SUSE update for the Linux Kernel



Risk Medium
Patch available YES
Number of vulnerabilities 89
CVE-ID CVE-2021-47047
CVE-2021-47181
CVE-2021-47182
CVE-2021-47183
CVE-2021-47184
CVE-2021-47185
CVE-2021-47187
CVE-2021-47188
CVE-2021-47189
CVE-2021-47191
CVE-2021-47192
CVE-2021-47193
CVE-2021-47194
CVE-2021-47195
CVE-2021-47196
CVE-2021-47197
CVE-2021-47198
CVE-2021-47199
CVE-2021-47200
CVE-2021-47201
CVE-2021-47202
CVE-2021-47203
CVE-2021-47204
CVE-2021-47205
CVE-2021-47206
CVE-2021-47207
CVE-2021-47209
CVE-2021-47210
CVE-2021-47211
CVE-2021-47212
CVE-2021-47215
CVE-2021-47216
CVE-2021-47217
CVE-2021-47218
CVE-2021-47219
CVE-2022-48631
CVE-2022-48637
CVE-2022-48638
CVE-2022-48647
CVE-2022-48648
CVE-2022-48650
CVE-2022-48651
CVE-2022-48653
CVE-2022-48654
CVE-2022-48655
CVE-2022-48656
CVE-2022-48657
CVE-2022-48660
CVE-2022-48662
CVE-2022-48663
CVE-2022-48667
CVE-2022-48668
CVE-2023-0160
CVE-2023-52476
CVE-2023-52500
CVE-2023-52590
CVE-2023-52591
CVE-2023-52607
CVE-2023-52616
CVE-2023-52628
CVE-2023-6270
CVE-2023-7042
CVE-2023-7192
CVE-2024-0841
CVE-2024-22099
CVE-2024-23307
CVE-2024-23848
CVE-2024-23850
CVE-2024-25742
CVE-2024-26601
CVE-2024-26610
CVE-2024-26614
CVE-2024-26642
CVE-2024-26687
CVE-2024-26688
CVE-2024-26689
CVE-2024-26704
CVE-2024-26727
CVE-2024-26733
CVE-2024-26739
CVE-2024-26764
CVE-2024-26766
CVE-2024-26773
CVE-2024-26792
CVE-2024-26816
CVE-2024-26898
CVE-2024-26903
CVE-2024-27043
CVE-2024-27389
CWE-ID CWE-119
CWE-476
CWE-667
CWE-399
CWE-362
CWE-125
CWE-371
CWE-401
CWE-665
CWE-416
CWE-20
CWE-388
CWE-200
CWE-121
CWE-190
CWE-617
CWE-94
CWE-284
CWE-415
CWE-193
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe 		SUSE Linux Enterprise Server 15 SP4 LTSS
Operating systems & Components / Operating system

SUSE Linux Enterprise High Performance Computing LTSS 15
Operating systems & Components / Operating system

SUSE Linux Enterprise High Performance Computing ESPOS 15
Operating systems & Components / Operating system

SUSE Linux Enterprise Desktop 15 SP4 LTSS
Operating systems & Components / Operating system

openSUSE Leap Micro
Operating systems & Components / Operating system

SUSE Linux Enterprise Micro for Rancher
Operating systems & Components / Operating system

SUSE Linux Enterprise High Availability Extension 15
Operating systems & Components / Operating system

SUSE Linux Enterprise Micro
Operating systems & Components / Operating system

SUSE Linux Enterprise Live Patching
Operating systems & Components / Operating system

SUSE Linux Enterprise Server for SAP Applications 15
Operating systems & Components / Operating system

SUSE Linux Enterprise Server 15
Operating systems & Components / Operating system

SUSE Linux Enterprise Real Time 15
Operating systems & Components / Operating system

SUSE Linux Enterprise High Performance Computing 15
Operating systems & Components / Operating system

SUSE Manager Retail Branch Server
Operating systems & Components / Operating system

