: before 5.3.18-150300.59.161.1

kernel-debug-debugsource: before 5.3.18-150300.59.161.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.161.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-debug-devel: before 5.3.18-150300.59.161.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.161.1

kernel-debug-debuginfo: before 5.3.18-150300.59.161.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.161.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-debug: before 5.3.18-150300.59.161.1

kernel-kvmsmall: before 5.3.18-150300.59.161.1

kernel-source: before 5.3.18-150300.59.161.1

kernel-source-vanilla: before 5.3.18-150300.59.161.1

kernel-devel: before 5.3.18-150300.59.161.1

kernel-docs-html: before 5.3.18-150300.59.161.2

kernel-macros: before 5.3.18-150300.59.161.1

kernel-docs: before 5.3.18-150300.59.161.2

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241642-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

20) Out-of-bounds read

EUVDB-ID: #VU89680

Risk: Medium

CVSSv3.1: 4.7 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-48651

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition in drivers/net/ipvlan/ipvlan_core.c. A remote attacker on the local network can send specially crafted packets to the system, trigger an out-of-bounds read error and read contents of memory on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.161.1

dtb-marvell: before 5.3.18-150300.59.161.1

dtb-exynos: before 5.3.18-150300.59.161.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-mediatek: before 5.3.18-150300.59.161.1

dtb-apm: before 5.3.18-150300.59.161.1

dtb-broadcom: before 5.3.18-150300.59.161.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-renesas: before 5.3.18-150300.59.161.1

kernel-64kb-devel: before 5.3.18-150300.59.161.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-amlogic: before 5.3.18-150300.59.161.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.161.1

kernel-64kb-extra: before 5.3.18-150300.59.161.1

dtb-rockchip: before 5.3.18-150300.59.161.1

dtb-sprd: before 5.3.18-150300.59.161.1

dtb-cavium: before 5.3.18-150300.59.161.1

gfs2-kmp-64kb: before 5.3.18-150300.59.161.1

kernel-64kb-debugsource: before 5.3.18-150300.59.161.1

dtb-allwinner: before 5.3.18-150300.59.161.1

dtb-freescale: before 5.3.18-150300.59.161.1

dtb-zte: before 5.3.18-150300.59.161.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.161.1

dtb-xilinx: before 5.3.18-150300.59.161.1

kselftests-kmp-64kb: before 5.3.18-150300.59.161.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.161.1

dtb-hisilicon: before 5.3.18-150300.59.161.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-al: before 5.3.18-150300.59.161.1

dtb-lg: before 5.3.18-150300.59.161.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-qcom: before 5.3.18-150300.59.161.1

dtb-arm: before 5.3.18-150300.59.161.1

dtb-altera: before 5.3.18-150300.59.161.1

dtb-amd: before 5.3.18-150300.59.161.1

dtb-socionext: before 5.3.18-150300.59.161.1

dtb-nvidia: before 5.3.18-150300.59.161.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.161.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dlm-kmp-64kb: before 5.3.18-150300.59.161.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.161.1

kernel-64kb-optional: before 5.3.18-150300.59.161.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-aarch64: before 5.3.18-150300.59.161.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.161.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.161.1

kernel-zfcpdump: before 5.3.18-150300.59.161.1

kernel-preempt: before 5.3.18-150300.59.161.1

dlm-kmp-preempt: before 5.3.18-150300.59.161.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.161.1

kselftests-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-debugsource: before 5.3.18-150300.59.161.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.161.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.161.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-extra: before 5.3.18-150300.59.161.1

gfs2-kmp-preempt: before 5.3.18-150300.59.161.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-optional: before 5.3.18-150300.59.161.1

kernel-preempt-devel: before 5.3.18-150300.59.161.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-livepatch-5_3_18-150300_59_161-preempt-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-preempt: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-default-debuginfo: before 1-150300.7.3.1

kernel-livepatch-SLE15-SP3_Update_44-debugsource: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-default: before 1-150300.7.3.1

kernel-default: before 5.3.18-150300.59.161.1

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-obs-qa: before 5.3.18-150300.59.161.1

kernel-obs-build: before 5.3.18-150300.59.161.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kselftests-kmp-default: before 5.3.18-150300.59.161.1

dlm-kmp-default: before 5.3.18-150300.59.161.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-livepatch: before 5.3.18-150300.59.161.1

kernel-default-extra: before 5.3.18-150300.59.161.1

kernel-default-optional: before 5.3.18-150300.59.161.1

kernel-default-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-default: before 5.3.18-150300.59.161.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-debugsource: before 5.3.18-150300.59.161.1

ocfs2-kmp-default: before 5.3.18-150300.59.161.1

kernel-default-base-rebuild: before 5.3.18-150300.59.161.1.150300.18.94.1

reiserfs-kmp-default: before 5.3.18-150300.59.161.1

kernel-syms: before 5.3.18-150300.59.161.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.161.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.161.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-default: before 5.3.18-150300.59.161.1

kernel-default-base: before 5.3.18-150300.59.161.1.150300.18.94.1

kernel-default-devel: before 5.3.18-150300.59.161.1

kernel-debug-debugsource: before 5.3.18-150300.59.161.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.161.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-debug-devel: before 5.3.18-150300.59.161.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.161.1

kernel-debug-debuginfo: before 5.3.18-150300.59.161.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.161.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-debug: before 5.3.18-150300.59.161.1

kernel-kvmsmall: before 5.3.18-150300.59.161.1

kernel-source: before 5.3.18-150300.59.161.1

kernel-source-vanilla: before 5.3.18-150300.59.161.1

kernel-devel: before 5.3.18-150300.59.161.1

kernel-docs-html: before 5.3.18-150300.59.161.2

kernel-macros: before 5.3.18-150300.59.161.1

kernel-docs: before 5.3.18-150300.59.161.2

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241642-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

21) Memory leak

EUVDB-ID: #VU91645

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-48654

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to memory leak within the nf_osf_find() function in net/netfilter/nfnetlink_osf.c. A local user can gain access to sensitive information.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.161.1

dtb-marvell: before 5.3.18-150300.59.161.1

dtb-exynos: before 5.3.18-150300.59.161.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-mediatek: before 5.3.18-150300.59.161.1

dtb-apm: before 5.3.18-150300.59.161.1

dtb-broadcom: before 5.3.18-150300.59.161.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-renesas: before 5.3.18-150300.59.161.1

kernel-64kb-devel: before 5.3.18-150300.59.161.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-amlogic: before 5.3.18-150300.59.161.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.161.1

kernel-64kb-extra: before 5.3.18-150300.59.161.1

dtb-rockchip: before 5.3.18-150300.59.161.1

dtb-sprd: before 5.3.18-150300.59.161.1

dtb-cavium: before 5.3.18-150300.59.161.1

gfs2-kmp-64kb: before 5.3.18-150300.59.161.1

kernel-64kb-debugsource: before 5.3.18-150300.59.161.1

dtb-allwinner: before 5.3.18-150300.59.161.1

dtb-freescale: before 5.3.18-150300.59.161.1

dtb-zte: before 5.3.18-150300.59.161.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.161.1

dtb-xilinx: before 5.3.18-150300.59.161.1

kselftests-kmp-64kb: before 5.3.18-150300.59.161.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.161.1

dtb-hisilicon: before 5.3.18-150300.59.161.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-al: before 5.3.18-150300.59.161.1

dtb-lg: before 5.3.18-150300.59.161.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-qcom: before 5.3.18-150300.59.161.1

dtb-arm: before 5.3.18-150300.59.161.1

dtb-altera: before 5.3.18-150300.59.161.1

dtb-amd: before 5.3.18-150300.59.161.1

dtb-socionext: before 5.3.18-150300.59.161.1

dtb-nvidia: before 5.3.18-150300.59.161.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.161.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dlm-kmp-64kb: before 5.3.18-150300.59.161.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.161.1

kernel-64kb-optional: before 5.3.18-150300.59.161.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-aarch64: before 5.3.18-150300.59.161.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.161.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.161.1

kernel-zfcpdump: before 5.3.18-150300.59.161.1

kernel-preempt: before 5.3.18-150300.59.161.1

dlm-kmp-preempt: before 5.3.18-150300.59.161.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.161.1

kselftests-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-debugsource: before 5.3.18-150300.59.161.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.161.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.161.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-extra: before 5.3.18-150300.59.161.1

gfs2-kmp-preempt: before 5.3.18-150300.59.161.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-optional: before 5.3.18-150300.59.161.1

kernel-preempt-devel: before 5.3.18-150300.59.161.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-livepatch-5_3_18-150300_59_161-preempt-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-preempt: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-default-debuginfo: before 1-150300.7.3.1

kernel-livepatch-SLE15-SP3_Update_44-debugsource: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-default: before 1-150300.7.3.1

kernel-default: before 5.3.18-150300.59.161.1

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-obs-qa: before 5.3.18-150300.59.161.1

kernel-obs-build: before 5.3.18-150300.59.161.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kselftests-kmp-default: before 5.3.18-150300.59.161.1

dlm-kmp-default: before 5.3.18-150300.59.161.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-livepatch: before 5.3.18-150300.59.161.1

kernel-default-extra: before 5.3.18-150300.59.161.1

kernel-default-optional: before 5.3.18-150300.59.161.1

kernel-default-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-default: before 5.3.18-150300.59.161.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-debugsource: before 5.3.18-150300.59.161.1

ocfs2-kmp-default: before 5.3.18-150300.59.161.1

kernel-default-base-rebuild: before 5.3.18-150300.59.161.1.150300.18.94.1

reiserfs-kmp-default: before 5.3.18-150300.59.161.1

kernel-syms: before 5.3.18-150300.59.161.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.161.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.161.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-default: before 5.3.18-150300.59.161.1

kernel-default-base: before 5.3.18-150300.59.161.1.150300.18.94.1

kernel-default-devel: before 5.3.18-150300.59.161.1

kernel-debug-debugsource: before 5.3.18-150300.59.161.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.161.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-debug-devel: before 5.3.18-150300.59.161.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.161.1

kernel-debug-debuginfo: before 5.3.18-150300.59.161.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.161.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-debug: before 5.3.18-150300.59.161.1

kernel-kvmsmall: before 5.3.18-150300.59.161.1

kernel-source: before 5.3.18-150300.59.161.1

kernel-source-vanilla: before 5.3.18-150300.59.161.1

kernel-devel: before 5.3.18-150300.59.161.1

kernel-docs-html: before 5.3.18-150300.59.161.2

kernel-macros: before 5.3.18-150300.59.161.1

kernel-docs: before 5.3.18-150300.59.161.2

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241642-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

22) Off-by-one

EUVDB-ID: #VU91174

Risk: Low

CVSSv3.1: 6.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-48672

CWE-ID: CWE-193 - Off-by-one Error

Exploit availability: No

Description

The vulnerability allows a local user to execute arbitrary code.

The vulnerability exists due to an off-by-one error within the unflatten_dt_nodes() function in drivers/of/fdt.c. A local user can execute arbitrary code.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.161.1

dtb-marvell: before 5.3.18-150300.59.161.1

dtb-exynos: before 5.3.18-150300.59.161.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-mediatek: before 5.3.18-150300.59.161.1

dtb-apm: before 5.3.18-150300.59.161.1

dtb-broadcom: before 5.3.18-150300.59.161.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-renesas: before 5.3.18-150300.59.161.1

kernel-64kb-devel: before 5.3.18-150300.59.161.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-amlogic: before 5.3.18-150300.59.161.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.161.1

kernel-64kb-extra: before 5.3.18-150300.59.161.1

dtb-rockchip: before 5.3.18-150300.59.161.1

dtb-sprd: before 5.3.18-150300.59.161.1

dtb-cavium: before 5.3.18-150300.59.161.1

gfs2-kmp-64kb: before 5.3.18-150300.59.161.1

kernel-64kb-debugsource: before 5.3.18-150300.59.161.1

dtb-allwinner: before 5.3.18-150300.59.161.1

dtb-freescale: before 5.3.18-150300.59.161.1

dtb-zte: before 5.3.18-150300.59.161.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.161.1

dtb-xilinx: before 5.3.18-150300.59.161.1

kselftests-kmp-64kb: before 5.3.18-150300.59.161.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.161.1

dtb-hisilicon: before 5.3.18-150300.59.161.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-al: before 5.3.18-150300.59.161.1

dtb-lg: before 5.3.18-150300.59.161.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-qcom: before 5.3.18-150300.59.161.1

dtb-arm: before 5.3.18-150300.59.161.1

dtb-altera: before 5.3.18-150300.59.161.1

dtb-amd: before 5.3.18-150300.59.161.1

dtb-socionext: before 5.3.18-150300.59.161.1

dtb-nvidia: before 5.3.18-150300.59.161.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.161.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dlm-kmp-64kb: before 5.3.18-150300.59.161.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.161.1

kernel-64kb-optional: before 5.3.18-150300.59.161.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-aarch64: before 5.3.18-150300.59.161.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.161.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.161.1

kernel-zfcpdump: before 5.3.18-150300.59.161.1

kernel-preempt: before 5.3.18-150300.59.161.1

dlm-kmp-preempt: before 5.3.18-150300.59.161.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.161.1

kselftests-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-debugsource: before 5.3.18-150300.59.161.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.161.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.161.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-extra: before 5.3.18-150300.59.161.1

gfs2-kmp-preempt: before 5.3.18-150300.59.161.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-optional: before 5.3.18-150300.59.161.1

kernel-preempt-devel: before 5.3.18-150300.59.161.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-livepatch-5_3_18-150300_59_161-preempt-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-preempt: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-default-debuginfo: before 1-150300.7.3.1

kernel-livepatch-SLE15-SP3_Update_44-debugsource: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-default: before 1-150300.7.3.1

kernel-default: before 5.3.18-150300.59.161.1

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-obs-qa: before 5.3.18-150300.59.161.1

kernel-obs-build: before 5.3.18-150300.59.161.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kselftests-kmp-default: before 5.3.18-150300.59.161.1

dlm-kmp-default: before 5.3.18-150300.59.161.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-livepatch: before 5.3.18-150300.59.161.1

kernel-default-extra: before 5.3.18-150300.59.161.1

kernel-default-optional: before 5.3.18-150300.59.161.1

kernel-default-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-default: before 5.3.18-150300.59.161.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-debugsource: before 5.3.18-150300.59.161.1

ocfs2-kmp-default: before 5.3.18-150300.59.161.1

kernel-default-base-rebuild: before 5.3.18-150300.59.161.1.150300.18.94.1

reiserfs-kmp-default: before 5.3.18-150300.59.161.1

kernel-syms: before 5.3.18-150300.59.161.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.161.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.161.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-default: before 5.3.18-150300.59.161.1

kernel-default-base: before 5.3.18-150300.59.161.1.150300.18.94.1

kernel-default-devel: before 5.3.18-150300.59.161.1

kernel-debug-debugsource: before 5.3.18-150300.59.161.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.161.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-debug-devel: before 5.3.18-150300.59.161.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.161.1

kernel-debug-debuginfo: before 5.3.18-150300.59.161.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.161.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-debug: before 5.3.18-150300.59.161.1

kernel-kvmsmall: before 5.3.18-150300.59.161.1

kernel-source: before 5.3.18-150300.59.161.1

kernel-source-vanilla: before 5.3.18-150300.59.161.1

kernel-devel: before 5.3.18-150300.59.161.1

kernel-docs-html: before 5.3.18-150300.59.161.2

kernel-macros: before 5.3.18-150300.59.161.1

kernel-docs: before 5.3.18-150300.59.161.2

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241642-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

23) Use-after-free

EUVDB-ID: #VU90175

Risk: Low

CVSSv3.1: 6.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-48686

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the nvme_tcp_io_work() function in drivers/nvme/host/tcp.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.161.1

dtb-marvell: before 5.3.18-150300.59.161.1

dtb-exynos: before 5.3.18-150300.59.161.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-mediatek: before 5.3.18-150300.59.161.1

dtb-apm: before 5.3.18-150300.59.161.1

dtb-broadcom: before 5.3.18-150300.59.161.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-renesas: before 5.3.18-150300.59.161.1

kernel-64kb-devel: before 5.3.18-150300.59.161.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-amlogic: before 5.3.18-150300.59.161.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.161.1

kernel-64kb-extra: before 5.3.18-150300.59.161.1

dtb-rockchip: before 5.3.18-150300.59.161.1

dtb-sprd: before 5.3.18-150300.59.161.1

dtb-cavium: before 5.3.18-150300.59.161.1

gfs2-kmp-64kb: before 5.3.18-150300.59.161.1

kernel-64kb-debugsource: before 5.3.18-150300.59.161.1

dtb-allwinner: before 5.3.18-150300.59.161.1

dtb-freescale: before 5.3.18-150300.59.161.1

dtb-zte: before 5.3.18-150300.59.161.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.161.1

dtb-xilinx: before 5.3.18-150300.59.161.1

kselftests-kmp-64kb: before 5.3.18-150300.59.161.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.161.1

dtb-hisilicon: before 5.3.18-150300.59.161.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-al: before 5.3.18-150300.59.161.1

dtb-lg: before 5.3.18-150300.59.161.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-qcom: before 5.3.18-150300.59.161.1

dtb-arm: before 5.3.18-150300.59.161.1

dtb-altera: before 5.3.18-150300.59.161.1

dtb-amd: before 5.3.18-150300.59.161.1

dtb-socionext: before 5.3.18-150300.59.161.1

dtb-nvidia: before 5.3.18-150300.59.161.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.161.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dlm-kmp-64kb: before 5.3.18-150300.59.161.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.161.1

kernel-64kb-optional: before 5.3.18-150300.59.161.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-aarch64: before 5.3.18-150300.59.161.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.161.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.161.1

kernel-zfcpdump: before 5.3.18-150300.59.161.1

kernel-preempt: before 5.3.18-150300.59.161.1

dlm-kmp-preempt: before 5.3.18-150300.59.161.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.161.1

kselftests-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-debugsource: before 5.3.18-150300.59.161.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.161.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.161.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-extra: before 5.3.18-150300.59.161.1

gfs2-kmp-preempt: before 5.3.18-150300.59.161.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-optional: before 5.3.18-150300.59.161.1

kernel-preempt-devel: before 5.3.18-150300.59.161.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-livepatch-5_3_18-150300_59_161-preempt-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-preempt: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-default-debuginfo: before 1-150300.7.3.1

kernel-livepatch-SLE15-SP3_Update_44-debugsource: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-default: before 1-150300.7.3.1

kernel-default: before 5.3.18-150300.59.161.1

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-obs-qa: before 5.3.18-150300.59.161.1

kernel-obs-build: before 5.3.18-150300.59.161.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kselftests-kmp-default: before 5.3.18-150300.59.161.1

dlm-kmp-default: before 5.3.18-150300.59.161.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-livepatch: before 5.3.18-150300.59.161.1

kernel-default-extra: before 5.3.18-150300.59.161.1

kernel-default-optional: before 5.3.18-150300.59.161.1

kernel-default-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-default: before 5.3.18-150300.59.161.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-debugsource: before 5.3.18-150300.59.161.1

ocfs2-kmp-default: before 5.3.18-150300.59.161.1

kernel-default-base-rebuild: before 5.3.18-150300.59.161.1.150300.18.94.1

reiserfs-kmp-default: before 5.3.18-150300.59.161.1

kernel-syms: before 5.3.18-150300.59.161.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.161.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.161.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-default: before 5.3.18-150300.59.161.1

kernel-default-base: before 5.3.18-150300.59.161.1.150300.18.94.1

kernel-default-devel: before 5.3.18-150300.59.161.1

kernel-debug-debugsource: before 5.3.18-150300.59.161.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.161.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-debug-devel: before 5.3.18-150300.59.161.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.161.1

kernel-debug-debuginfo: before 5.3.18-150300.59.161.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.161.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-debug: before 5.3.18-150300.59.161.1

kernel-kvmsmall: before 5.3.18-150300.59.161.1

kernel-source: before 5.3.18-150300.59.161.1

kernel-source-vanilla: before 5.3.18-150300.59.161.1

kernel-devel: before 5.3.18-150300.59.161.1

kernel-docs-html: before 5.3.18-150300.59.161.2

kernel-macros: before 5.3.18-150300.59.161.1

kernel-docs: before 5.3.18-150300.59.161.2

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241642-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