SUSE Manager Server
Operating systems & Components / Operating system

SUSE Manager Proxy
Operating systems & Components / Operating system

openSUSE Leap
Operating systems & Components / Operating system

cluster-md-kmp-64kb-debuginfo
Operating systems & Components / Operating system package or component

kernel-64kb-extra
Operating systems & Components / Operating system package or component

dtb-allwinner
Operating systems & Components / Operating system package or component

kernel-64kb-optional
Operating systems & Components / Operating system package or component

kernel-64kb-optional-debuginfo
Operating systems & Components / Operating system package or component

dtb-sprd
Operating systems & Components / Operating system package or component

dtb-qcom
Operating systems & Components / Operating system package or component

dtb-apple
Operating systems & Components / Operating system package or component

dtb-cavium
Operating systems & Components / Operating system package or component

kernel-64kb-extra-debuginfo
Operating systems & Components / Operating system package or component

dtb-exynos
Operating systems & Components / Operating system package or component

ocfs2-kmp-64kb-debuginfo
Operating systems & Components / Operating system package or component

dtb-amd
Operating systems & Components / Operating system package or component

dtb-broadcom
Operating systems & Components / Operating system package or component

dtb-hisilicon
Operating systems & Components / Operating system package or component

dtb-amlogic
Operating systems & Components / Operating system package or component

cluster-md-kmp-64kb
Operating systems & Components / Operating system package or component

dtb-xilinx
Operating systems & Components / Operating system package or component

dtb-socionext
Operating systems & Components / Operating system package or component

dtb-lg
Operating systems & Components / Operating system package or component

dtb-altera
Operating systems & Components / Operating system package or component

reiserfs-kmp-64kb
Operating systems & Components / Operating system package or component

dtb-renesas
Operating systems & Components / Operating system package or component

gfs2-kmp-64kb-debuginfo
Operating systems & Components / Operating system package or component

dlm-kmp-64kb-debuginfo
Operating systems & Components / Operating system package or component

dtb-marvell
Operating systems & Components / Operating system package or component

dtb-arm
Operating systems & Components / Operating system package or component

reiserfs-kmp-64kb-debuginfo
Operating systems & Components / Operating system package or component

gfs2-kmp-64kb
Operating systems & Components / Operating system package or component

dlm-kmp-64kb
Operating systems & Components / Operating system package or component

dtb-amazon
Operating systems & Components / Operating system package or component

dtb-mediatek
Operating systems & Components / Operating system package or component

kernel-64kb-livepatch-devel
Operating systems & Components / Operating system package or component

ocfs2-kmp-64kb
Operating systems & Components / Operating system package or component

dtb-apm
Operating systems & Components / Operating system package or component

kselftests-kmp-64kb-debuginfo
Operating systems & Components / Operating system package or component

dtb-freescale
Operating systems & Components / Operating system package or component

kselftests-kmp-64kb
Operating systems & Components / Operating system package or component

dtb-rockchip
Operating systems & Components / Operating system package or component

dtb-nvidia
Operating systems & Components / Operating system package or component

dtb-aarch64
Operating systems & Components / Operating system package or component

kernel-kvmsmall
Operating systems & Components / Operating system package or component

kselftests-kmp-default-debuginfo
Operating systems & Components / Operating system package or component

kselftests-kmp-default
Operating systems & Components / Operating system package or component

kernel-default-optional
Operating systems & Components / Operating system package or component

kernel-default-optional-debuginfo
Operating systems & Components / Operating system package or component

kernel-obs-qa
Operating systems & Components / Operating system package or component

kernel-kvmsmall-debuginfo
Operating systems & Components / Operating system package or component

kernel-default-base-rebuild
Operating systems & Components / Operating system package or component

kernel-kvmsmall-livepatch-devel
Operating systems & Components / Operating system package or component

kernel-kvmsmall-devel
Operating systems & Components / Operating system package or component

kernel-kvmsmall-debugsource
Operating systems & Components / Operating system package or component

kernel-kvmsmall-devel-debuginfo
Operating systems & Components / Operating system package or component

kernel-debug-devel-debuginfo
Operating systems & Components / Operating system package or component

kernel-debug-devel
Operating systems & Components / Operating system package or component

kernel-debug-debugsource
Operating systems & Components / Operating system package or component

kernel-debug-livepatch-devel
Operating systems & Components / Operating system package or component

kernel-debug-debuginfo
Operating systems & Components / Operating system package or component

kernel-debug
Operating systems & Components / Operating system package or component

kernel-docs-html
Operating systems & Components / Operating system package or component

kernel-source-vanilla
Operating systems & Components / Operating system package or component

kernel-zfcpdump-debuginfo
Operating systems & Components / Operating system package or component

kernel-zfcpdump-debugsource
Operating systems & Components / Operating system package or component

kernel-zfcpdump
Operating systems & Components / Operating system package or component

kernel-default-extra-debuginfo
Operating systems & Components / Operating system package or component

kernel-default-extra
Operating systems & Components / Operating system package or component

kernel-docs
Operating systems & Components / Operating system package or component

kernel-source
Operating systems & Components / Operating system package or component

kernel-macros
Operating systems & Components / Operating system package or component

kernel-devel
Operating systems & Components / Operating system package or component

kernel-obs-build-debugsource
Operating systems & Components / Operating system package or component

reiserfs-kmp-default-debuginfo
Operating systems & Components / Operating system package or component

kernel-obs-build
Operating systems & Components / Operating system package or component

kernel-default-devel-debuginfo
Operating systems & Components / Operating system package or component

kernel-default-devel
Operating systems & Components / Operating system package or component

reiserfs-kmp-default
Operating systems & Components / Operating system package or component

kernel-syms
Operating systems & Components / Operating system package or component

kernel-64kb-debugsource
Operating systems & Components / Operating system package or component

kernel-64kb-debuginfo
Operating systems & Components / Operating system package or component

kernel-64kb-devel-debuginfo
Operating systems & Components / Operating system package or component

kernel-64kb-devel
Operating systems & Components / Operating system package or component

kernel-64kb
Operating systems & Components / Operating system package or component

dlm-kmp-default
Operating systems & Components / Operating system package or component

cluster-md-kmp-default
Operating systems & Components / Operating system package or component

dlm-kmp-default-debuginfo
Operating systems & Components / Operating system package or component

gfs2-kmp-default-debuginfo
Operating systems & Components / Operating system package or component

ocfs2-kmp-default
Operating systems & Components / Operating system package or component

cluster-md-kmp-default-debuginfo
Operating systems & Components / Operating system package or component

gfs2-kmp-default
Operating systems & Components / Operating system package or component

ocfs2-kmp-default-debuginfo
Operating systems & Components / Operating system package or component

kernel-livepatch-5_14_21-150400_24_119-default-debuginfo
Operating systems & Components / Operating system package or component

kernel-default-livepatch
Operating systems & Components / Operating system package or component

kernel-livepatch-5_14_21-150400_24_119-default
Operating systems & Components / Operating system package or component

kernel-livepatch-SLE15-SP4_Update_26-debugsource
Operating systems & Components / Operating system package or component

kernel-default-livepatch-devel
Operating systems & Components / Operating system package or component

kernel-default-debuginfo
Operating systems & Components / Operating system package or component

kernel-default-debugsource
Operating systems & Components / Operating system package or component

kernel-default-base
Operating systems & Components / Operating system package or component

kernel-default
Operating systems & Components / Operating system package or component

Vendor SUSE

Security Bulletin

This security bulletin contains information about 89 vulnerabilities.

1) Buffer overflow

EUVDB-ID: #VU93669

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47047

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the zynqmp_qspi_irq(), zynqmp_qspi_setuprxdma(), zynqmp_qspi_write_op(), zynqmp_qspi_exec_op() and zynqmp_qspi_probe() functions in drivers/spi/spi-zynqmp-gqspi.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-extra: before 5.14.21-150400.24.119.1

dtb-allwinner: before 5.14.21-150400.24.119.1

kernel-64kb-optional: before 5.14.21-150400.24.119.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.119.1

dtb-sprd: before 5.14.21-150400.24.119.1

dtb-qcom: before 5.14.21-150400.24.119.1

dtb-apple: before 5.14.21-150400.24.119.1

dtb-cavium: before 5.14.21-150400.24.119.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.119.1

dtb-exynos: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-amd: before 5.14.21-150400.24.119.1

dtb-broadcom: before 5.14.21-150400.24.119.1

dtb-hisilicon: before 5.14.21-150400.24.119.1

dtb-amlogic: before 5.14.21-150400.24.119.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-xilinx: before 5.14.21-150400.24.119.1