24) Out-of-bounds read

EUVDB-ID: #VU90314

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-48687

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to an out-of-bounds read error within the seg6_genl_sethmac() function in net/ipv6/seg6.c. A local user can gain access to sensitive information.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.161.1

dtb-marvell: before 5.3.18-150300.59.161.1

dtb-exynos: before 5.3.18-150300.59.161.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-mediatek: before 5.3.18-150300.59.161.1

dtb-apm: before 5.3.18-150300.59.161.1

dtb-broadcom: before 5.3.18-150300.59.161.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-renesas: before 5.3.18-150300.59.161.1

kernel-64kb-devel: before 5.3.18-150300.59.161.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-amlogic: before 5.3.18-150300.59.161.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.161.1

kernel-64kb-extra: before 5.3.18-150300.59.161.1

dtb-rockchip: before 5.3.18-150300.59.161.1

dtb-sprd: before 5.3.18-150300.59.161.1

dtb-cavium: before 5.3.18-150300.59.161.1

gfs2-kmp-64kb: before 5.3.18-150300.59.161.1

kernel-64kb-debugsource: before 5.3.18-150300.59.161.1

dtb-allwinner: before 5.3.18-150300.59.161.1

dtb-freescale: before 5.3.18-150300.59.161.1

dtb-zte: before 5.3.18-150300.59.161.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.161.1

dtb-xilinx: before 5.3.18-150300.59.161.1

kselftests-kmp-64kb: before 5.3.18-150300.59.161.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.161.1

dtb-hisilicon: before 5.3.18-150300.59.161.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-al: before 5.3.18-150300.59.161.1

dtb-lg: before 5.3.18-150300.59.161.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-qcom: before 5.3.18-150300.59.161.1

dtb-arm: before 5.3.18-150300.59.161.1

dtb-altera: before 5.3.18-150300.59.161.1

dtb-amd: before 5.3.18-150300.59.161.1

dtb-socionext: before 5.3.18-150300.59.161.1

dtb-nvidia: before 5.3.18-150300.59.161.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.161.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dlm-kmp-64kb: before 5.3.18-150300.59.161.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.161.1

kernel-64kb-optional: before 5.3.18-150300.59.161.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-aarch64: before 5.3.18-150300.59.161.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.161.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.161.1

kernel-zfcpdump: before 5.3.18-150300.59.161.1

kernel-preempt: before 5.3.18-150300.59.161.1

dlm-kmp-preempt: before 5.3.18-150300.59.161.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.161.1

kselftests-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-debugsource: before 5.3.18-150300.59.161.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.161.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.161.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-extra: before 5.3.18-150300.59.161.1

gfs2-kmp-preempt: before 5.3.18-150300.59.161.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-optional: before 5.3.18-150300.59.161.1

kernel-preempt-devel: before 5.3.18-150300.59.161.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-livepatch-5_3_18-150300_59_161-preempt-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-preempt: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-default-debuginfo: before 1-150300.7.3.1

kernel-livepatch-SLE15-SP3_Update_44-debugsource: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-default: before 1-150300.7.3.1

kernel-default: before 5.3.18-150300.59.161.1

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-obs-qa: before 5.3.18-150300.59.161.1

kernel-obs-build: before 5.3.18-150300.59.161.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kselftests-kmp-default: before 5.3.18-150300.59.161.1

dlm-kmp-default: before 5.3.18-150300.59.161.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-livepatch: before 5.3.18-150300.59.161.1

kernel-default-extra: before 5.3.18-150300.59.161.1

kernel-default-optional: before 5.3.18-150300.59.161.1

kernel-default-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-default: before 5.3.18-150300.59.161.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-debugsource: before 5.3.18-150300.59.161.1

ocfs2-kmp-default: before 5.3.18-150300.59.161.1

kernel-default-base-rebuild: before 5.3.18-150300.59.161.1.150300.18.94.1

reiserfs-kmp-default: before 5.3.18-150300.59.161.1

kernel-syms: before 5.3.18-150300.59.161.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.161.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.161.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-default: before 5.3.18-150300.59.161.1

kernel-default-base: before 5.3.18-150300.59.161.1.150300.18.94.1

kernel-default-devel: before 5.3.18-150300.59.161.1

kernel-debug-debugsource: before 5.3.18-150300.59.161.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.161.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-debug-devel: before 5.3.18-150300.59.161.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.161.1

kernel-debug-debuginfo: before 5.3.18-150300.59.161.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.161.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-debug: before 5.3.18-150300.59.161.1

kernel-kvmsmall: before 5.3.18-150300.59.161.1

kernel-source: before 5.3.18-150300.59.161.1

kernel-source-vanilla: before 5.3.18-150300.59.161.1

kernel-devel: before 5.3.18-150300.59.161.1

kernel-docs-html: before 5.3.18-150300.59.161.2

kernel-macros: before 5.3.18-150300.59.161.1

kernel-docs: before 5.3.18-150300.59.161.2

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241642-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

25) Information disclosure

EUVDB-ID: #VU91352

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-48693

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to information disclosure within the brcmstb_pm_probe() function in drivers/soc/bcm/brcmstb/pm/pm-arm.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.161.1

dtb-marvell: before 5.3.18-150300.59.161.1

dtb-exynos: before 5.3.18-150300.59.161.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-mediatek: before 5.3.18-150300.59.161.1

dtb-apm: before 5.3.18-150300.59.161.1

dtb-broadcom: before 5.3.18-150300.59.161.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-renesas: before 5.3.18-150300.59.161.1

kernel-64kb-devel: before 5.3.18-150300.59.161.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-amlogic: before 5.3.18-150300.59.161.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.161.1

kernel-64kb-extra: before 5.3.18-150300.59.161.1

dtb-rockchip: before 5.3.18-150300.59.161.1

dtb-sprd: before 5.3.18-150300.59.161.1

dtb-cavium: before 5.3.18-150300.59.161.1

gfs2-kmp-64kb: before 5.3.18-150300.59.161.1

kernel-64kb-debugsource: before 5.3.18-150300.59.161.1

dtb-allwinner: before 5.3.18-150300.59.161.1

dtb-freescale: before 5.3.18-150300.59.161.1

dtb-zte: before 5.3.18-150300.59.161.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.161.1

dtb-xilinx: before 5.3.18-150300.59.161.1

kselftests-kmp-64kb: before 5.3.18-150300.59.161.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.161.1

dtb-hisilicon: before 5.3.18-150300.59.161.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-al: before 5.3.18-150300.59.161.1

dtb-lg: before 5.3.18-150300.59.161.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-qcom: before 5.3.18-150300.59.161.1

dtb-arm: before 5.3.18-150300.59.161.1

dtb-altera: before 5.3.18-150300.59.161.1

dtb-amd: before 5.3.18-150300.59.161.1

dtb-socionext: before 5.3.18-150300.59.161.1

dtb-nvidia: before 5.3.18-150300.59.161.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.161.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dlm-kmp-64kb: before 5.3.18-150300.59.161.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.161.1

kernel-64kb-optional: before 5.3.18-150300.59.161.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-aarch64: before 5.3.18-150300.59.161.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.161.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.161.1

kernel-zfcpdump: before 5.3.18-150300.59.161.1

kernel-preempt: before 5.3.18-150300.59.161.1

dlm-kmp-preempt: before 5.3.18-150300.59.161.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.161.1

kselftests-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-debugsource: before 5.3.18-150300.59.161.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.161.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.161.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-extra: before 5.3.18-150300.59.161.1

gfs2-kmp-preempt: before 5.3.18-150300.59.161.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-optional: before 5.3.18-150300.59.161.1

kernel-preempt-devel: before 5.3.18-150300.59.161.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-livepatch-5_3_18-150300_59_161-preempt-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-preempt: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-default-debuginfo: before 1-150300.7.3.1

kernel-livepatch-SLE15-SP3_Update_44-debugsource: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-default: before 1-150300.7.3.1

kernel-default: before 5.3.18-150300.59.161.1

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-obs-qa: before 5.3.18-150300.59.161.1

kernel-obs-build: before 5.3.18-150300.59.161.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kselftests-kmp-default: before 5.3.18-150300.59.161.1

dlm-kmp-default: before 5.3.18-150300.59.161.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-livepatch: before 5.3.18-150300.59.161.1

kernel-default-extra: before 5.3.18-150300.59.161.1

kernel-default-optional: before 5.3.18-150300.59.161.1

kernel-default-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-default: before 5.3.18-150300.59.161.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-debugsource: before 5.3.18-150300.59.161.1

ocfs2-kmp-default: before 5.3.18-150300.59.161.1

kernel-default-base-rebuild: before 5.3.18-150300.59.161.1.150300.18.94.1

reiserfs-kmp-default: before 5.3.18-150300.59.161.1

kernel-syms: before 5.3.18-150300.59.161.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.161.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.161.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-default: before 5.3.18-150300.59.161.1

kernel-default-base: before 5.3.18-150300.59.161.1.150300.18.94.1

kernel-default-devel: before 5.3.18-150300.59.161.1

kernel-debug-debugsource: before 5.3.18-150300.59.161.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.161.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-debug-devel: before 5.3.18-150300.59.161.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.161.1

kernel-debug-debuginfo: before 5.3.18-150300.59.161.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.161.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-debug: before 5.3.18-150300.59.161.1

kernel-kvmsmall: before 5.3.18-150300.59.161.1

kernel-source: before 5.3.18-150300.59.161.1

kernel-source-vanilla: before 5.3.18-150300.59.161.1

kernel-devel: before 5.3.18-150300.59.161.1

kernel-docs-html: before 5.3.18-150300.59.161.2

kernel-macros: before 5.3.18-150300.59.161.1

kernel-docs: before 5.3.18-150300.59.161.2

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241642-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

26) Use-after-free

EUVDB-ID: #VU90171

Risk: Low

CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-48695

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the dequeue_next_fw_event() and _scsih_fw_event_cleanup_queue() functions in drivers/scsi/mpt3sas/mpt3sas_scsih.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.161.1

dtb-marvell: before 5.3.18-150300.59.161.1

dtb-exynos: before 5.3.18-150300.59.161.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-mediatek: before 5.3.18-150300.59.161.1

dtb-apm: before 5.3.18-150300.59.161.1

dtb-broadcom: before 5.3.18-150300.59.161.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-renesas: before 5.3.18-150300.59.161.1

kernel-64kb-devel: before 5.3.18-150300.59.161.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-amlogic: before 5.3.18-150300.59.161.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.161.1

kernel-64kb-extra: before 5.3.18-150300.59.161.1

dtb-rockchip: before 5.3.18-150300.59.161.1

dtb-sprd: before 5.3.18-150300.59.161.1

dtb-cavium: before 5.3.18-150300.59.161.1

gfs2-kmp-64kb: before 5.3.18-150300.59.161.1

kernel-64kb-debugsource: before 5.3.18-150300.59.161.1

dtb-allwinner: before 5.3.18-150300.59.161.1

dtb-freescale: before 5.3.18-150300.59.161.1

dtb-zte: before 5.3.18-150300.59.161.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.161.1

dtb-xilinx: before 5.3.18-150300.59.161.1

kselftests-kmp-64kb: before 5.3.18-150300.59.161.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.161.1

dtb-hisilicon: before 5.3.18-150300.59.161.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-al: before 5.3.18-150300.59.161.1

dtb-lg: before 5.3.18-150300.59.161.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-qcom: before 5.3.18-150300.59.161.1

dtb-arm: before 5.3.18-150300.59.161.1

dtb-altera: before 5.3.18-150300.59.161.1

dtb-amd: before 5.3.18-150300.59.161.1

dtb-socionext: before 5.3.18-150300.59.161.1

dtb-nvidia: before 5.3.18-150300.59.161.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.161.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dlm-kmp-64kb: before 5.3.18-150300.59.161.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.161.1

kernel-64kb-optional: before 5.3.18-150300.59.161.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-aarch64: before 5.3.18-150300.59.161.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.161.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.161.1

kernel-zfcpdump: before 5.3.18-150300.59.161.1

kernel-preempt: before 5.3.18-150300.59.161.1

dlm-kmp-preempt: before 5.3.18-150300.59.161.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.161.1

kselftests-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-debugsource: before 5.3.18-150300.59.161.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.161.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.161.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-extra: before 5.3.18-150300.59.161.1

gfs2-kmp-preempt: before 5.3.18-150300.59.161.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-optional: before 5.3.18-150300.59.161.1

kernel-preempt-devel: before 5.3.18-150300.59.161.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-livepatch-5_3_18-150300_59_161-preempt-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-preempt: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-default-debuginfo: before 1-150300.7.3.1

kernel-livepatch-SLE15-SP3_Update_44-debugsource: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-default: before 1-150300.7.3.1

kernel-default: before 5.3.18-150300.59.161.1

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-obs-qa: before 5.3.18-150300.59.161.1

kernel-obs-build: before 5.3.18-150300.59.161.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kselftests-kmp-default: before 5.3.18-150300.59.161.1

dlm-kmp-default: before 5.3.18-150300.59.161.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-livepatch: before 5.3.18-150300.59.161.1

kernel-default-extra: before 5.3.18-150300.59.161.1

kernel-default-optional: before 5.3.18-150300.59.161.1

kernel-default-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-default: before 5.3.18-150300.59.161.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-debugsource: before 5.3.18-150300.59.161.1

ocfs2-kmp-default: before 5.3.18-150300.59.161.1

kernel-default-base-rebuild: before 5.3.18-150300.59.161.1.150300.18.94.1

reiserfs-kmp-default: before 5.3.18-150300.59.161.1

kernel-syms: before 5.3.18-150300.59.161.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.161.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.161.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-default: before 5.3.18-150300.59.161.1

kernel-default-base: before 5.3.18-150300.59.161.1.150300.18.94.1

kernel-default-devel: before 5.3.18-150300.59.161.1

kernel-debug-debugsource: before 5.3.18-150300.59.161.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.161.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-debug-devel: before 5.3.18-150300.59.161.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.161.1

kernel-debug-debuginfo: before 5.3.18-150300.59.161.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.161.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-debug: before 5.3.18-150300.59.161.1

kernel-kvmsmall: before 5.3.18-150300.59.161.1

kernel-source: before 5.3.18-150300.59.161.1

kernel-source-vanilla: before 5.3.18-150300.59.161.1

kernel-devel: before 5.3.18-150300.59.161.1

kernel-docs-html: before 5.3.18-150300.59.161.2

kernel-macros: before 5.3.18-150300.59.161.1

kernel-docs: before 5.3.18-150300.59.161.2

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241642-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