dtb-socionext: before 5.14.21-150400.24.119.1

dtb-lg: before 5.14.21-150400.24.119.1

dtb-altera: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-renesas: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-marvell: before 5.14.21-150400.24.119.1

dtb-arm: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-amazon: before 5.14.21-150400.24.119.1

dtb-mediatek: before 5.14.21-150400.24.119.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-apm: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-freescale: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-rockchip: before 5.14.21-150400.24.119.1

dtb-nvidia: before 5.14.21-150400.24.119.1

dtb-aarch64: before 5.14.21-150400.24.119.1

kernel-kvmsmall: before 5.14.21-150400.24.119.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kselftests-kmp-default: before 5.14.21-150400.24.119.1

kernel-default-optional: before 5.14.21-150400.24.119.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-qa: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-base-rebuild: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel: before 5.14.21-150400.24.119.1

kernel-debug-debugsource: before 5.14.21-150400.24.119.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-debug-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug: before 5.14.21-150400.24.119.1

kernel-docs-html: before 5.14.21-150400.24.119.1

kernel-source-vanilla: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.119.1

kernel-zfcpdump: before 5.14.21-150400.24.119.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-extra: before 5.14.21-150400.24.119.1

kernel-docs: before 5.14.21-150400.24.119.1

kernel-source: before 5.14.21-150400.24.119.1

kernel-macros: before 5.14.21-150400.24.119.1

kernel-devel: before 5.14.21-150400.24.119.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.119.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-build: before 5.14.21-150400.24.119.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-devel: before 5.14.21-150400.24.119.1

reiserfs-kmp-default: before 5.14.21-150400.24.119.1

kernel-syms: before 5.14.21-150400.24.119.1

kernel-64kb-debugsource: before 5.14.21-150400.24.119.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel: before 5.14.21-150400.24.119.1

kernel-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default: before 5.14.21-150400.24.119.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

ocfs2-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default: before 5.14.21-150400.24.119.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default-debuginfo: before 1-150400.9.3.1

kernel-default-livepatch: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_26-debugsource: before 1-150400.9.3.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-debugsource: before 5.14.21-150400.24.119.1

kernel-default-base: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-default: before 5.14.21-150400.24.119.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241641-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) NULL pointer dereference

EUVDB-ID: #VU92071

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47181

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the tusb_musb_init() function in drivers/usb/musb/tusb6010.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-extra: before 5.14.21-150400.24.119.1

dtb-allwinner: before 5.14.21-150400.24.119.1

kernel-64kb-optional: before 5.14.21-150400.24.119.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.119.1

dtb-sprd: before 5.14.21-150400.24.119.1

dtb-qcom: before 5.14.21-150400.24.119.1

dtb-apple: before 5.14.21-150400.24.119.1

dtb-cavium: before 5.14.21-150400.24.119.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.119.1

dtb-exynos: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-amd: before 5.14.21-150400.24.119.1

dtb-broadcom: before 5.14.21-150400.24.119.1

dtb-hisilicon: before 5.14.21-150400.24.119.1

dtb-amlogic: before 5.14.21-150400.24.119.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-xilinx: before 5.14.21-150400.24.119.1

dtb-socionext: before 5.14.21-150400.24.119.1

dtb-lg: before 5.14.21-150400.24.119.1

dtb-altera: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-renesas: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-marvell: before 5.14.21-150400.24.119.1

dtb-arm: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-amazon: before 5.14.21-150400.24.119.1

dtb-mediatek: before 5.14.21-150400.24.119.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-apm: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-freescale: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-rockchip: before 5.14.21-150400.24.119.1

dtb-nvidia: before 5.14.21-150400.24.119.1

dtb-aarch64: before 5.14.21-150400.24.119.1

kernel-kvmsmall: before 5.14.21-150400.24.119.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kselftests-kmp-default: before 5.14.21-150400.24.119.1

kernel-default-optional: before 5.14.21-150400.24.119.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-qa: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-base-rebuild: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel: before 5.14.21-150400.24.119.1

kernel-debug-debugsource: before 5.14.21-150400.24.119.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-debug-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug: before 5.14.21-150400.24.119.1

kernel-docs-html: before 5.14.21-150400.24.119.1

kernel-source-vanilla: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.119.1