27) Out-of-bounds read

EUVDB-ID: #VU90313

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-48701

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the snd_usb_parse_audio_interface() function in sound/usb/stream.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.161.1

dtb-marvell: before 5.3.18-150300.59.161.1

dtb-exynos: before 5.3.18-150300.59.161.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-mediatek: before 5.3.18-150300.59.161.1

dtb-apm: before 5.3.18-150300.59.161.1

dtb-broadcom: before 5.3.18-150300.59.161.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-renesas: before 5.3.18-150300.59.161.1

kernel-64kb-devel: before 5.3.18-150300.59.161.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-amlogic: before 5.3.18-150300.59.161.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.161.1

kernel-64kb-extra: before 5.3.18-150300.59.161.1

dtb-rockchip: before 5.3.18-150300.59.161.1

dtb-sprd: before 5.3.18-150300.59.161.1

dtb-cavium: before 5.3.18-150300.59.161.1

gfs2-kmp-64kb: before 5.3.18-150300.59.161.1

kernel-64kb-debugsource: before 5.3.18-150300.59.161.1

dtb-allwinner: before 5.3.18-150300.59.161.1

dtb-freescale: before 5.3.18-150300.59.161.1

dtb-zte: before 5.3.18-150300.59.161.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.161.1

dtb-xilinx: before 5.3.18-150300.59.161.1

kselftests-kmp-64kb: before 5.3.18-150300.59.161.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.161.1

dtb-hisilicon: before 5.3.18-150300.59.161.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-al: before 5.3.18-150300.59.161.1

dtb-lg: before 5.3.18-150300.59.161.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-qcom: before 5.3.18-150300.59.161.1

dtb-arm: before 5.3.18-150300.59.161.1

dtb-altera: before 5.3.18-150300.59.161.1

dtb-amd: before 5.3.18-150300.59.161.1

dtb-socionext: before 5.3.18-150300.59.161.1

dtb-nvidia: before 5.3.18-150300.59.161.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.161.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dlm-kmp-64kb: before 5.3.18-150300.59.161.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.161.1

kernel-64kb-optional: before 5.3.18-150300.59.161.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-aarch64: before 5.3.18-150300.59.161.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.161.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.161.1

kernel-zfcpdump: before 5.3.18-150300.59.161.1

kernel-preempt: before 5.3.18-150300.59.161.1

dlm-kmp-preempt: before 5.3.18-150300.59.161.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.161.1

kselftests-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-debugsource: before 5.3.18-150300.59.161.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.161.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.161.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-extra: before 5.3.18-150300.59.161.1

gfs2-kmp-preempt: before 5.3.18-150300.59.161.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-optional: before 5.3.18-150300.59.161.1

kernel-preempt-devel: before 5.3.18-150300.59.161.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-livepatch-5_3_18-150300_59_161-preempt-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-preempt: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-default-debuginfo: before 1-150300.7.3.1

kernel-livepatch-SLE15-SP3_Update_44-debugsource: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-default: before 1-150300.7.3.1

kernel-default: before 5.3.18-150300.59.161.1

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-obs-qa: before 5.3.18-150300.59.161.1

kernel-obs-build: before 5.3.18-150300.59.161.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kselftests-kmp-default: before 5.3.18-150300.59.161.1

dlm-kmp-default: before 5.3.18-150300.59.161.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-livepatch: before 5.3.18-150300.59.161.1

kernel-default-extra: before 5.3.18-150300.59.161.1

kernel-default-optional: before 5.3.18-150300.59.161.1

kernel-default-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-default: before 5.3.18-150300.59.161.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-debugsource: before 5.3.18-150300.59.161.1

ocfs2-kmp-default: before 5.3.18-150300.59.161.1

kernel-default-base-rebuild: before 5.3.18-150300.59.161.1.150300.18.94.1

reiserfs-kmp-default: before 5.3.18-150300.59.161.1

kernel-syms: before 5.3.18-150300.59.161.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.161.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.161.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-default: before 5.3.18-150300.59.161.1

kernel-default-base: before 5.3.18-150300.59.161.1.150300.18.94.1

kernel-default-devel: before 5.3.18-150300.59.161.1

kernel-debug-debugsource: before 5.3.18-150300.59.161.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.161.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-debug-devel: before 5.3.18-150300.59.161.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.161.1

kernel-debug-debuginfo: before 5.3.18-150300.59.161.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.161.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-debug: before 5.3.18-150300.59.161.1

kernel-kvmsmall: before 5.3.18-150300.59.161.1

kernel-source: before 5.3.18-150300.59.161.1

kernel-source-vanilla: before 5.3.18-150300.59.161.1

kernel-devel: before 5.3.18-150300.59.161.1

kernel-docs-html: before 5.3.18-150300.59.161.2

kernel-macros: before 5.3.18-150300.59.161.1

kernel-docs: before 5.3.18-150300.59.161.2

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241642-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

28) Out-of-bounds read

EUVDB-ID: #VU90312

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-48702

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the snd_emu10k1_pcm_channel_alloc() function in sound/pci/emu10k1/emupcm.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.161.1

dtb-marvell: before 5.3.18-150300.59.161.1

dtb-exynos: before 5.3.18-150300.59.161.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-mediatek: before 5.3.18-150300.59.161.1

dtb-apm: before 5.3.18-150300.59.161.1

dtb-broadcom: before 5.3.18-150300.59.161.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-renesas: before 5.3.18-150300.59.161.1

kernel-64kb-devel: before 5.3.18-150300.59.161.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-amlogic: before 5.3.18-150300.59.161.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.161.1

kernel-64kb-extra: before 5.3.18-150300.59.161.1

dtb-rockchip: before 5.3.18-150300.59.161.1

dtb-sprd: before 5.3.18-150300.59.161.1

dtb-cavium: before 5.3.18-150300.59.161.1

gfs2-kmp-64kb: before 5.3.18-150300.59.161.1

kernel-64kb-debugsource: before 5.3.18-150300.59.161.1

dtb-allwinner: before 5.3.18-150300.59.161.1

dtb-freescale: before 5.3.18-150300.59.161.1

dtb-zte: before 5.3.18-150300.59.161.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.161.1

dtb-xilinx: before 5.3.18-150300.59.161.1

kselftests-kmp-64kb: before 5.3.18-150300.59.161.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.161.1

dtb-hisilicon: before 5.3.18-150300.59.161.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-al: before 5.3.18-150300.59.161.1

dtb-lg: before 5.3.18-150300.59.161.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-qcom: before 5.3.18-150300.59.161.1

dtb-arm: before 5.3.18-150300.59.161.1

dtb-altera: before 5.3.18-150300.59.161.1

dtb-amd: before 5.3.18-150300.59.161.1

dtb-socionext: before 5.3.18-150300.59.161.1

dtb-nvidia: before 5.3.18-150300.59.161.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.161.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dlm-kmp-64kb: before 5.3.18-150300.59.161.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.161.1

kernel-64kb-optional: before 5.3.18-150300.59.161.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-aarch64: before 5.3.18-150300.59.161.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.161.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.161.1

kernel-zfcpdump: before 5.3.18-150300.59.161.1

kernel-preempt: before 5.3.18-150300.59.161.1

dlm-kmp-preempt: before 5.3.18-150300.59.161.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.161.1

kselftests-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-debugsource: before 5.3.18-150300.59.161.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.161.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.161.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-extra: before 5.3.18-150300.59.161.1

gfs2-kmp-preempt: before 5.3.18-150300.59.161.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-optional: before 5.3.18-150300.59.161.1

kernel-preempt-devel: before 5.3.18-150300.59.161.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-livepatch-5_3_18-150300_59_161-preempt-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-preempt: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-default-debuginfo: before 1-150300.7.3.1

kernel-livepatch-SLE15-SP3_Update_44-debugsource: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-default: before 1-150300.7.3.1

kernel-default: before 5.3.18-150300.59.161.1

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-obs-qa: before 5.3.18-150300.59.161.1

kernel-obs-build: before 5.3.18-150300.59.161.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kselftests-kmp-default: before 5.3.18-150300.59.161.1

dlm-kmp-default: before 5.3.18-150300.59.161.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-livepatch: before 5.3.18-150300.59.161.1

kernel-default-extra: before 5.3.18-150300.59.161.1

kernel-default-optional: before 5.3.18-150300.59.161.1

kernel-default-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-default: before 5.3.18-150300.59.161.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-debugsource: before 5.3.18-150300.59.161.1

ocfs2-kmp-default: before 5.3.18-150300.59.161.1

kernel-default-base-rebuild: before 5.3.18-150300.59.161.1.150300.18.94.1

reiserfs-kmp-default: before 5.3.18-150300.59.161.1

kernel-syms: before 5.3.18-150300.59.161.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.161.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.161.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-default: before 5.3.18-150300.59.161.1

kernel-default-base: before 5.3.18-150300.59.161.1.150300.18.94.1

kernel-default-devel: before 5.3.18-150300.59.161.1

kernel-debug-debugsource: before 5.3.18-150300.59.161.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.161.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-debug-devel: before 5.3.18-150300.59.161.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.161.1

kernel-debug-debuginfo: before 5.3.18-150300.59.161.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.161.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-debug: before 5.3.18-150300.59.161.1

kernel-kvmsmall: before 5.3.18-150300.59.161.1

kernel-source: before 5.3.18-150300.59.161.1

kernel-source-vanilla: before 5.3.18-150300.59.161.1

kernel-devel: before 5.3.18-150300.59.161.1

kernel-docs-html: before 5.3.18-150300.59.161.2

kernel-macros: before 5.3.18-150300.59.161.1

kernel-docs: before 5.3.18-150300.59.161.2

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241642-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

29) Out-of-bounds read

EUVDB-ID: #VU78675

Risk: Low

CVSSv3.1: 2 [CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-2860

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition within the SR-IPv6 implementation when processing seg6 attributes. A local user can trigger an out-of-bounds read error and read contents of memory on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.161.1

dtb-marvell: before 5.3.18-150300.59.161.1

dtb-exynos: before 5.3.18-150300.59.161.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-mediatek: before 5.3.18-150300.59.161.1

dtb-apm: before 5.3.18-150300.59.161.1

dtb-broadcom: before 5.3.18-150300.59.161.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-renesas: before 5.3.18-150300.59.161.1

kernel-64kb-devel: before 5.3.18-150300.59.161.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-amlogic: before 5.3.18-150300.59.161.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.161.1

kernel-64kb-extra: before 5.3.18-150300.59.161.1

dtb-rockchip: before 5.3.18-150300.59.161.1

dtb-sprd: before 5.3.18-150300.59.161.1

dtb-cavium: before 5.3.18-150300.59.161.1

gfs2-kmp-64kb: before 5.3.18-150300.59.161.1

kernel-64kb-debugsource: before 5.3.18-150300.59.161.1

dtb-allwinner: before 5.3.18-150300.59.161.1

dtb-freescale: before 5.3.18-150300.59.161.1

dtb-zte: before 5.3.18-150300.59.161.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.161.1

dtb-xilinx: before 5.3.18-150300.59.161.1

kselftests-kmp-64kb: before 5.3.18-150300.59.161.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.161.1

dtb-hisilicon: before 5.3.18-150300.59.161.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-al: before 5.3.18-150300.59.161.1

dtb-lg: before 5.3.18-150300.59.161.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-qcom: before 5.3.18-150300.59.161.1

dtb-arm: before 5.3.18-150300.59.161.1

dtb-altera: before 5.3.18-150300.59.161.1

dtb-amd: before 5.3.18-150300.59.161.1

dtb-socionext: before 5.3.18-150300.59.161.1

dtb-nvidia: before 5.3.18-150300.59.161.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.161.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dlm-kmp-64kb: before 5.3.18-150300.59.161.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.161.1

kernel-64kb-optional: before 5.3.18-150300.59.161.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-aarch64: before 5.3.18-150300.59.161.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.161.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.161.1

kernel-zfcpdump: before 5.3.18-150300.59.161.1

kernel-preempt: before 5.3.18-150300.59.161.1

dlm-kmp-preempt: before 5.3.18-150300.59.161.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.161.1

kselftests-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-debugsource: before 5.3.18-150300.59.161.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.161.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.161.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-extra: before 5.3.18-150300.59.161.1

gfs2-kmp-preempt: before 5.3.18-150300.59.161.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-optional: before 5.3.18-150300.59.161.1

kernel-preempt-devel: before 5.3.18-150300.59.161.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-livepatch-5_3_18-150300_59_161-preempt-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-preempt: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-default-debuginfo: before 1-150300.7.3.1

kernel-livepatch-SLE15-SP3_Update_44-debugsource: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-default: before 1-150300.7.3.1

kernel-default: before 5.3.18-150300.59.161.1

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-obs-qa: before 5.3.18-150300.59.161.1

kernel-obs-build: before 5.3.18-150300.59.161.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kselftests-kmp-default: before 5.3.18-150300.59.161.1

dlm-kmp-default: before 5.3.18-150300.59.161.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-livepatch: before 5.3.18-150300.59.161.1

kernel-default-extra: before 5.3.18-150300.59.161.1

kernel-default-optional: before 5.3.18-150300.59.161.1

kernel-default-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-default: before 5.3.18-150300.59.161.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-debugsource: before 5.3.18-150300.59.161.1

ocfs2-kmp-default: before 5.3.18-150300.59.161.1

kernel-default-base-rebuild: before 5.3.18-150300.59.161.1.150300.18.94.1

reiserfs-kmp-default: before 5.3.18-150300.59.161.1

kernel-syms: before 5.3.18-150300.59.161.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.161.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.161.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-default: before 5.3.18-150300.59.161.1

kernel-default-base: before 5.3.18-150300.59.161.1.150300.18.94.1

kernel-default-devel: before 5.3.18-150300.59.161.1

kernel-debug-debugsource: before 5.3.18-150300.59.161.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.161.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-debug-devel: before 5.3.18-150300.59.161.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.161.1

kernel-debug-debuginfo: before 5.3.18-150300.59.161.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.161.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-debug: before 5.3.18-150300.59.161.1

kernel-kvmsmall: before 5.3.18-150300.59.161.1

kernel-source: before 5.3.18-150300.59.161.1

kernel-source-vanilla: before 5.3.18-150300.59.161.1

kernel-devel: before 5.3.18-150300.59.161.1

kernel-docs-html: before 5.3.18-150300.59.161.2

kernel-macros: before 5.3.18-150300.59.161.1

kernel-docs: before 5.3.18-150300.59.161.2

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241642-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

30) Use-after-free

EUVDB-ID: #VU91599

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-6270

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the aoecmd_cfg_pkts() function in the ATA over Ethernet (AoE) driver. A local user can trigger a use-after-free error and escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.161.1

dtb-marvell: before 5.3.18-150300.59.161.1

dtb-exynos: before 5.3.18-150300.59.161.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-mediatek: before 5.3.18-150300.59.161.1

dtb-apm: before 5.3.18-150300.59.161.1

dtb-broadcom: before 5.3.18-150300.59.161.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-renesas: before 5.3.18-150300.59.161.1

kernel-64kb-devel: before 5.3.18-150300.59.161.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-amlogic: before 5.3.18-150300.59.161.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.161.1

kernel-64kb-extra: before 5.3.18-150300.59.161.1

dtb-rockchip: before 5.3.18-150300.59.161.1

dtb-sprd: before 5.3.18-150300.59.161.1

dtb-cavium: before 5.3.18-150300.59.161.1

gfs2-kmp-64kb: before 5.3.18-150300.59.161.1

kernel-64kb-debugsource: before 5.3.18-150300.59.161.1

dtb-allwinner: before 5.3.18-150300.59.161.1

dtb-freescale: before 5.3.18-150300.59.161.1

dtb-zte: before 5.3.18-150300.59.161.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.161.1

dtb-xilinx: before 5.3.18-150300.59.161.1

kselftests-kmp-64kb: before 5.3.18-150300.59.161.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.161.1

dtb-hisilicon: before 5.3.18-150300.59.161.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-al: before 5.3.18-150300.59.161.1

dtb-lg: before 5.3.18-150300.59.161.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-qcom: before 5.3.18-150300.59.161.1

dtb-arm: before 5.3.18-150300.59.161.1

dtb-altera: before 5.3.18-150300.59.161.1

dtb-amd: before 5.3.18-150300.59.161.1

dtb-socionext: before 5.3.18-150300.59.161.1

dtb-nvidia: before 5.3.18-150300.59.161.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.161.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dlm-kmp-64kb: before 5.3.18-150300.59.161.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.161.1

kernel-64kb-optional: before 5.3.18-150300.59.161.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-aarch64: before 5.3.18-150300.59.161.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.161.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.161.1

kernel-zfcpdump: before 5.3.18-150300.59.161.1

kernel-preempt: before 5.3.18-150300.59.161.1

dlm-kmp-preempt: before 5.3.18-150300.59.161.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.161.1

kselftests-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-debugsource: before 5.3.18-150300.59.161.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.161.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.161.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-extra: before 5.3.18-150300.59.161.1

gfs2-kmp-preempt: before 5.3.18-150300.59.161.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-optional: before 5.3.18-150300.59.161.1

kernel-preempt-devel: before 5.3.18-150300.59.161.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-livepatch-5_3_18-150300_59_161-preempt-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-preempt: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-default-debuginfo: before 1-150300.7.3.1

kernel-livepatch-SLE15-SP3_Update_44-debugsource: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-default: before 1-150300.7.3.1

kernel-default: before 5.3.18-150300.59.161.1

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-obs-qa: before 5.3.18-150300.59.161.1

kernel-obs-build: before 5.3.18-150300.59.161.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kselftests-kmp-default: before 5.3.18-150300.59.161.1

dlm-kmp-default: before 5.3.18-150300.59.161.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-livepatch: before 5.3.18-150300.59.161.1

kernel-default-extra: before 5.3.18-150300.59.161.1

kernel-default-optional: before 5.3.18-150300.59.161.1

kernel-default-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-default: before 5.3.18-150300.59.161.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-debugsource: before 5.3.18-150300.59.161.1

ocfs2-kmp-default: before 5.3.18-150300.59.161.1

kernel-default-base-rebuild: before 5.3.18-150300.59.161.1.150300.18.94.1

reiserfs-kmp-default: before 5.3.18-150300.59.161.1

kernel-syms: before 5.3.18-150300.59.161.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.161.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.161.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-default: before 5.3.18-150300.59.161.1

kernel-default-base: before 5.3.18-150300.59.161.1.150300.18.94.1

kernel-default-devel: before 5.3.18-150300.59.161.1

kernel-debug-debugsource: before 5.3.18-150300.59.161.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.161.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-debug-devel: before 5.3.18-150300.59.161.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.161.1

kernel-debug-debuginfo: before 5.3.18-150300.59.161.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.161.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-debug: before 5.3.18-150300.59.161.1

kernel-kvmsmall: before 5.3.18-150300.59.161.1

kernel-source: before 5.3.18-150300.59.161.1

kernel-source-vanilla: before 5.3.18-150300.59.161.1

kernel-devel: before 5.3.18-150300.59.161.1

kernel-docs-html: before 5.3.18-150300.59.161.2

kernel-macros: before 5.3.18-150300.59.161.1

kernel-docs: before 5.3.18-150300.59.161.2

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241642-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

31) Improper locking

EUVDB-ID: #VU88894

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-0639

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service attack.

The vulnerability exists due to improper locking within the sctp_auto_asconf_init() function in net/sctp/socket.c. A local user can crash the kernel.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.161.1

dtb-marvell: before 5.3.18-150300.59.161.1

dtb-exynos: before 5.3.18-150300.59.161.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-mediatek: before 5.3.18-150300.59.161.1

dtb-apm: before 5.3.18-150300.59.161.1

dtb-broadcom: before 5.3.18-150300.59.161.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-renesas: before 5.3.18-150300.59.161.1

kernel-64kb-devel: before 5.3.18-150300.59.161.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-amlogic: before 5.3.18-150300.59.161.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.161.1

kernel-64kb-extra: before 5.3.18-150300.59.161.1

dtb-rockchip: before 5.3.18-150300.59.161.1

dtb-sprd: before 5.3.18-150300.59.161.1

dtb-cavium: before 5.3.18-150300.59.161.1

gfs2-kmp-64kb: before 5.3.18-150300.59.161.1

kernel-64kb-debugsource: before 5.3.18-150300.59.161.1

dtb-allwinner: before 5.3.18-150300.59.161.1

dtb-freescale: before 5.3.18-150300.59.161.1

dtb-zte: before 5.3.18-150300.59.161.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.161.1

dtb-xilinx: before 5.3.18-150300.59.161.1

kselftests-kmp-64kb: before 5.3.18-150300.59.161.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.161.1

dtb-hisilicon: before 5.3.18-150300.59.161.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-al: before 5.3.18-150300.59.161.1

dtb-lg: before 5.3.18-150300.59.161.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-qcom: before 5.3.18-150300.59.161.1

dtb-arm: before 5.3.18-150300.59.161.1

dtb-altera: before 5.3.18-150300.59.161.1

dtb-amd: before 5.3.18-150300.59.161.1

dtb-socionext: before 5.3.18-150300.59.161.1

dtb-nvidia: before 5.3.18-150300.59.161.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.161.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dlm-kmp-64kb: before 5.3.18-150300.59.161.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.161.1

kernel-64kb-optional: before 5.3.18-150300.59.161.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-aarch64: before 5.3.18-150300.59.161.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.161.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.161.1

kernel-zfcpdump: before 5.3.18-150300.59.161.1

kernel-preempt: before 5.3.18-150300.59.161.1

dlm-kmp-preempt: before 5.3.18-150300.59.161.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.161.1

kselftests-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-debugsource: before 5.3.18-150300.59.161.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.161.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.161.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-extra: before 5.3.18-150300.59.161.1

gfs2-kmp-preempt: before 5.3.18-150300.59.161.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-optional: before 5.3.18-150300.59.161.1

kernel-preempt-devel: before 5.3.18-150300.59.161.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-livepatch-5_3_18-150300_59_161-preempt-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-preempt: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-default-debuginfo: before 1-150300.7.3.1

kernel-livepatch-SLE15-SP3_Update_44-debugsource: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-default: before 1-150300.7.3.1

kernel-default: before 5.3.18-150300.59.161.1

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-obs-qa: before 5.3.18-150300.59.161.1

kernel-obs-build: before 5.3.18-150300.59.161.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kselftests-kmp-default: before 5.3.18-150300.59.161.1

dlm-kmp-default: before 5.3.18-150300.59.161.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-livepatch: before 5.3.18-150300.59.161.1

kernel-default-extra: before 5.3.18-150300.59.161.1

kernel-default-optional: before 5.3.18-150300.59.161.1

kernel-default-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-default: before 5.3.18-150300.59.161.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-debugsource: before 5.3.18-150300.59.161.1

ocfs2-kmp-default: before 5.3.18-150300.59.161.1

kernel-default-base-rebuild: before 5.3.18-150300.59.161.1.150300.18.94.1

reiserfs-kmp-default: before 5.3.18-150300.59.161.1

kernel-syms: before 5.3.18-150300.59.161.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.161.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.161.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-default: before 5.3.18-150300.59.161.1

kernel-default-base: before 5.3.18-150300.59.161.1.150300.18.94.1

kernel-default-devel: before 5.3.18-150300.59.161.1

kernel-debug-debugsource: before 5.3.18-150300.59.161.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.161.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-debug-devel: before 5.3.18-150300.59.161.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.161.1

kernel-debug-debuginfo: before 5.3.18-150300.59.161.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.161.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-debug: before 5.3.18-150300.59.161.1

kernel-kvmsmall: before 5.3.18-150300.59.161.1

kernel-source: before 5.3.18-150300.59.161.1

kernel-source-vanilla: before 5.3.18-150300.59.161.1

kernel-devel: before 5.3.18-150300.59.161.1

kernel-docs-html: before 5.3.18-150300.59.161.2

kernel-macros: before 5.3.18-150300.59.161.1

kernel-docs: before 5.3.18-150300.59.161.2

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241642-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

32) NULL pointer dereference

EUVDB-ID: #VU89389

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-0841

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error within the hugetlbfs_fill_super() function in the Linux kernel hugetlbfs (HugeTLB pages) functionality. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.161.1

dtb-marvell: before 5.3.18-150300.59.161.1

dtb-exynos: before 5.3.18-150300.59.161.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-mediatek: before 5.3.18-150300.59.161.1

dtb-apm: before 5.3.18-150300.59.161.1

dtb-broadcom: before 5.3.18-150300.59.161.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-renesas: before 5.3.18-150300.59.161.1

kernel-64kb-devel: before 5.3.18-150300.59.161.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-amlogic: before 5.3.18-150300.59.161.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.161.1

kernel-64kb-extra: before 5.3.18-150300.59.161.1

dtb-rockchip: before 5.3.18-150300.59.161.1

dtb-sprd: before 5.3.18-150300.59.161.1

dtb-cavium: before 5.3.18-150300.59.161.1

gfs2-kmp-64kb: before 5.3.18-150300.59.161.1

kernel-64kb-debugsource: before 5.3.18-150300.59.161.1

dtb-allwinner: before 5.3.18-150300.59.161.1

dtb-freescale: before 5.3.18-150300.59.161.1

dtb-zte: before 5.3.18-150300.59.161.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.161.1

dtb-xilinx: before 5.3.18-150300.59.161.1

kselftests-kmp-64kb: before 5.3.18-150300.59.161.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.161.1

dtb-hisilicon: before 5.3.18-150300.59.161.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-al: before 5.3.18-150300.59.161.1

dtb-lg: before 5.3.18-150300.59.161.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-qcom: before 5.3.18-150300.59.161.1

dtb-arm: before 5.3.18-150300.59.161.1

dtb-altera: before 5.3.18-150300.59.161.1

dtb-amd: before 5.3.18-150300.59.161.1

dtb-socionext: before 5.3.18-150300.59.161.1

dtb-nvidia: before 5.3.18-150300.59.161.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.161.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dlm-kmp-64kb: before 5.3.18-150300.59.161.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.161.1

kernel-64kb-optional: before 5.3.18-150300.59.161.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-aarch64: before 5.3.18-150300.59.161.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.161.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.161.1

kernel-zfcpdump: before 5.3.18-150300.59.161.1

kernel-preempt: before 5.3.18-150300.59.161.1

dlm-kmp-preempt: before 5.3.18-150300.59.161.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.161.1

kselftests-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-debugsource: before 5.3.18-150300.59.161.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.161.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.161.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-extra: before 5.3.18-150300.59.161.1

gfs2-kmp-preempt: before 5.3.18-150300.59.161.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-optional: before 5.3.18-150300.59.161.1

kernel-preempt-devel: before 5.3.18-150300.59.161.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-livepatch-5_3_18-150300_59_161-preempt-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-preempt: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-default-debuginfo: before 1-150300.7.3.1

kernel-livepatch-SLE15-SP3_Update_44-debugsource: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-default: before 1-150300.7.3.1

kernel-default: before 5.3.18-150300.59.161.1

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-obs-qa: before 5.3.18-150300.59.161.1

kernel-obs-build: before 5.3.18-150300.59.161.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kselftests-kmp-default: before 5.3.18-150300.59.161.1

dlm-kmp-default: before 5.3.18-150300.59.161.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-livepatch: before 5.3.18-150300.59.161.1

kernel-default-extra: before 5.3.18-150300.59.161.1

kernel-default-optional: before 5.3.18-150300.59.161.1

kernel-default-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-default: before 5.3.18-150300.59.161.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-debugsource: before 5.3.18-150300.59.161.1

ocfs2-kmp-default: before 5.3.18-150300.59.161.1

kernel-default-base-rebuild: before 5.3.18-150300.59.161.1.150300.18.94.1

reiserfs-kmp-default: before 5.3.18-150300.59.161.1

kernel-syms: before 5.3.18-150300.59.161.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.161.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.161.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-default: before 5.3.18-150300.59.161.1

kernel-default-base: before 5.3.18-150300.59.161.1.150300.18.94.1

kernel-default-devel: before 5.3.18-150300.59.161.1

kernel-debug-debugsource: before 5.3.18-150300.59.161.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.161.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-debug-devel: before 5.3.18-150300.59.161.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.161.1

kernel-debug-debuginfo: before 5.3.18-150300.59.161.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.161.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-debug: before 5.3.18-150300.59.161.1

kernel-kvmsmall: before 5.3.18-150300.59.161.1

kernel-source: before 5.3.18-150300.59.161.1

kernel-source-vanilla: before 5.3.18-150300.59.161.1

kernel-devel: before 5.3.18-150300.59.161.1

kernel-docs-html: before 5.3.18-150300.59.161.2

kernel-macros: before 5.3.18-150300.59.161.1

kernel-docs: before 5.3.18-150300.59.161.2

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241642-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

33) NULL pointer dereference

EUVDB-ID: #VU87192

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-22099

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error within the rfcomm_check_security() function in /net/bluetooth/rfcomm/core.c. A local user can pass specially crafted data to the application and perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.161.1

dtb-marvell: before 5.3.18-150300.59.161.1

dtb-exynos: before 5.3.18-150300.59.161.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-mediatek: before 5.3.18-150300.59.161.1

dtb-apm: before 5.3.18-150300.59.161.1

dtb-broadcom: before 5.3.18-150300.59.161.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-renesas: before 5.3.18-150300.59.161.1

kernel-64kb-devel: before 5.3.18-150300.59.161.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-amlogic: before 5.3.18-150300.59.161.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.161.1

kernel-64kb-extra: before 5.3.18-150300.59.161.1

dtb-rockchip: before 5.3.18-150300.59.161.1

dtb-sprd: before 5.3.18-150300.59.161.1

dtb-cavium: before 5.3.18-150300.59.161.1

gfs2-kmp-64kb: before 5.3.18-150300.59.161.1

kernel-64kb-debugsource: before 5.3.18-150300.59.161.1

dtb-allwinner: before 5.3.18-150300.59.161.1

dtb-freescale: before 5.3.18-150300.59.161.1

dtb-zte: before 5.3.18-150300.59.161.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.161.1

dtb-xilinx: before 5.3.18-150300.59.161.1

kselftests-kmp-64kb: before 5.3.18-150300.59.161.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.161.1

dtb-hisilicon: before 5.3.18-150300.59.161.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-al: before 5.3.18-150300.59.161.1

dtb-lg: before 5.3.18-150300.59.161.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-qcom: before 5.3.18-150300.59.161.1

dtb-arm: before 5.3.18-150300.59.161.1

dtb-altera: before 5.3.18-150300.59.161.1

dtb-amd: before 5.3.18-150300.59.161.1

dtb-socionext: before 5.3.18-150300.59.161.1

dtb-nvidia: before 5.3.18-150300.59.161.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.161.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dlm-kmp-64kb: before 5.3.18-150300.59.161.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.161.1

kernel-64kb-optional: before 5.3.18-150300.59.161.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-aarch64: before 5.3.18-150300.59.161.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.161.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.161.1

kernel-zfcpdump: before 5.3.18-150300.59.161.1

kernel-preempt: before 5.3.18-150300.59.161.1

dlm-kmp-preempt: before 5.3.18-150300.59.161.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.161.1

kselftests-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-debugsource: before 5.3.18-150300.59.161.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.161.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.161.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-extra: before 5.3.18-150300.59.161.1

gfs2-kmp-preempt: before 5.3.18-150300.59.161.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-optional: before 5.3.18-150300.59.161.1

kernel-preempt-devel: before 5.3.18-150300.59.161.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-livepatch-5_3_18-150300_59_161-preempt-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-preempt: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-default-debuginfo: before 1-150300.7.3.1

kernel-livepatch-SLE15-SP3_Update_44-debugsource: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-default: before 1-150300.7.3.1

kernel-default: before 5.3.18-150300.59.161.1

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-obs-qa: before 5.3.18-150300.59.161.1

kernel-obs-build: before 5.3.18-150300.59.161.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kselftests-kmp-default: before 5.3.18-150300.59.161.1

dlm-kmp-default: before 5.3.18-150300.59.161.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-livepatch: before 5.3.18-150300.59.161.1

kernel-default-extra: before 5.3.18-150300.59.161.1

kernel-default-optional: before 5.3.18-150300.59.161.1

kernel-default-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-default: before 5.3.18-150300.59.161.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-debugsource: before 5.3.18-150300.59.161.1

ocfs2-kmp-default: before 5.3.18-150300.59.161.1

kernel-default-base-rebuild: before 5.3.18-150300.59.161.1.150300.18.94.1

reiserfs-kmp-default: before 5.3.18-150300.59.161.1

kernel-syms: before 5.3.18-150300.59.161.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.161.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.161.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-default: before 5.3.18-150300.59.161.1

kernel-default-base: before 5.3.18-150300.59.161.1.150300.18.94.1

kernel-default-devel: before 5.3.18-150300.59.161.1

kernel-debug-debugsource: before 5.3.18-150300.59.161.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.161.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-debug-devel: before 5.3.18-150300.59.161.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.161.1

kernel-debug-debuginfo: before 5.3.18-150300.59.161.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.161.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-debug: before 5.3.18-150300.59.161.1

kernel-kvmsmall: before 5.3.18-150300.59.161.1

kernel-source: before 5.3.18-150300.59.161.1

kernel-source-vanilla: before 5.3.18-150300.59.161.1

kernel-devel: before 5.3.18-150300.59.161.1

kernel-docs-html: before 5.3.18-150300.59.161.2

kernel-macros: before 5.3.18-150300.59.161.1

kernel-docs: before 5.3.18-150300.59.161.2

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241642-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

34) Integer overflow

EUVDB-ID: #VU88102

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-23307

CWE-ID: CWE-190 - Integer overflow

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to integer overflow in raid5_cache_count() function. A local user can trigger an integer overflow and execute arbitrary code with elevated privileges.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.161.1

dtb-marvell: before 5.3.18-150300.59.161.1

dtb-exynos: before 5.3.18-150300.59.161.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-mediatek: before 5.3.18-150300.59.161.1

dtb-apm: before 5.3.18-150300.59.161.1

dtb-broadcom: before 5.3.18-150300.59.161.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-renesas: before 5.3.18-150300.59.161.1

kernel-64kb-devel: before 5.3.18-150300.59.161.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-amlogic: before 5.3.18-150300.59.161.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.161.1

kernel-64kb-extra: before 5.3.18-150300.59.161.1

dtb-rockchip: before 5.3.18-150300.59.161.1

dtb-sprd: before 5.3.18-150300.59.161.1

dtb-cavium: before 5.3.18-150300.59.161.1

gfs2-kmp-64kb: before 5.3.18-150300.59.161.1

kernel-64kb-debugsource: before 5.3.18-150300.59.161.1

dtb-allwinner: before 5.3.18-150300.59.161.1

dtb-freescale: before 5.3.18-150300.59.161.1

dtb-zte: before 5.3.18-150300.59.161.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.161.1

dtb-xilinx: before 5.3.18-150300.59.161.1

kselftests-kmp-64kb: before 5.3.18-150300.59.161.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.161.1

dtb-hisilicon: before 5.3.18-150300.59.161.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-al: before 5.3.18-150300.59.161.1

dtb-lg: before 5.3.18-150300.59.161.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-qcom: before 5.3.18-150300.59.161.1

dtb-arm: before 5.3.18-150300.59.161.1

dtb-altera: before 5.3.18-150300.59.161.1

dtb-amd: before 5.3.18-150300.59.161.1

dtb-socionext: before 5.3.18-150300.59.161.1

dtb-nvidia: before 5.3.18-150300.59.161.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.161.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dlm-kmp-64kb: before 5.3.18-150300.59.161.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.161.1

kernel-64kb-optional: before 5.3.18-150300.59.161.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-aarch64: before 5.3.18-150300.59.161.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.161.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.161.1

kernel-zfcpdump: before 5.3.18-150300.59.161.1

kernel-preempt: before 5.3.18-150300.59.161.1

dlm-kmp-preempt: before 5.3.18-150300.59.161.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.161.1

kselftests-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-debugsource: before 5.3.18-150300.59.161.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.161.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.161.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-extra: before 5.3.18-150300.59.161.1

gfs2-kmp-preempt: before 5.3.18-150300.59.161.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-optional: before 5.3.18-150300.59.161.1

kernel-preempt-devel: before 5.3.18-150300.59.161.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-livepatch-5_3_18-150300_59_161-preempt-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-preempt: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-default-debuginfo: before 1-150300.7.3.1

kernel-livepatch-SLE15-SP3_Update_44-debugsource: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-default: before 1-150300.7.3.1

kernel-default: before 5.3.18-150300.59.161.1

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-obs-qa: before 5.3.18-150300.59.161.1

kernel-obs-build: before 5.3.18-150300.59.161.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kselftests-kmp-default: before 5.3.18-150300.59.161.1

dlm-kmp-default: before 5.3.18-150300.59.161.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-livepatch: before 5.3.18-150300.59.161.1

kernel-default-extra: before 5.3.18-150300.59.161.1

kernel-default-optional: before 5.3.18-150300.59.161.1

kernel-default-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-default: before 5.3.18-150300.59.161.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-debugsource: before 5.3.18-150300.59.161.1

ocfs2-kmp-default: before 5.3.18-150300.59.161.1

kernel-default-base-rebuild: before 5.3.18-150300.59.161.1.150300.18.94.1

reiserfs-kmp-default: before 5.3.18-150300.59.161.1

kernel-syms: before 5.3.18-150300.59.161.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.161.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.161.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-default: before 5.3.18-150300.59.161.1

kernel-default-base: before 5.3.18-150300.59.161.1.150300.18.94.1

kernel-default-devel: before 5.3.18-150300.59.161.1

kernel-debug-debugsource: before 5.3.18-150300.59.161.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.161.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-debug-devel: before 5.3.18-150300.59.161.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.161.1

kernel-debug-debuginfo: before 5.3.18-150300.59.161.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.161.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-debug: before 5.3.18-150300.59.161.1

kernel-kvmsmall: before 5.3.18-150300.59.161.1

kernel-source: before 5.3.18-150300.59.161.1

kernel-source-vanilla: before 5.3.18-150300.59.161.1

kernel-devel: before 5.3.18-150300.59.161.1

kernel-docs-html: before 5.3.18-150300.59.161.2

kernel-macros: before 5.3.18-150300.59.161.1

kernel-docs: before 5.3.18-150300.59.161.2

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241642-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