kernel-zfcpdump: before 5.14.21-150400.24.119.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-extra: before 5.14.21-150400.24.119.1

kernel-docs: before 5.14.21-150400.24.119.1

kernel-source: before 5.14.21-150400.24.119.1

kernel-macros: before 5.14.21-150400.24.119.1

kernel-devel: before 5.14.21-150400.24.119.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.119.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-build: before 5.14.21-150400.24.119.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-devel: before 5.14.21-150400.24.119.1

reiserfs-kmp-default: before 5.14.21-150400.24.119.1

kernel-syms: before 5.14.21-150400.24.119.1

kernel-64kb-debugsource: before 5.14.21-150400.24.119.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel: before 5.14.21-150400.24.119.1

kernel-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default: before 5.14.21-150400.24.119.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

ocfs2-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default: before 5.14.21-150400.24.119.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default-debuginfo: before 1-150400.9.3.1

kernel-default-livepatch: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_26-debugsource: before 1-150400.9.3.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-debugsource: before 5.14.21-150400.24.119.1

kernel-default-base: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-default: before 5.14.21-150400.24.119.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241641-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Buffer overflow

EUVDB-ID: #VU89395

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47182

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error within the scsi_mode_sense() function in drivers/scsi/scsi_lib.c. A local user can trigger memory corruption and execute arbitrary code with elevated privileges.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-extra: before 5.14.21-150400.24.119.1

dtb-allwinner: before 5.14.21-150400.24.119.1

kernel-64kb-optional: before 5.14.21-150400.24.119.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.119.1

dtb-sprd: before 5.14.21-150400.24.119.1

dtb-qcom: before 5.14.21-150400.24.119.1

dtb-apple: before 5.14.21-150400.24.119.1

dtb-cavium: before 5.14.21-150400.24.119.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.119.1

dtb-exynos: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-amd: before 5.14.21-150400.24.119.1

dtb-broadcom: before 5.14.21-150400.24.119.1

dtb-hisilicon: before 5.14.21-150400.24.119.1

dtb-amlogic: before 5.14.21-150400.24.119.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-xilinx: before 5.14.21-150400.24.119.1

dtb-socionext: before 5.14.21-150400.24.119.1

dtb-lg: before 5.14.21-150400.24.119.1

dtb-altera: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-renesas: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-marvell: before 5.14.21-150400.24.119.1

dtb-arm: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-amazon: before 5.14.21-150400.24.119.1

dtb-mediatek: before 5.14.21-150400.24.119.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-apm: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-freescale: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-rockchip: before 5.14.21-150400.24.119.1

dtb-nvidia: before 5.14.21-150400.24.119.1

dtb-aarch64: before 5.14.21-150400.24.119.1

kernel-kvmsmall: before 5.14.21-150400.24.119.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kselftests-kmp-default: before 5.14.21-150400.24.119.1

kernel-default-optional: before 5.14.21-150400.24.119.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-qa: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-base-rebuild: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel: before 5.14.21-150400.24.119.1

kernel-debug-debugsource: before 5.14.21-150400.24.119.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-debug-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug: before 5.14.21-150400.24.119.1

kernel-docs-html: before 5.14.21-150400.24.119.1

kernel-source-vanilla: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.119.1

kernel-zfcpdump: before 5.14.21-150400.24.119.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-extra: before 5.14.21-150400.24.119.1

kernel-docs: before 5.14.21-150400.24.119.1

kernel-source: before 5.14.21-150400.24.119.1

kernel-macros: before 5.14.21-150400.24.119.1

kernel-devel: before 5.14.21-150400.24.119.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.119.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-build: before 5.14.21-150400.24.119.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-devel: before 5.14.21-150400.24.119.1

reiserfs-kmp-default: before 5.14.21-150400.24.119.1

kernel-syms: before 5.14.21-150400.24.119.1

kernel-64kb-debugsource: before 5.14.21-150400.24.119.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel: before 5.14.21-150400.24.119.1

kernel-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default: before 5.14.21-150400.24.119.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

ocfs2-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default: before 5.14.21-150400.24.119.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default-debuginfo: before 1-150400.9.3.1

kernel-default-livepatch: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_26-debugsource: before 1-150400.9.3.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-debugsource: before 5.14.21-150400.24.119.1

kernel-default-base: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-default: before 5.14.21-150400.24.119.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241641-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) NULL pointer dereference