35) Buffer overflow

EUVDB-ID: #VU89679

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-26610

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error within the iwl_dbg_tlv_override_trig_node() function in drivers/net/wireless/intel/iwlwifi/iwl-dbg-tlv.c. A local user can trigger memory corruption and execute arbitrary code with elevated privileges.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.161.1

dtb-marvell: before 5.3.18-150300.59.161.1

dtb-exynos: before 5.3.18-150300.59.161.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-mediatek: before 5.3.18-150300.59.161.1

dtb-apm: before 5.3.18-150300.59.161.1

dtb-broadcom: before 5.3.18-150300.59.161.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-renesas: before 5.3.18-150300.59.161.1

kernel-64kb-devel: before 5.3.18-150300.59.161.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-amlogic: before 5.3.18-150300.59.161.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.161.1

kernel-64kb-extra: before 5.3.18-150300.59.161.1

dtb-rockchip: before 5.3.18-150300.59.161.1

dtb-sprd: before 5.3.18-150300.59.161.1

dtb-cavium: before 5.3.18-150300.59.161.1

gfs2-kmp-64kb: before 5.3.18-150300.59.161.1

kernel-64kb-debugsource: before 5.3.18-150300.59.161.1

dtb-allwinner: before 5.3.18-150300.59.161.1

dtb-freescale: before 5.3.18-150300.59.161.1

dtb-zte: before 5.3.18-150300.59.161.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.161.1

dtb-xilinx: before 5.3.18-150300.59.161.1

kselftests-kmp-64kb: before 5.3.18-150300.59.161.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.161.1

dtb-hisilicon: before 5.3.18-150300.59.161.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-al: before 5.3.18-150300.59.161.1

dtb-lg: before 5.3.18-150300.59.161.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-qcom: before 5.3.18-150300.59.161.1

dtb-arm: before 5.3.18-150300.59.161.1

dtb-altera: before 5.3.18-150300.59.161.1

dtb-amd: before 5.3.18-150300.59.161.1

dtb-socionext: before 5.3.18-150300.59.161.1

dtb-nvidia: before 5.3.18-150300.59.161.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.161.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dlm-kmp-64kb: before 5.3.18-150300.59.161.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.161.1

kernel-64kb-optional: before 5.3.18-150300.59.161.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-aarch64: before 5.3.18-150300.59.161.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.161.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.161.1

kernel-zfcpdump: before 5.3.18-150300.59.161.1

kernel-preempt: before 5.3.18-150300.59.161.1

dlm-kmp-preempt: before 5.3.18-150300.59.161.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.161.1

kselftests-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-debugsource: before 5.3.18-150300.59.161.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.161.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.161.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-extra: before 5.3.18-150300.59.161.1

gfs2-kmp-preempt: before 5.3.18-150300.59.161.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-optional: before 5.3.18-150300.59.161.1

kernel-preempt-devel: before 5.3.18-150300.59.161.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-livepatch-5_3_18-150300_59_161-preempt-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-preempt: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-default-debuginfo: before 1-150300.7.3.1

kernel-livepatch-SLE15-SP3_Update_44-debugsource: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-default: before 1-150300.7.3.1

kernel-default: before 5.3.18-150300.59.161.1

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-obs-qa: before 5.3.18-150300.59.161.1

kernel-obs-build: before 5.3.18-150300.59.161.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kselftests-kmp-default: before 5.3.18-150300.59.161.1

dlm-kmp-default: before 5.3.18-150300.59.161.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-livepatch: before 5.3.18-150300.59.161.1

kernel-default-extra: before 5.3.18-150300.59.161.1

kernel-default-optional: before 5.3.18-150300.59.161.1

kernel-default-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-default: before 5.3.18-150300.59.161.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-debugsource: before 5.3.18-150300.59.161.1

ocfs2-kmp-default: before 5.3.18-150300.59.161.1

kernel-default-base-rebuild: before 5.3.18-150300.59.161.1.150300.18.94.1

reiserfs-kmp-default: before 5.3.18-150300.59.161.1

kernel-syms: before 5.3.18-150300.59.161.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.161.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.161.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-default: before 5.3.18-150300.59.161.1

kernel-default-base: before 5.3.18-150300.59.161.1.150300.18.94.1

kernel-default-devel: before 5.3.18-150300.59.161.1

kernel-debug-debugsource: before 5.3.18-150300.59.161.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.161.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-debug-devel: before 5.3.18-150300.59.161.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.161.1

kernel-debug-debuginfo: before 5.3.18-150300.59.161.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.161.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-debug: before 5.3.18-150300.59.161.1

kernel-kvmsmall: before 5.3.18-150300.59.161.1

kernel-source: before 5.3.18-150300.59.161.1

kernel-source-vanilla: before 5.3.18-150300.59.161.1

kernel-devel: before 5.3.18-150300.59.161.1

kernel-docs-html: before 5.3.18-150300.59.161.2

kernel-macros: before 5.3.18-150300.59.161.1

kernel-docs: before 5.3.18-150300.59.161.2

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241642-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

36) NULL pointer dereference

EUVDB-ID: #VU90603

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-26688

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the hugetlbfs_parse_param() function in fs/hugetlbfs/inode.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.161.1

dtb-marvell: before 5.3.18-150300.59.161.1

dtb-exynos: before 5.3.18-150300.59.161.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-mediatek: before 5.3.18-150300.59.161.1

dtb-apm: before 5.3.18-150300.59.161.1

dtb-broadcom: before 5.3.18-150300.59.161.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-renesas: before 5.3.18-150300.59.161.1

kernel-64kb-devel: before 5.3.18-150300.59.161.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-amlogic: before 5.3.18-150300.59.161.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.161.1

kernel-64kb-extra: before 5.3.18-150300.59.161.1

dtb-rockchip: before 5.3.18-150300.59.161.1

dtb-sprd: before 5.3.18-150300.59.161.1

dtb-cavium: before 5.3.18-150300.59.161.1

gfs2-kmp-64kb: before 5.3.18-150300.59.161.1

kernel-64kb-debugsource: before 5.3.18-150300.59.161.1

dtb-allwinner: before 5.3.18-150300.59.161.1

dtb-freescale: before 5.3.18-150300.59.161.1

dtb-zte: before 5.3.18-150300.59.161.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.161.1

dtb-xilinx: before 5.3.18-150300.59.161.1

kselftests-kmp-64kb: before 5.3.18-150300.59.161.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.161.1

dtb-hisilicon: before 5.3.18-150300.59.161.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-al: before 5.3.18-150300.59.161.1

dtb-lg: before 5.3.18-150300.59.161.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-qcom: before 5.3.18-150300.59.161.1

dtb-arm: before 5.3.18-150300.59.161.1

dtb-altera: before 5.3.18-150300.59.161.1

dtb-amd: before 5.3.18-150300.59.161.1

dtb-socionext: before 5.3.18-150300.59.161.1

dtb-nvidia: before 5.3.18-150300.59.161.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.161.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dlm-kmp-64kb: before 5.3.18-150300.59.161.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.161.1

kernel-64kb-optional: before 5.3.18-150300.59.161.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-aarch64: before 5.3.18-150300.59.161.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.161.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.161.1

kernel-zfcpdump: before 5.3.18-150300.59.161.1

kernel-preempt: before 5.3.18-150300.59.161.1

dlm-kmp-preempt: before 5.3.18-150300.59.161.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.161.1

kselftests-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-debugsource: before 5.3.18-150300.59.161.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.161.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.161.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-extra: before 5.3.18-150300.59.161.1

gfs2-kmp-preempt: before 5.3.18-150300.59.161.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-optional: before 5.3.18-150300.59.161.1

kernel-preempt-devel: before 5.3.18-150300.59.161.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-livepatch-5_3_18-150300_59_161-preempt-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-preempt: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-default-debuginfo: before 1-150300.7.3.1

kernel-livepatch-SLE15-SP3_Update_44-debugsource: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-default: before 1-150300.7.3.1

kernel-default: before 5.3.18-150300.59.161.1

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-obs-qa: before 5.3.18-150300.59.161.1

kernel-obs-build: before 5.3.18-150300.59.161.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kselftests-kmp-default: before 5.3.18-150300.59.161.1

dlm-kmp-default: before 5.3.18-150300.59.161.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-livepatch: before 5.3.18-150300.59.161.1

kernel-default-extra: before 5.3.18-150300.59.161.1

kernel-default-optional: before 5.3.18-150300.59.161.1

kernel-default-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-default: before 5.3.18-150300.59.161.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-debugsource: before 5.3.18-150300.59.161.1

ocfs2-kmp-default: before 5.3.18-150300.59.161.1

kernel-default-base-rebuild: before 5.3.18-150300.59.161.1.150300.18.94.1

reiserfs-kmp-default: before 5.3.18-150300.59.161.1

kernel-syms: before 5.3.18-150300.59.161.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.161.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.161.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-default: before 5.3.18-150300.59.161.1

kernel-default-base: before 5.3.18-150300.59.161.1.150300.18.94.1

kernel-default-devel: before 5.3.18-150300.59.161.1

kernel-debug-debugsource: before 5.3.18-150300.59.161.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.161.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-debug-devel: before 5.3.18-150300.59.161.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.161.1

kernel-debug-debuginfo: before 5.3.18-150300.59.161.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.161.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-debug: before 5.3.18-150300.59.161.1

kernel-kvmsmall: before 5.3.18-150300.59.161.1

kernel-source: before 5.3.18-150300.59.161.1

kernel-source-vanilla: before 5.3.18-150300.59.161.1

kernel-devel: before 5.3.18-150300.59.161.1

kernel-docs-html: before 5.3.18-150300.59.161.2

kernel-macros: before 5.3.18-150300.59.161.1

kernel-docs: before 5.3.18-150300.59.161.2

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241642-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

37) Use-after-free

EUVDB-ID: #VU90220

Risk: Low

CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-26689

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the __prep_cap() and __send_cap() functions in fs/ceph/caps.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.161.1

dtb-marvell: before 5.3.18-150300.59.161.1

dtb-exynos: before 5.3.18-150300.59.161.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-mediatek: before 5.3.18-150300.59.161.1

dtb-apm: before 5.3.18-150300.59.161.1

dtb-broadcom: before 5.3.18-150300.59.161.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-renesas: before 5.3.18-150300.59.161.1

kernel-64kb-devel: before 5.3.18-150300.59.161.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-amlogic: before 5.3.18-150300.59.161.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.161.1

kernel-64kb-extra: before 5.3.18-150300.59.161.1

dtb-rockchip: before 5.3.18-150300.59.161.1

dtb-sprd: before 5.3.18-150300.59.161.1

dtb-cavium: before 5.3.18-150300.59.161.1

gfs2-kmp-64kb: before 5.3.18-150300.59.161.1

kernel-64kb-debugsource: before 5.3.18-150300.59.161.1

dtb-allwinner: before 5.3.18-150300.59.161.1

dtb-freescale: before 5.3.18-150300.59.161.1

dtb-zte: before 5.3.18-150300.59.161.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.161.1

dtb-xilinx: before 5.3.18-150300.59.161.1

kselftests-kmp-64kb: before 5.3.18-150300.59.161.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.161.1

dtb-hisilicon: before 5.3.18-150300.59.161.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-al: before 5.3.18-150300.59.161.1

dtb-lg: before 5.3.18-150300.59.161.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-qcom: before 5.3.18-150300.59.161.1

dtb-arm: before 5.3.18-150300.59.161.1

dtb-altera: before 5.3.18-150300.59.161.1

dtb-amd: before 5.3.18-150300.59.161.1

dtb-socionext: before 5.3.18-150300.59.161.1

dtb-nvidia: before 5.3.18-150300.59.161.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.161.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dlm-kmp-64kb: before 5.3.18-150300.59.161.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.161.1

kernel-64kb-optional: before 5.3.18-150300.59.161.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-aarch64: before 5.3.18-150300.59.161.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.161.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.161.1

kernel-zfcpdump: before 5.3.18-150300.59.161.1

kernel-preempt: before 5.3.18-150300.59.161.1

dlm-kmp-preempt: before 5.3.18-150300.59.161.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.161.1

kselftests-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-debugsource: before 5.3.18-150300.59.161.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.161.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.161.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-extra: before 5.3.18-150300.59.161.1

gfs2-kmp-preempt: before 5.3.18-150300.59.161.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-optional: before 5.3.18-150300.59.161.1

kernel-preempt-devel: before 5.3.18-150300.59.161.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-livepatch-5_3_18-150300_59_161-preempt-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-preempt: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-default-debuginfo: before 1-150300.7.3.1

kernel-livepatch-SLE15-SP3_Update_44-debugsource: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-default: before 1-150300.7.3.1

kernel-default: before 5.3.18-150300.59.161.1

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-obs-qa: before 5.3.18-150300.59.161.1

kernel-obs-build: before 5.3.18-150300.59.161.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kselftests-kmp-default: before 5.3.18-150300.59.161.1

dlm-kmp-default: before 5.3.18-150300.59.161.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-livepatch: before 5.3.18-150300.59.161.1

kernel-default-extra: before 5.3.18-150300.59.161.1

kernel-default-optional: before 5.3.18-150300.59.161.1

kernel-default-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-default: before 5.3.18-150300.59.161.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-debugsource: before 5.3.18-150300.59.161.1

ocfs2-kmp-default: before 5.3.18-150300.59.161.1

kernel-default-base-rebuild: before 5.3.18-150300.59.161.1.150300.18.94.1

reiserfs-kmp-default: before 5.3.18-150300.59.161.1

kernel-syms: before 5.3.18-150300.59.161.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.161.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.161.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-default: before 5.3.18-150300.59.161.1

kernel-default-base: before 5.3.18-150300.59.161.1.150300.18.94.1

kernel-default-devel: before 5.3.18-150300.59.161.1

kernel-debug-debugsource: before 5.3.18-150300.59.161.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.161.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-debug-devel: before 5.3.18-150300.59.161.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.161.1

kernel-debug-debuginfo: before 5.3.18-150300.59.161.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.161.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-debug: before 5.3.18-150300.59.161.1

kernel-kvmsmall: before 5.3.18-150300.59.161.1

kernel-source: before 5.3.18-150300.59.161.1

kernel-source-vanilla: before 5.3.18-150300.59.161.1

kernel-devel: before 5.3.18-150300.59.161.1

kernel-docs-html: before 5.3.18-150300.59.161.2

kernel-macros: before 5.3.18-150300.59.161.1

kernel-docs: before 5.3.18-150300.59.161.2

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241642-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

38) Buffer overflow

EUVDB-ID: #VU92952

Risk: Low

CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-26733

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to memory corruption within the arp_req_get() function in net/ipv4/arp.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.161.1

dtb-marvell: before 5.3.18-150300.59.161.1

dtb-exynos: before 5.3.18-150300.59.161.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-mediatek: before 5.3.18-150300.59.161.1

dtb-apm: before 5.3.18-150300.59.161.1

dtb-broadcom: before 5.3.18-150300.59.161.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-renesas: before 5.3.18-150300.59.161.1

kernel-64kb-devel: before 5.3.18-150300.59.161.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-amlogic: before 5.3.18-150300.59.161.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.161.1

kernel-64kb-extra: before 5.3.18-150300.59.161.1

dtb-rockchip: before 5.3.18-150300.59.161.1

dtb-sprd: before 5.3.18-150300.59.161.1

dtb-cavium: before 5.3.18-150300.59.161.1

gfs2-kmp-64kb: before 5.3.18-150300.59.161.1

kernel-64kb-debugsource: before 5.3.18-150300.59.161.1

dtb-allwinner: before 5.3.18-150300.59.161.1

dtb-freescale: before 5.3.18-150300.59.161.1

dtb-zte: before 5.3.18-150300.59.161.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.161.1

dtb-xilinx: before 5.3.18-150300.59.161.1

kselftests-kmp-64kb: before 5.3.18-150300.59.161.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.161.1

dtb-hisilicon: before 5.3.18-150300.59.161.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-al: before 5.3.18-150300.59.161.1

dtb-lg: before 5.3.18-150300.59.161.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-qcom: before 5.3.18-150300.59.161.1

dtb-arm: before 5.3.18-150300.59.161.1

dtb-altera: before 5.3.18-150300.59.161.1

dtb-amd: before 5.3.18-150300.59.161.1

dtb-socionext: before 5.3.18-150300.59.161.1

dtb-nvidia: before 5.3.18-150300.59.161.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.161.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dlm-kmp-64kb: before 5.3.18-150300.59.161.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.161.1

kernel-64kb-optional: before 5.3.18-150300.59.161.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-aarch64: before 5.3.18-150300.59.161.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.161.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.161.1

kernel-zfcpdump: before 5.3.18-150300.59.161.1

kernel-preempt: before 5.3.18-150300.59.161.1

dlm-kmp-preempt: before 5.3.18-150300.59.161.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.161.1

kselftests-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-debugsource: before 5.3.18-150300.59.161.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.161.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.161.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-extra: before 5.3.18-150300.59.161.1

gfs2-kmp-preempt: before 5.3.18-150300.59.161.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-optional: before 5.3.18-150300.59.161.1

kernel-preempt-devel: before 5.3.18-150300.59.161.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-livepatch-5_3_18-150300_59_161-preempt-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-preempt: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-default-debuginfo: before 1-150300.7.3.1

kernel-livepatch-SLE15-SP3_Update_44-debugsource: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-default: before 1-150300.7.3.1

kernel-default: before 5.3.18-150300.59.161.1

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-obs-qa: before 5.3.18-150300.59.161.1

kernel-obs-build: before 5.3.18-150300.59.161.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kselftests-kmp-default: before 5.3.18-150300.59.161.1

dlm-kmp-default: before 5.3.18-150300.59.161.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-livepatch: before 5.3.18-150300.59.161.1

kernel-default-extra: before 5.3.18-150300.59.161.1

kernel-default-optional: before 5.3.18-150300.59.161.1

kernel-default-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-default: before 5.3.18-150300.59.161.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-debugsource: before 5.3.18-150300.59.161.1

ocfs2-kmp-default: before 5.3.18-150300.59.161.1

kernel-default-base-rebuild: before 5.3.18-150300.59.161.1.150300.18.94.1

reiserfs-kmp-default: before 5.3.18-150300.59.161.1

kernel-syms: before 5.3.18-150300.59.161.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.161.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.161.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-default: before 5.3.18-150300.59.161.1

kernel-default-base: before 5.3.18-150300.59.161.1.150300.18.94.1

kernel-default-devel: before 5.3.18-150300.59.161.1

kernel-debug-debugsource: before 5.3.18-150300.59.161.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.161.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-debug-devel: before 5.3.18-150300.59.161.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.161.1

kernel-debug-debuginfo: before 5.3.18-150300.59.161.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.161.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-debug: before 5.3.18-150300.59.161.1

kernel-kvmsmall: before 5.3.18-150300.59.161.1

kernel-source: before 5.3.18-150300.59.161.1

kernel-source-vanilla: before 5.3.18-150300.59.161.1

kernel-devel: before 5.3.18-150300.59.161.1

kernel-docs-html: before 5.3.18-150300.59.161.2

kernel-macros: before 5.3.18-150300.59.161.1

kernel-docs: before 5.3.18-150300.59.161.2

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241642-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

39) Use-after-free

EUVDB-ID: #VU90214

Risk: Low

CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-26739

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the tcf_mirred_to_dev() function in net/sched/act_mirred.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.161.1

dtb-marvell: before 5.3.18-150300.59.161.1

dtb-exynos: before 5.3.18-150300.59.161.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-mediatek: before 5.3.18-150300.59.161.1

dtb-apm: before 5.3.18-150300.59.161.1

dtb-broadcom: before 5.3.18-150300.59.161.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-renesas: before 5.3.18-150300.59.161.1

kernel-64kb-devel: before 5.3.18-150300.59.161.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-amlogic: before 5.3.18-150300.59.161.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.161.1

kernel-64kb-extra: before 5.3.18-150300.59.161.1

dtb-rockchip: before 5.3.18-150300.59.161.1

dtb-sprd: before 5.3.18-150300.59.161.1

dtb-cavium: before 5.3.18-150300.59.161.1

gfs2-kmp-64kb: before 5.3.18-150300.59.161.1

kernel-64kb-debugsource: before 5.3.18-150300.59.161.1

dtb-allwinner: before 5.3.18-150300.59.161.1

dtb-freescale: before 5.3.18-150300.59.161.1

dtb-zte: before 5.3.18-150300.59.161.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.161.1

dtb-xilinx: before 5.3.18-150300.59.161.1

kselftests-kmp-64kb: before 5.3.18-150300.59.161.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.161.1

dtb-hisilicon: before 5.3.18-150300.59.161.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-al: before 5.3.18-150300.59.161.1

dtb-lg: before 5.3.18-150300.59.161.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-qcom: before 5.3.18-150300.59.161.1

dtb-arm: before 5.3.18-150300.59.161.1

dtb-altera: before 5.3.18-150300.59.161.1

dtb-amd: before 5.3.18-150300.59.161.1

dtb-socionext: before 5.3.18-150300.59.161.1

dtb-nvidia: before 5.3.18-150300.59.161.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.161.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dlm-kmp-64kb: before 5.3.18-150300.59.161.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.161.1

kernel-64kb-optional: before 5.3.18-150300.59.161.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-aarch64: before 5.3.18-150300.59.161.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.161.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.161.1

kernel-zfcpdump: before 5.3.18-150300.59.161.1

kernel-preempt: before 5.3.18-150300.59.161.1

dlm-kmp-preempt: before 5.3.18-150300.59.161.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.161.1

kselftests-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-debugsource: before 5.3.18-150300.59.161.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.161.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.161.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-extra: before 5.3.18-150300.59.161.1

gfs2-kmp-preempt: before 5.3.18-150300.59.161.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-optional: before 5.3.18-150300.59.161.1

kernel-preempt-devel: before 5.3.18-150300.59.161.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-livepatch-5_3_18-150300_59_161-preempt-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-preempt: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-default-debuginfo: before 1-150300.7.3.1

kernel-livepatch-SLE15-SP3_Update_44-debugsource: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-default: before 1-150300.7.3.1

kernel-default: before 5.3.18-150300.59.161.1

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-obs-qa: before 5.3.18-150300.59.161.1

kernel-obs-build: before 5.3.18-150300.59.161.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kselftests-kmp-default: before 5.3.18-150300.59.161.1

dlm-kmp-default: before 5.3.18-150300.59.161.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-livepatch: before 5.3.18-150300.59.161.1

kernel-default-extra: before 5.3.18-150300.59.161.1

kernel-default-optional: before 5.3.18-150300.59.161.1

kernel-default-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-default: before 5.3.18-150300.59.161.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-debugsource: before 5.3.18-150300.59.161.1

ocfs2-kmp-default: before 5.3.18-150300.59.161.1

kernel-default-base-rebuild: before 5.3.18-150300.59.161.1.150300.18.94.1

reiserfs-kmp-default: before 5.3.18-150300.59.161.1

kernel-syms: before 5.3.18-150300.59.161.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.161.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.161.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-default: before 5.3.18-150300.59.161.1

kernel-default-base: before 5.3.18-150300.59.161.1.150300.18.94.1

kernel-default-devel: before 5.3.18-150300.59.161.1

kernel-debug-debugsource: before 5.3.18-150300.59.161.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.161.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-debug-devel: before 5.3.18-150300.59.161.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.161.1

kernel-debug-debuginfo: before 5.3.18-150300.59.161.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.161.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-debug: before 5.3.18-150300.59.161.1

kernel-kvmsmall: before 5.3.18-150300.59.161.1

kernel-source: before 5.3.18-150300.59.161.1

kernel-source-vanilla: before 5.3.18-150300.59.161.1

kernel-devel: before 5.3.18-150300.59.161.1

kernel-docs-html: before 5.3.18-150300.59.161.2

kernel-macros: before 5.3.18-150300.59.161.1

kernel-docs: before 5.3.18-150300.59.161.2

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241642-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

40) NULL pointer dereference

EUVDB-ID: #VU90596

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-26744

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the module_param() function in drivers/infiniband/ulp/srpt/ib_srpt.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.161.1

dtb-marvell: before 5.3.18-150300.59.161.1

dtb-exynos: before 5.3.18-150300.59.161.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-mediatek: before 5.3.18-150300.59.161.1

dtb-apm: before 5.3.18-150300.59.161.1

dtb-broadcom: before 5.3.18-150300.59.161.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-renesas: before 5.3.18-150300.59.161.1

kernel-64kb-devel: before 5.3.18-150300.59.161.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-amlogic: before 5.3.18-150300.59.161.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.161.1

kernel-64kb-extra: before 5.3.18-150300.59.161.1

dtb-rockchip: before 5.3.18-150300.59.161.1

dtb-sprd: before 5.3.18-150300.59.161.1

dtb-cavium: before 5.3.18-150300.59.161.1

gfs2-kmp-64kb: before 5.3.18-150300.59.161.1

kernel-64kb-debugsource: before 5.3.18-150300.59.161.1

dtb-allwinner: before 5.3.18-150300.59.161.1

dtb-freescale: before 5.3.18-150300.59.161.1

dtb-zte: before 5.3.18-150300.59.161.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.161.1

dtb-xilinx: before 5.3.18-150300.59.161.1

kselftests-kmp-64kb: before 5.3.18-150300.59.161.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.161.1

dtb-hisilicon: before 5.3.18-150300.59.161.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-al: before 5.3.18-150300.59.161.1

dtb-lg: before 5.3.18-150300.59.161.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-qcom: before 5.3.18-150300.59.161.1

dtb-arm: before 5.3.18-150300.59.161.1

dtb-altera: before 5.3.18-150300.59.161.1

dtb-amd: before 5.3.18-150300.59.161.1

dtb-socionext: before 5.3.18-150300.59.161.1

dtb-nvidia: before 5.3.18-150300.59.161.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.161.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dlm-kmp-64kb: before 5.3.18-150300.59.161.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.161.1

kernel-64kb-optional: before 5.3.18-150300.59.161.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-aarch64: before 5.3.18-150300.59.161.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.161.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.161.1

kernel-zfcpdump: before 5.3.18-150300.59.161.1

kernel-preempt: before 5.3.18-150300.59.161.1

dlm-kmp-preempt: before 5.3.18-150300.59.161.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.161.1

kselftests-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-debugsource: before 5.3.18-150300.59.161.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.161.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.161.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-extra: before 5.3.18-150300.59.161.1

gfs2-kmp-preempt: before 5.3.18-150300.59.161.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-optional: before 5.3.18-150300.59.161.1

kernel-preempt-devel: before 5.3.18-150300.59.161.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-livepatch-5_3_18-150300_59_161-preempt-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-preempt: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-default-debuginfo: before 1-150300.7.3.1

kernel-livepatch-SLE15-SP3_Update_44-debugsource: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-default: before 1-150300.7.3.1

kernel-default: before 5.3.18-150300.59.161.1

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-obs-qa: before 5.3.18-150300.59.161.1

kernel-obs-build: before 5.3.18-150300.59.161.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kselftests-kmp-default: before 5.3.18-150300.59.161.1

dlm-kmp-default: before 5.3.18-150300.59.161.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-livepatch: before 5.3.18-150300.59.161.1

kernel-default-extra: before 5.3.18-150300.59.161.1

kernel-default-optional: before 5.3.18-150300.59.161.1

kernel-default-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-default: before 5.3.18-150300.59.161.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-debugsource: before 5.3.18-150300.59.161.1

ocfs2-kmp-default: before 5.3.18-150300.59.161.1

kernel-default-base-rebuild: before 5.3.18-150300.59.161.1.150300.18.94.1

reiserfs-kmp-default: before 5.3.18-150300.59.161.1

kernel-syms: before 5.3.18-150300.59.161.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.161.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.161.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-default: before 5.3.18-150300.59.161.1

kernel-default-base: before 5.3.18-150300.59.161.1.150300.18.94.1

kernel-default-devel: before 5.3.18-150300.59.161.1

kernel-debug-debugsource: before 5.3.18-150300.59.161.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.161.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-debug-devel: before 5.3.18-150300.59.161.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.161.1

kernel-debug-debuginfo: before 5.3.18-150300.59.161.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.161.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-debug: before 5.3.18-150300.59.161.1

kernel-kvmsmall: before 5.3.18-150300.59.161.1

kernel-source: before 5.3.18-150300.59.161.1

kernel-source-vanilla: before 5.3.18-150300.59.161.1

kernel-devel: before 5.3.18-150300.59.161.1

kernel-docs-html: before 5.3.18-150300.59.161.2

kernel-macros: before 5.3.18-150300.59.161.1

kernel-docs: before 5.3.18-150300.59.161.2

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241642-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

41) Memory leak

EUVDB-ID: #VU91650

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-26816

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the print_absolute_relocs() function in arch/x86/tools/relocs.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.161.1

dtb-marvell: before 5.3.18-150300.59.161.1

dtb-exynos: before 5.3.18-150300.59.161.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-mediatek: before 5.3.18-150300.59.161.1

dtb-apm: before 5.3.18-150300.59.161.1

dtb-broadcom: before 5.3.18-150300.59.161.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-renesas: before 5.3.18-150300.59.161.1

kernel-64kb-devel: before 5.3.18-150300.59.161.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-amlogic: before 5.3.18-150300.59.161.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.161.1

kernel-64kb-extra: before 5.3.18-150300.59.161.1

dtb-rockchip: before 5.3.18-150300.59.161.1

dtb-sprd: before 5.3.18-150300.59.161.1

dtb-cavium: before 5.3.18-150300.59.161.1

gfs2-kmp-64kb: before 5.3.18-150300.59.161.1

kernel-64kb-debugsource: before 5.3.18-150300.59.161.1

dtb-allwinner: before 5.3.18-150300.59.161.1

dtb-freescale: before 5.3.18-150300.59.161.1

dtb-zte: before 5.3.18-150300.59.161.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.161.1

dtb-xilinx: before 5.3.18-150300.59.161.1

kselftests-kmp-64kb: before 5.3.18-150300.59.161.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.161.1

dtb-hisilicon: before 5.3.18-150300.59.161.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-al: before 5.3.18-150300.59.161.1

dtb-lg: before 5.3.18-150300.59.161.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-qcom: before 5.3.18-150300.59.161.1

dtb-arm: before 5.3.18-150300.59.161.1

dtb-altera: before 5.3.18-150300.59.161.1

dtb-amd: before 5.3.18-150300.59.161.1

dtb-socionext: before 5.3.18-150300.59.161.1

dtb-nvidia: before 5.3.18-150300.59.161.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.161.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dlm-kmp-64kb: before 5.3.18-150300.59.161.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.161.1

kernel-64kb-optional: before 5.3.18-150300.59.161.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-aarch64: before 5.3.18-150300.59.161.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.161.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.161.1

kernel-zfcpdump: before 5.3.18-150300.59.161.1

kernel-preempt: before 5.3.18-150300.59.161.1

dlm-kmp-preempt: before 5.3.18-150300.59.161.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.161.1

kselftests-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-debugsource: before 5.3.18-150300.59.161.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.161.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.161.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-extra: before 5.3.18-150300.59.161.1

gfs2-kmp-preempt: before 5.3.18-150300.59.161.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-optional: before 5.3.18-150300.59.161.1

kernel-preempt-devel: before 5.3.18-150300.59.161.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-livepatch-5_3_18-150300_59_161-preempt-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-preempt: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-default-debuginfo: before 1-150300.7.3.1

kernel-livepatch-SLE15-SP3_Update_44-debugsource: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-default: before 1-150300.7.3.1

kernel-default: before 5.3.18-150300.59.161.1

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-obs-qa: before 5.3.18-150300.59.161.1

kernel-obs-build: before 5.3.18-150300.59.161.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kselftests-kmp-default: before 5.3.18-150300.59.161.1

dlm-kmp-default: before 5.3.18-150300.59.161.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-livepatch: before 5.3.18-150300.59.161.1

kernel-default-extra: before 5.3.18-150300.59.161.1

kernel-default-optional: before 5.3.18-150300.59.161.1

kernel-default-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-default: before 5.3.18-150300.59.161.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-debugsource: before 5.3.18-150300.59.161.1

ocfs2-kmp-default: before 5.3.18-150300.59.161.1

kernel-default-base-rebuild: before 5.3.18-150300.59.161.1.150300.18.94.1

reiserfs-kmp-default: before 5.3.18-150300.59.161.1

kernel-syms: before 5.3.18-150300.59.161.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.161.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.161.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-default: before 5.3.18-150300.59.161.1

kernel-default-base: before 5.3.18-150300.59.161.1.150300.18.94.1

kernel-default-devel: before 5.3.18-150300.59.161.1

kernel-debug-debugsource: before 5.3.18-150300.59.161.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.161.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-debug-devel: before 5.3.18-150300.59.161.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.161.1

kernel-debug-debuginfo: before 5.3.18-150300.59.161.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.161.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-debug: before 5.3.18-150300.59.161.1

kernel-kvmsmall: before 5.3.18-150300.59.161.1

kernel-source: before 5.3.18-150300.59.161.1

kernel-source-vanilla: before 5.3.18-150300.59.161.1

kernel-devel: before 5.3.18-150300.59.161.1

kernel-docs-html: before 5.3.18-150300.59.161.2

kernel-macros: before 5.3.18-150300.59.161.1

kernel-docs: before 5.3.18-150300.59.161.2

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241642-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