EUVDB-ID: #VU90586

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47183

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the lpfc_sli_issue_abort_iotag() function in drivers/scsi/lpfc/lpfc_sli.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-extra: before 5.14.21-150400.24.119.1

dtb-allwinner: before 5.14.21-150400.24.119.1

kernel-64kb-optional: before 5.14.21-150400.24.119.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.119.1

dtb-sprd: before 5.14.21-150400.24.119.1

dtb-qcom: before 5.14.21-150400.24.119.1

dtb-apple: before 5.14.21-150400.24.119.1

dtb-cavium: before 5.14.21-150400.24.119.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.119.1

dtb-exynos: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-amd: before 5.14.21-150400.24.119.1

dtb-broadcom: before 5.14.21-150400.24.119.1

dtb-hisilicon: before 5.14.21-150400.24.119.1

dtb-amlogic: before 5.14.21-150400.24.119.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-xilinx: before 5.14.21-150400.24.119.1

dtb-socionext: before 5.14.21-150400.24.119.1

dtb-lg: before 5.14.21-150400.24.119.1

dtb-altera: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-renesas: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-marvell: before 5.14.21-150400.24.119.1

dtb-arm: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-amazon: before 5.14.21-150400.24.119.1

dtb-mediatek: before 5.14.21-150400.24.119.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-apm: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-freescale: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-rockchip: before 5.14.21-150400.24.119.1

dtb-nvidia: before 5.14.21-150400.24.119.1

dtb-aarch64: before 5.14.21-150400.24.119.1

kernel-kvmsmall: before 5.14.21-150400.24.119.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kselftests-kmp-default: before 5.14.21-150400.24.119.1

kernel-default-optional: before 5.14.21-150400.24.119.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-qa: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-base-rebuild: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel: before 5.14.21-150400.24.119.1

kernel-debug-debugsource: before 5.14.21-150400.24.119.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-debug-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug: before 5.14.21-150400.24.119.1

kernel-docs-html: before 5.14.21-150400.24.119.1

kernel-source-vanilla: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.119.1

kernel-zfcpdump: before 5.14.21-150400.24.119.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-extra: before 5.14.21-150400.24.119.1

kernel-docs: before 5.14.21-150400.24.119.1

kernel-source: before 5.14.21-150400.24.119.1

kernel-macros: before 5.14.21-150400.24.119.1

kernel-devel: before 5.14.21-150400.24.119.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.119.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-build: before 5.14.21-150400.24.119.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-devel: before 5.14.21-150400.24.119.1

reiserfs-kmp-default: before 5.14.21-150400.24.119.1

kernel-syms: before 5.14.21-150400.24.119.1

kernel-64kb-debugsource: before 5.14.21-150400.24.119.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel: before 5.14.21-150400.24.119.1

kernel-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default: before 5.14.21-150400.24.119.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

ocfs2-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default: before 5.14.21-150400.24.119.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default-debuginfo: before 1-150400.9.3.1

kernel-default-livepatch: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_26-debugsource: before 1-150400.9.3.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-debugsource: before 5.14.21-150400.24.119.1

kernel-default-base: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-default: before 5.14.21-150400.24.119.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241641-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) NULL pointer dereference

EUVDB-ID: #VU90587

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47184

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the i40e_sync_filters_subtask() and i40e_vsi_release() functions in drivers/net/ethernet/intel/i40e/i40e_main.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-extra: before 5.14.21-150400.24.119.1

dtb-allwinner: before 5.14.21-150400.24.119.1

kernel-64kb-optional: before 5.14.21-150400.24.119.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.119.1

dtb-sprd: before 5.14.21-150400.24.119.1

dtb-qcom: before 5.14.21-150400.24.119.1

dtb-apple: before 5.14.21-150400.24.119.1

dtb-cavium: before 5.14.21-150400.24.119.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.119.1

dtb-exynos: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-amd: before 5.14.21-150400.24.119.1

dtb-broadcom: before 5.14.21-150400.24.119.1

dtb-hisilicon: before 5.14.21-150400.24.119.1

dtb-amlogic: before 5.14.21-150400.24.119.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-xilinx: before 5.14.21-150400.24.119.1