42) Memory leak

EUVDB-ID: #VU90005

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-26840

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the kmem_cache_free() and cachefiles_daemon_unbind() functions in fs/cachefiles/bind.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.161.1

dtb-marvell: before 5.3.18-150300.59.161.1

dtb-exynos: before 5.3.18-150300.59.161.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-mediatek: before 5.3.18-150300.59.161.1

dtb-apm: before 5.3.18-150300.59.161.1

dtb-broadcom: before 5.3.18-150300.59.161.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-renesas: before 5.3.18-150300.59.161.1

kernel-64kb-devel: before 5.3.18-150300.59.161.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-amlogic: before 5.3.18-150300.59.161.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.161.1

kernel-64kb-extra: before 5.3.18-150300.59.161.1

dtb-rockchip: before 5.3.18-150300.59.161.1

dtb-sprd: before 5.3.18-150300.59.161.1

dtb-cavium: before 5.3.18-150300.59.161.1

gfs2-kmp-64kb: before 5.3.18-150300.59.161.1

kernel-64kb-debugsource: before 5.3.18-150300.59.161.1

dtb-allwinner: before 5.3.18-150300.59.161.1

dtb-freescale: before 5.3.18-150300.59.161.1

dtb-zte: before 5.3.18-150300.59.161.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.161.1

dtb-xilinx: before 5.3.18-150300.59.161.1

kselftests-kmp-64kb: before 5.3.18-150300.59.161.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.161.1

dtb-hisilicon: before 5.3.18-150300.59.161.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-al: before 5.3.18-150300.59.161.1

dtb-lg: before 5.3.18-150300.59.161.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-qcom: before 5.3.18-150300.59.161.1

dtb-arm: before 5.3.18-150300.59.161.1

dtb-altera: before 5.3.18-150300.59.161.1

dtb-amd: before 5.3.18-150300.59.161.1

dtb-socionext: before 5.3.18-150300.59.161.1

dtb-nvidia: before 5.3.18-150300.59.161.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.161.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dlm-kmp-64kb: before 5.3.18-150300.59.161.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.161.1

kernel-64kb-optional: before 5.3.18-150300.59.161.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-aarch64: before 5.3.18-150300.59.161.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.161.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.161.1

kernel-zfcpdump: before 5.3.18-150300.59.161.1

kernel-preempt: before 5.3.18-150300.59.161.1

dlm-kmp-preempt: before 5.3.18-150300.59.161.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.161.1

kselftests-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-debugsource: before 5.3.18-150300.59.161.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.161.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.161.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-extra: before 5.3.18-150300.59.161.1

gfs2-kmp-preempt: before 5.3.18-150300.59.161.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-optional: before 5.3.18-150300.59.161.1

kernel-preempt-devel: before 5.3.18-150300.59.161.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-livepatch-5_3_18-150300_59_161-preempt-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-preempt: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-default-debuginfo: before 1-150300.7.3.1

kernel-livepatch-SLE15-SP3_Update_44-debugsource: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-default: before 1-150300.7.3.1

kernel-default: before 5.3.18-150300.59.161.1

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-obs-qa: before 5.3.18-150300.59.161.1

kernel-obs-build: before 5.3.18-150300.59.161.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kselftests-kmp-default: before 5.3.18-150300.59.161.1

dlm-kmp-default: before 5.3.18-150300.59.161.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-livepatch: before 5.3.18-150300.59.161.1

kernel-default-extra: before 5.3.18-150300.59.161.1

kernel-default-optional: before 5.3.18-150300.59.161.1

kernel-default-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-default: before 5.3.18-150300.59.161.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-debugsource: before 5.3.18-150300.59.161.1

ocfs2-kmp-default: before 5.3.18-150300.59.161.1

kernel-default-base-rebuild: before 5.3.18-150300.59.161.1.150300.18.94.1

reiserfs-kmp-default: before 5.3.18-150300.59.161.1

kernel-syms: before 5.3.18-150300.59.161.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.161.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.161.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-default: before 5.3.18-150300.59.161.1

kernel-default-base: before 5.3.18-150300.59.161.1.150300.18.94.1

kernel-default-devel: before 5.3.18-150300.59.161.1

kernel-debug-debugsource: before 5.3.18-150300.59.161.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.161.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-debug-devel: before 5.3.18-150300.59.161.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.161.1

kernel-debug-debuginfo: before 5.3.18-150300.59.161.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.161.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-debug: before 5.3.18-150300.59.161.1

kernel-kvmsmall: before 5.3.18-150300.59.161.1

kernel-source: before 5.3.18-150300.59.161.1

kernel-source-vanilla: before 5.3.18-150300.59.161.1

kernel-devel: before 5.3.18-150300.59.161.1

kernel-docs-html: before 5.3.18-150300.59.161.2

kernel-macros: before 5.3.18-150300.59.161.1

kernel-docs: before 5.3.18-150300.59.161.2

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241642-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

43) Use-after-free

EUVDB-ID: #VU90194

Risk: Low

CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-26852

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the ip6_route_multipath_add() and list_for_each_entry_safe() functions in net/ipv6/route.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.161.1

dtb-marvell: before 5.3.18-150300.59.161.1

dtb-exynos: before 5.3.18-150300.59.161.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-mediatek: before 5.3.18-150300.59.161.1

dtb-apm: before 5.3.18-150300.59.161.1

dtb-broadcom: before 5.3.18-150300.59.161.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-renesas: before 5.3.18-150300.59.161.1

kernel-64kb-devel: before 5.3.18-150300.59.161.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-amlogic: before 5.3.18-150300.59.161.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.161.1

kernel-64kb-extra: before 5.3.18-150300.59.161.1

dtb-rockchip: before 5.3.18-150300.59.161.1

dtb-sprd: before 5.3.18-150300.59.161.1

dtb-cavium: before 5.3.18-150300.59.161.1

gfs2-kmp-64kb: before 5.3.18-150300.59.161.1

kernel-64kb-debugsource: before 5.3.18-150300.59.161.1

dtb-allwinner: before 5.3.18-150300.59.161.1

dtb-freescale: before 5.3.18-150300.59.161.1

dtb-zte: before 5.3.18-150300.59.161.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.161.1

dtb-xilinx: before 5.3.18-150300.59.161.1

kselftests-kmp-64kb: before 5.3.18-150300.59.161.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.161.1

dtb-hisilicon: before 5.3.18-150300.59.161.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-al: before 5.3.18-150300.59.161.1

dtb-lg: before 5.3.18-150300.59.161.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-qcom: before 5.3.18-150300.59.161.1

dtb-arm: before 5.3.18-150300.59.161.1

dtb-altera: before 5.3.18-150300.59.161.1

dtb-amd: before 5.3.18-150300.59.161.1

dtb-socionext: before 5.3.18-150300.59.161.1

dtb-nvidia: before 5.3.18-150300.59.161.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.161.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dlm-kmp-64kb: before 5.3.18-150300.59.161.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.161.1

kernel-64kb-optional: before 5.3.18-150300.59.161.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-aarch64: before 5.3.18-150300.59.161.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.161.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.161.1

kernel-zfcpdump: before 5.3.18-150300.59.161.1

kernel-preempt: before 5.3.18-150300.59.161.1

dlm-kmp-preempt: before 5.3.18-150300.59.161.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.161.1

kselftests-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-debugsource: before 5.3.18-150300.59.161.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.161.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.161.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-extra: before 5.3.18-150300.59.161.1

gfs2-kmp-preempt: before 5.3.18-150300.59.161.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-optional: before 5.3.18-150300.59.161.1

kernel-preempt-devel: before 5.3.18-150300.59.161.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-livepatch-5_3_18-150300_59_161-preempt-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-preempt: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-default-debuginfo: before 1-150300.7.3.1

kernel-livepatch-SLE15-SP3_Update_44-debugsource: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-default: before 1-150300.7.3.1

kernel-default: before 5.3.18-150300.59.161.1

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-obs-qa: before 5.3.18-150300.59.161.1

kernel-obs-build: before 5.3.18-150300.59.161.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kselftests-kmp-default: before 5.3.18-150300.59.161.1

dlm-kmp-default: before 5.3.18-150300.59.161.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-livepatch: before 5.3.18-150300.59.161.1

kernel-default-extra: before 5.3.18-150300.59.161.1

kernel-default-optional: before 5.3.18-150300.59.161.1

kernel-default-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-default: before 5.3.18-150300.59.161.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-debugsource: before 5.3.18-150300.59.161.1

ocfs2-kmp-default: before 5.3.18-150300.59.161.1

kernel-default-base-rebuild: before 5.3.18-150300.59.161.1.150300.18.94.1

reiserfs-kmp-default: before 5.3.18-150300.59.161.1

kernel-syms: before 5.3.18-150300.59.161.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.161.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.161.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-default: before 5.3.18-150300.59.161.1

kernel-default-base: before 5.3.18-150300.59.161.1.150300.18.94.1

kernel-default-devel: before 5.3.18-150300.59.161.1

kernel-debug-debugsource: before 5.3.18-150300.59.161.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.161.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-debug-devel: before 5.3.18-150300.59.161.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.161.1

kernel-debug-debuginfo: before 5.3.18-150300.59.161.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.161.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-debug: before 5.3.18-150300.59.161.1

kernel-kvmsmall: before 5.3.18-150300.59.161.1

kernel-source: before 5.3.18-150300.59.161.1

kernel-source-vanilla: before 5.3.18-150300.59.161.1

kernel-devel: before 5.3.18-150300.59.161.1

kernel-docs-html: before 5.3.18-150300.59.161.2

kernel-macros: before 5.3.18-150300.59.161.1

kernel-docs: before 5.3.18-150300.59.161.2

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241642-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

44) Race condition within a thread

EUVDB-ID: #VU91434

Risk: Low

CVSSv3.1: 2.9 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-26862

CWE-ID: CWE-366 - Race Condition within a Thread

Exploit availability: No

Description

The vulnerability allows a local user to manipulate data.

The vulnerability exists due to a data race within the packet_setsockopt() and packet_getsockopt() functions in net/packet/af_packet.c, within the dev_queue_xmit_nit() function in net/core/dev.c. A local user can manipulate data.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.161.1

dtb-marvell: before 5.3.18-150300.59.161.1

dtb-exynos: before 5.3.18-150300.59.161.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-mediatek: before 5.3.18-150300.59.161.1

dtb-apm: before 5.3.18-150300.59.161.1

dtb-broadcom: before 5.3.18-150300.59.161.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-renesas: before 5.3.18-150300.59.161.1

kernel-64kb-devel: before 5.3.18-150300.59.161.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-amlogic: before 5.3.18-150300.59.161.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.161.1

kernel-64kb-extra: before 5.3.18-150300.59.161.1

dtb-rockchip: before 5.3.18-150300.59.161.1

dtb-sprd: before 5.3.18-150300.59.161.1

dtb-cavium: before 5.3.18-150300.59.161.1

gfs2-kmp-64kb: before 5.3.18-150300.59.161.1

kernel-64kb-debugsource: before 5.3.18-150300.59.161.1

dtb-allwinner: before 5.3.18-150300.59.161.1

dtb-freescale: before 5.3.18-150300.59.161.1

dtb-zte: before 5.3.18-150300.59.161.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.161.1

dtb-xilinx: before 5.3.18-150300.59.161.1

kselftests-kmp-64kb: before 5.3.18-150300.59.161.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.161.1

dtb-hisilicon: before 5.3.18-150300.59.161.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-al: before 5.3.18-150300.59.161.1

dtb-lg: before 5.3.18-150300.59.161.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-qcom: before 5.3.18-150300.59.161.1

dtb-arm: before 5.3.18-150300.59.161.1

dtb-altera: before 5.3.18-150300.59.161.1

dtb-amd: before 5.3.18-150300.59.161.1

dtb-socionext: before 5.3.18-150300.59.161.1

dtb-nvidia: before 5.3.18-150300.59.161.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.161.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dlm-kmp-64kb: before 5.3.18-150300.59.161.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.161.1

kernel-64kb-optional: before 5.3.18-150300.59.161.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-aarch64: before 5.3.18-150300.59.161.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.161.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.161.1

kernel-zfcpdump: before 5.3.18-150300.59.161.1

kernel-preempt: before 5.3.18-150300.59.161.1

dlm-kmp-preempt: before 5.3.18-150300.59.161.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.161.1

kselftests-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-debugsource: before 5.3.18-150300.59.161.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.161.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.161.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-extra: before 5.3.18-150300.59.161.1

gfs2-kmp-preempt: before 5.3.18-150300.59.161.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-optional: before 5.3.18-150300.59.161.1

kernel-preempt-devel: before 5.3.18-150300.59.161.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-livepatch-5_3_18-150300_59_161-preempt-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-preempt: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-default-debuginfo: before 1-150300.7.3.1

kernel-livepatch-SLE15-SP3_Update_44-debugsource: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-default: before 1-150300.7.3.1

kernel-default: before 5.3.18-150300.59.161.1

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-obs-qa: before 5.3.18-150300.59.161.1

kernel-obs-build: before 5.3.18-150300.59.161.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kselftests-kmp-default: before 5.3.18-150300.59.161.1

dlm-kmp-default: before 5.3.18-150300.59.161.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-livepatch: before 5.3.18-150300.59.161.1

kernel-default-extra: before 5.3.18-150300.59.161.1

kernel-default-optional: before 5.3.18-150300.59.161.1

kernel-default-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-default: before 5.3.18-150300.59.161.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-debugsource: before 5.3.18-150300.59.161.1

ocfs2-kmp-default: before 5.3.18-150300.59.161.1

kernel-default-base-rebuild: before 5.3.18-150300.59.161.1.150300.18.94.1

reiserfs-kmp-default: before 5.3.18-150300.59.161.1

kernel-syms: before 5.3.18-150300.59.161.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.161.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.161.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-default: before 5.3.18-150300.59.161.1

kernel-default-base: before 5.3.18-150300.59.161.1.150300.18.94.1

kernel-default-devel: before 5.3.18-150300.59.161.1

kernel-debug-debugsource: before 5.3.18-150300.59.161.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.161.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-debug-devel: before 5.3.18-150300.59.161.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.161.1

kernel-debug-debuginfo: before 5.3.18-150300.59.161.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.161.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-debug: before 5.3.18-150300.59.161.1

kernel-kvmsmall: before 5.3.18-150300.59.161.1

kernel-source: before 5.3.18-150300.59.161.1

kernel-source-vanilla: before 5.3.18-150300.59.161.1

kernel-devel: before 5.3.18-150300.59.161.1

kernel-docs-html: before 5.3.18-150300.59.161.2

kernel-macros: before 5.3.18-150300.59.161.1

kernel-docs: before 5.3.18-150300.59.161.2

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241642-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

45) Use-after-free

EUVDB-ID: #VU90197

Risk: Low

CVSSv3.1: 6.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-26898

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the tx() function in drivers/block/aoe/aoenet.c, within the aoecmd_cfg_pkts() function in drivers/block/aoe/aoecmd.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.161.1

dtb-marvell: before 5.3.18-150300.59.161.1

dtb-exynos: before 5.3.18-150300.59.161.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-mediatek: before 5.3.18-150300.59.161.1

dtb-apm: before 5.3.18-150300.59.161.1

dtb-broadcom: before 5.3.18-150300.59.161.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-renesas: before 5.3.18-150300.59.161.1

kernel-64kb-devel: before 5.3.18-150300.59.161.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-amlogic: before 5.3.18-150300.59.161.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.161.1

kernel-64kb-extra: before 5.3.18-150300.59.161.1

dtb-rockchip: before 5.3.18-150300.59.161.1

dtb-sprd: before 5.3.18-150300.59.161.1

dtb-cavium: before 5.3.18-150300.59.161.1

gfs2-kmp-64kb: before 5.3.18-150300.59.161.1

kernel-64kb-debugsource: before 5.3.18-150300.59.161.1

dtb-allwinner: before 5.3.18-150300.59.161.1

dtb-freescale: before 5.3.18-150300.59.161.1

dtb-zte: before 5.3.18-150300.59.161.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.161.1

dtb-xilinx: before 5.3.18-150300.59.161.1

kselftests-kmp-64kb: before 5.3.18-150300.59.161.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.161.1

dtb-hisilicon: before 5.3.18-150300.59.161.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-al: before 5.3.18-150300.59.161.1

dtb-lg: before 5.3.18-150300.59.161.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-qcom: before 5.3.18-150300.59.161.1

dtb-arm: before 5.3.18-150300.59.161.1

dtb-altera: before 5.3.18-150300.59.161.1

dtb-amd: before 5.3.18-150300.59.161.1

dtb-socionext: before 5.3.18-150300.59.161.1

dtb-nvidia: before 5.3.18-150300.59.161.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.161.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dlm-kmp-64kb: before 5.3.18-150300.59.161.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.161.1

kernel-64kb-optional: before 5.3.18-150300.59.161.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-aarch64: before 5.3.18-150300.59.161.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.161.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.161.1

kernel-zfcpdump: before 5.3.18-150300.59.161.1

kernel-preempt: before 5.3.18-150300.59.161.1

dlm-kmp-preempt: before 5.3.18-150300.59.161.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.161.1

kselftests-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-debugsource: before 5.3.18-150300.59.161.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.161.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.161.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-extra: before 5.3.18-150300.59.161.1

gfs2-kmp-preempt: before 5.3.18-150300.59.161.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-optional: before 5.3.18-150300.59.161.1

kernel-preempt-devel: before 5.3.18-150300.59.161.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-livepatch-5_3_18-150300_59_161-preempt-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-preempt: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-default-debuginfo: before 1-150300.7.3.1

kernel-livepatch-SLE15-SP3_Update_44-debugsource: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-default: before 1-150300.7.3.1

kernel-default: before 5.3.18-150300.59.161.1

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-obs-qa: before 5.3.18-150300.59.161.1

kernel-obs-build: before 5.3.18-150300.59.161.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kselftests-kmp-default: before 5.3.18-150300.59.161.1

dlm-kmp-default: before 5.3.18-150300.59.161.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-livepatch: before 5.3.18-150300.59.161.1

kernel-default-extra: before 5.3.18-150300.59.161.1

kernel-default-optional: before 5.3.18-150300.59.161.1

kernel-default-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-default: before 5.3.18-150300.59.161.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-debugsource: before 5.3.18-150300.59.161.1

ocfs2-kmp-default: before 5.3.18-150300.59.161.1

kernel-default-base-rebuild: before 5.3.18-150300.59.161.1.150300.18.94.1

reiserfs-kmp-default: before 5.3.18-150300.59.161.1

kernel-syms: before 5.3.18-150300.59.161.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.161.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.161.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-default: before 5.3.18-150300.59.161.1

kernel-default-base: before 5.3.18-150300.59.161.1.150300.18.94.1

kernel-default-devel: before 5.3.18-150300.59.161.1

kernel-debug-debugsource: before 5.3.18-150300.59.161.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.161.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-debug-devel: before 5.3.18-150300.59.161.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.161.1

kernel-debug-debuginfo: before 5.3.18-150300.59.161.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.161.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-debug: before 5.3.18-150300.59.161.1

kernel-kvmsmall: before 5.3.18-150300.59.161.1

kernel-source: before 5.3.18-150300.59.161.1

kernel-source-vanilla: before 5.3.18-150300.59.161.1

kernel-devel: before 5.3.18-150300.59.161.1

kernel-docs-html: before 5.3.18-150300.59.161.2

kernel-macros: before 5.3.18-150300.59.161.1

kernel-docs: before 5.3.18-150300.59.161.2

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241642-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

46) NULL pointer dereference

EUVDB-ID: #VU92070

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-26903

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the rfcomm_process_rx() function in net/bluetooth/rfcomm/core.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.161.1

dtb-marvell: before 5.3.18-150300.59.161.1

dtb-exynos: before 5.3.18-150300.59.161.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-mediatek: before 5.3.18-150300.59.161.1

dtb-apm: before 5.3.18-150300.59.161.1

dtb-broadcom: before 5.3.18-150300.59.161.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-renesas: before 5.3.18-150300.59.161.1

kernel-64kb-devel: before 5.3.18-150300.59.161.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-amlogic: before 5.3.18-150300.59.161.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.161.1

kernel-64kb-extra: before 5.3.18-150300.59.161.1

dtb-rockchip: before 5.3.18-150300.59.161.1

dtb-sprd: before 5.3.18-150300.59.161.1

dtb-cavium: before 5.3.18-150300.59.161.1

gfs2-kmp-64kb: before 5.3.18-150300.59.161.1

kernel-64kb-debugsource: before 5.3.18-150300.59.161.1

dtb-allwinner: before 5.3.18-150300.59.161.1

dtb-freescale: before 5.3.18-150300.59.161.1

dtb-zte: before 5.3.18-150300.59.161.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.161.1

dtb-xilinx: before 5.3.18-150300.59.161.1

kselftests-kmp-64kb: before 5.3.18-150300.59.161.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.161.1

dtb-hisilicon: before 5.3.18-150300.59.161.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-al: before 5.3.18-150300.59.161.1

dtb-lg: before 5.3.18-150300.59.161.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-qcom: before 5.3.18-150300.59.161.1

dtb-arm: before 5.3.18-150300.59.161.1

dtb-altera: before 5.3.18-150300.59.161.1

dtb-amd: before 5.3.18-150300.59.161.1

dtb-socionext: before 5.3.18-150300.59.161.1

dtb-nvidia: before 5.3.18-150300.59.161.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.161.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dlm-kmp-64kb: before 5.3.18-150300.59.161.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.161.1

kernel-64kb-optional: before 5.3.18-150300.59.161.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-aarch64: before 5.3.18-150300.59.161.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.161.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.161.1

kernel-zfcpdump: before 5.3.18-150300.59.161.1

kernel-preempt: before 5.3.18-150300.59.161.1

dlm-kmp-preempt: before 5.3.18-150300.59.161.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.161.1

kselftests-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-debugsource: before 5.3.18-150300.59.161.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.161.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.161.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-extra: before 5.3.18-150300.59.161.1

gfs2-kmp-preempt: before 5.3.18-150300.59.161.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-optional: before 5.3.18-150300.59.161.1

kernel-preempt-devel: before 5.3.18-150300.59.161.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-livepatch-5_3_18-150300_59_161-preempt-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-preempt: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-default-debuginfo: before 1-150300.7.3.1

kernel-livepatch-SLE15-SP3_Update_44-debugsource: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-default: before 1-150300.7.3.1

kernel-default: before 5.3.18-150300.59.161.1

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-obs-qa: before 5.3.18-150300.59.161.1

kernel-obs-build: before 5.3.18-150300.59.161.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kselftests-kmp-default: before 5.3.18-150300.59.161.1

dlm-kmp-default: before 5.3.18-150300.59.161.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-livepatch: before 5.3.18-150300.59.161.1

kernel-default-extra: before 5.3.18-150300.59.161.1

kernel-default-optional: before 5.3.18-150300.59.161.1

kernel-default-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-default: before 5.3.18-150300.59.161.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-debugsource: before 5.3.18-150300.59.161.1

ocfs2-kmp-default: before 5.3.18-150300.59.161.1

kernel-default-base-rebuild: before 5.3.18-150300.59.161.1.150300.18.94.1

reiserfs-kmp-default: before 5.3.18-150300.59.161.1

kernel-syms: before 5.3.18-150300.59.161.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.161.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.161.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-default: before 5.3.18-150300.59.161.1

kernel-default-base: before 5.3.18-150300.59.161.1.150300.18.94.1

kernel-default-devel: before 5.3.18-150300.59.161.1

kernel-debug-debugsource: before 5.3.18-150300.59.161.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.161.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-debug-devel: before 5.3.18-150300.59.161.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.161.1

kernel-debug-debuginfo: before 5.3.18-150300.59.161.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.161.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-debug: before 5.3.18-150300.59.161.1

kernel-kvmsmall: before 5.3.18-150300.59.161.1

kernel-source: before 5.3.18-150300.59.161.1

kernel-source-vanilla: before 5.3.18-150300.59.161.1

kernel-devel: before 5.3.18-150300.59.161.1

kernel-docs-html: before 5.3.18-150300.59.161.2

kernel-macros: before 5.3.18-150300.59.161.1

kernel-docs: before 5.3.18-150300.59.161.2

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241642-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

47) Improper error handling

EUVDB-ID: #VU92944

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-26906

CWE-ID: CWE-388 - Error Handling

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the copy_from_kernel_nofault_allowed() function in arch/x86/mm/maccess.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.161.1

dtb-marvell: before 5.3.18-150300.59.161.1

dtb-exynos: before 5.3.18-150300.59.161.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-mediatek: before 5.3.18-150300.59.161.1

dtb-apm: before 5.3.18-150300.59.161.1

dtb-broadcom: before 5.3.18-150300.59.161.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-renesas: before 5.3.18-150300.59.161.1

kernel-64kb-devel: before 5.3.18-150300.59.161.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-amlogic: before 5.3.18-150300.59.161.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.161.1

kernel-64kb-extra: before 5.3.18-150300.59.161.1

dtb-rockchip: before 5.3.18-150300.59.161.1

dtb-sprd: before 5.3.18-150300.59.161.1

dtb-cavium: before 5.3.18-150300.59.161.1

gfs2-kmp-64kb: before 5.3.18-150300.59.161.1

kernel-64kb-debugsource: before 5.3.18-150300.59.161.1

dtb-allwinner: before 5.3.18-150300.59.161.1

dtb-freescale: before 5.3.18-150300.59.161.1

dtb-zte: before 5.3.18-150300.59.161.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.161.1

dtb-xilinx: before 5.3.18-150300.59.161.1

kselftests-kmp-64kb: before 5.3.18-150300.59.161.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.161.1

dtb-hisilicon: before 5.3.18-150300.59.161.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-al: before 5.3.18-150300.59.161.1

dtb-lg: before 5.3.18-150300.59.161.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-qcom: before 5.3.18-150300.59.161.1

dtb-arm: before 5.3.18-150300.59.161.1

dtb-altera: before 5.3.18-150300.59.161.1

dtb-amd: before 5.3.18-150300.59.161.1

dtb-socionext: before 5.3.18-150300.59.161.1

dtb-nvidia: before 5.3.18-150300.59.161.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.161.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dlm-kmp-64kb: before 5.3.18-150300.59.161.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.161.1

kernel-64kb-optional: before 5.3.18-150300.59.161.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-aarch64: before 5.3.18-150300.59.161.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.161.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.161.1

kernel-zfcpdump: before 5.3.18-150300.59.161.1

kernel-preempt: before 5.3.18-150300.59.161.1

dlm-kmp-preempt: before 5.3.18-150300.59.161.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.161.1

kselftests-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-debugsource: before 5.3.18-150300.59.161.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.161.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.161.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-extra: before 5.3.18-150300.59.161.1

gfs2-kmp-preempt: before 5.3.18-150300.59.161.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-optional: before 5.3.18-150300.59.161.1

kernel-preempt-devel: before 5.3.18-150300.59.161.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-livepatch-5_3_18-150300_59_161-preempt-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-preempt: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-default-debuginfo: before 1-150300.7.3.1

kernel-livepatch-SLE15-SP3_Update_44-debugsource: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-default: before 1-150300.7.3.1

kernel-default: before 5.3.18-150300.59.161.1

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-obs-qa: before 5.3.18-150300.59.161.1

kernel-obs-build: before 5.3.18-150300.59.161.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kselftests-kmp-default: before 5.3.18-150300.59.161.1

dlm-kmp-default: before 5.3.18-150300.59.161.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-livepatch: before 5.3.18-150300.59.161.1

kernel-default-extra: before 5.3.18-150300.59.161.1

kernel-default-optional: before 5.3.18-150300.59.161.1

kernel-default-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-default: before 5.3.18-150300.59.161.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-debugsource: before 5.3.18-150300.59.161.1

ocfs2-kmp-default: before 5.3.18-150300.59.161.1

kernel-default-base-rebuild: before 5.3.18-150300.59.161.1.150300.18.94.1

reiserfs-kmp-default: before 5.3.18-150300.59.161.1

kernel-syms: before 5.3.18-150300.59.161.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.161.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.161.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-default: before 5.3.18-150300.59.161.1

kernel-default-base: before 5.3.18-150300.59.161.1.150300.18.94.1

kernel-default-devel: before 5.3.18-150300.59.161.1

kernel-debug-debugsource: before 5.3.18-150300.59.161.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.161.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-debug-devel: before 5.3.18-150300.59.161.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.161.1

kernel-debug-debuginfo: before 5.3.18-150300.59.161.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.161.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-debug: before 5.3.18-150300.59.161.1

kernel-kvmsmall: before 5.3.18-150300.59.161.1

kernel-source: before 5.3.18-150300.59.161.1

kernel-source-vanilla: before 5.3.18-150300.59.161.1

kernel-devel: before 5.3.18-150300.59.161.1

kernel-docs-html: before 5.3.18-150300.59.161.2

kernel-macros: before 5.3.18-150300.59.161.1

kernel-docs: before 5.3.18-150300.59.161.2

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241642-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

48) Use-after-free

EUVDB-ID: #VU90178

Risk: Low

CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-27043

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the dvb_register_device() function in drivers/media/dvb-core/dvbdev.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Live Patching: 15-SP3

SUSE Linux Enterprise Micro for Rancher: 5.2

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise High Availability Extension 15: SP3

SUSE Linux Enterprise Server for SAP Applications 15: SP3

SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3

SUSE Linux Enterprise Server 15: SP3

SUSE Linux Enterprise High Performance Computing LTSS 15: SP3

SUSE Linux Enterprise High Performance Computing 15: SP3

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

kernel-64kb: before 5.3.18-150300.59.161.1

dtb-marvell: before 5.3.18-150300.59.161.1

dtb-exynos: before 5.3.18-150300.59.161.1

kernel-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-mediatek: before 5.3.18-150300.59.161.1

dtb-apm: before 5.3.18-150300.59.161.1

dtb-broadcom: before 5.3.18-150300.59.161.1

ocfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-renesas: before 5.3.18-150300.59.161.1

kernel-64kb-devel: before 5.3.18-150300.59.161.1

dlm-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-amlogic: before 5.3.18-150300.59.161.1

kernel-64kb-optional-debuginfo: before 5.3.18-150300.59.161.1

kernel-64kb-extra: before 5.3.18-150300.59.161.1

dtb-rockchip: before 5.3.18-150300.59.161.1

dtb-sprd: before 5.3.18-150300.59.161.1

dtb-cavium: before 5.3.18-150300.59.161.1

gfs2-kmp-64kb: before 5.3.18-150300.59.161.1

kernel-64kb-debugsource: before 5.3.18-150300.59.161.1

dtb-allwinner: before 5.3.18-150300.59.161.1

dtb-freescale: before 5.3.18-150300.59.161.1

dtb-zte: before 5.3.18-150300.59.161.1

kernel-64kb-livepatch-devel: before 5.3.18-150300.59.161.1

dtb-xilinx: before 5.3.18-150300.59.161.1

kselftests-kmp-64kb: before 5.3.18-150300.59.161.1

reiserfs-kmp-64kb: before 5.3.18-150300.59.161.1

dtb-hisilicon: before 5.3.18-150300.59.161.1

reiserfs-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-al: before 5.3.18-150300.59.161.1

dtb-lg: before 5.3.18-150300.59.161.1

kernel-64kb-extra-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-qcom: before 5.3.18-150300.59.161.1

dtb-arm: before 5.3.18-150300.59.161.1

dtb-altera: before 5.3.18-150300.59.161.1

dtb-amd: before 5.3.18-150300.59.161.1

dtb-socionext: before 5.3.18-150300.59.161.1

dtb-nvidia: before 5.3.18-150300.59.161.1

kernel-64kb-devel-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-64kb: before 5.3.18-150300.59.161.1

gfs2-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dlm-kmp-64kb: before 5.3.18-150300.59.161.1

ocfs2-kmp-64kb: before 5.3.18-150300.59.161.1

kernel-64kb-optional: before 5.3.18-150300.59.161.1

kselftests-kmp-64kb-debuginfo: before 5.3.18-150300.59.161.1

dtb-aarch64: before 5.3.18-150300.59.161.1

kernel-zfcpdump-debugsource: before 5.3.18-150300.59.161.1

kernel-zfcpdump-debuginfo: before 5.3.18-150300.59.161.1

kernel-zfcpdump: before 5.3.18-150300.59.161.1

kernel-preempt: before 5.3.18-150300.59.161.1

dlm-kmp-preempt: before 5.3.18-150300.59.161.1

reiserfs-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-optional-debuginfo: before 5.3.18-150300.59.161.1

kselftests-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-debugsource: before 5.3.18-150300.59.161.1

kernel-preempt-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-preempt: before 5.3.18-150300.59.161.1

kselftests-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

ocfs2-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-devel-debuginfo: before 5.3.18-150300.59.161.1

reiserfs-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-extra-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

kernel-preempt-extra: before 5.3.18-150300.59.161.1

gfs2-kmp-preempt: before 5.3.18-150300.59.161.1

dlm-kmp-preempt-debuginfo: before 5.3.18-150300.59.161.1

ocfs2-kmp-preempt: before 5.3.18-150300.59.161.1

kernel-preempt-optional: before 5.3.18-150300.59.161.1

kernel-preempt-devel: before 5.3.18-150300.59.161.1

kernel-preempt-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-livepatch-5_3_18-150300_59_161-preempt-debuginfo: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-preempt: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-default-debuginfo: before 1-150300.7.3.1

kernel-livepatch-SLE15-SP3_Update_44-debugsource: before 1-150300.7.3.1

kernel-livepatch-5_3_18-150300_59_161-default: before 1-150300.7.3.1

kernel-default: before 5.3.18-150300.59.161.1

dlm-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-optional-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-obs-qa: before 5.3.18-150300.59.161.1

kernel-obs-build: before 5.3.18-150300.59.161.1

ocfs2-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kselftests-kmp-default: before 5.3.18-150300.59.161.1

dlm-kmp-default: before 5.3.18-150300.59.161.1

kselftests-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-extra-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-livepatch: before 5.3.18-150300.59.161.1

kernel-default-extra: before 5.3.18-150300.59.161.1

kernel-default-optional: before 5.3.18-150300.59.161.1

kernel-default-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

cluster-md-kmp-default: before 5.3.18-150300.59.161.1

cluster-md-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

kernel-default-debugsource: before 5.3.18-150300.59.161.1

ocfs2-kmp-default: before 5.3.18-150300.59.161.1

kernel-default-base-rebuild: before 5.3.18-150300.59.161.1.150300.18.94.1

reiserfs-kmp-default: before 5.3.18-150300.59.161.1

kernel-syms: before 5.3.18-150300.59.161.1

kernel-obs-build-debugsource: before 5.3.18-150300.59.161.1

kernel-default-livepatch-devel: before 5.3.18-150300.59.161.1

reiserfs-kmp-default-debuginfo: before 5.3.18-150300.59.161.1

gfs2-kmp-default: before 5.3.18-150300.59.161.1

kernel-default-base: before 5.3.18-150300.59.161.1.150300.18.94.1

kernel-default-devel: before 5.3.18-150300.59.161.1

kernel-debug-debugsource: before 5.3.18-150300.59.161.1

kernel-kvmsmall-debugsource: before 5.3.18-150300.59.161.1

kernel-kvmsmall-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-debug-devel: before 5.3.18-150300.59.161.1

kernel-kvmsmall-debuginfo: before 5.3.18-150300.59.161.1

kernel-debug-debuginfo: before 5.3.18-150300.59.161.1

kernel-kvmsmall-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-debug-devel-debuginfo: before 5.3.18-150300.59.161.1

kernel-kvmsmall-devel: before 5.3.18-150300.59.161.1

kernel-debug-livepatch-devel: before 5.3.18-150300.59.161.1

kernel-debug: before 5.3.18-150300.59.161.1

kernel-kvmsmall: before 5.3.18-150300.59.161.1

kernel-source: before 5.3.18-150300.59.161.1

kernel-source-vanilla: before 5.3.18-150300.59.161.1

kernel-devel: before 5.3.18-150300.59.161.1

kernel-docs-html: before 5.3.18-150300.59.161.2

kernel-macros: before 5.3.18-150300.59.161.1

kernel-docs: before 5.3.18-150300.59.161.2

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241642-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###