dtb-socionext: before 5.14.21-150400.24.119.1

dtb-lg: before 5.14.21-150400.24.119.1

dtb-altera: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-renesas: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-marvell: before 5.14.21-150400.24.119.1

dtb-arm: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-amazon: before 5.14.21-150400.24.119.1

dtb-mediatek: before 5.14.21-150400.24.119.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-apm: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-freescale: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-rockchip: before 5.14.21-150400.24.119.1

dtb-nvidia: before 5.14.21-150400.24.119.1

dtb-aarch64: before 5.14.21-150400.24.119.1

kernel-kvmsmall: before 5.14.21-150400.24.119.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kselftests-kmp-default: before 5.14.21-150400.24.119.1

kernel-default-optional: before 5.14.21-150400.24.119.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-qa: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-base-rebuild: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel: before 5.14.21-150400.24.119.1

kernel-debug-debugsource: before 5.14.21-150400.24.119.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-debug-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug: before 5.14.21-150400.24.119.1

kernel-docs-html: before 5.14.21-150400.24.119.1

kernel-source-vanilla: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.119.1

kernel-zfcpdump: before 5.14.21-150400.24.119.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-extra: before 5.14.21-150400.24.119.1

kernel-docs: before 5.14.21-150400.24.119.1

kernel-source: before 5.14.21-150400.24.119.1

kernel-macros: before 5.14.21-150400.24.119.1

kernel-devel: before 5.14.21-150400.24.119.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.119.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-build: before 5.14.21-150400.24.119.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-devel: before 5.14.21-150400.24.119.1

reiserfs-kmp-default: before 5.14.21-150400.24.119.1

kernel-syms: before 5.14.21-150400.24.119.1

kernel-64kb-debugsource: before 5.14.21-150400.24.119.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel: before 5.14.21-150400.24.119.1

kernel-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default: before 5.14.21-150400.24.119.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

ocfs2-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default: before 5.14.21-150400.24.119.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default-debuginfo: before 1-150400.9.3.1

kernel-default-livepatch: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_26-debugsource: before 1-150400.9.3.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-debugsource: before 5.14.21-150400.24.119.1

kernel-default-base: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-default: before 5.14.21-150400.24.119.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241641-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Improper locking

EUVDB-ID: #VU91528

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47185

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the flush_to_ldisc() function in drivers/tty/tty_buffer.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-extra: before 5.14.21-150400.24.119.1

dtb-allwinner: before 5.14.21-150400.24.119.1

kernel-64kb-optional: before 5.14.21-150400.24.119.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.119.1

dtb-sprd: before 5.14.21-150400.24.119.1

dtb-qcom: before 5.14.21-150400.24.119.1

dtb-apple: before 5.14.21-150400.24.119.1

dtb-cavium: before 5.14.21-150400.24.119.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.119.1

dtb-exynos: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-amd: before 5.14.21-150400.24.119.1

dtb-broadcom: before 5.14.21-150400.24.119.1

dtb-hisilicon: before 5.14.21-150400.24.119.1

dtb-amlogic: before 5.14.21-150400.24.119.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-xilinx: before 5.14.21-150400.24.119.1

dtb-socionext: before 5.14.21-150400.24.119.1

dtb-lg: before 5.14.21-150400.24.119.1

dtb-altera: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-renesas: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-marvell: before 5.14.21-150400.24.119.1

dtb-arm: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-amazon: before 5.14.21-150400.24.119.1

dtb-mediatek: before 5.14.21-150400.24.119.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-apm: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-freescale: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-rockchip: before 5.14.21-150400.24.119.1

dtb-nvidia: before 5.14.21-150400.24.119.1

dtb-aarch64: before 5.14.21-150400.24.119.1

kernel-kvmsmall: before 5.14.21-150400.24.119.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kselftests-kmp-default: before 5.14.21-150400.24.119.1

kernel-default-optional: before 5.14.21-150400.24.119.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-qa: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-base-rebuild: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel: before 5.14.21-150400.24.119.1

kernel-debug-debugsource: before 5.14.21-150400.24.119.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-debug-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug: before 5.14.21-150400.24.119.1

kernel-docs-html: before 5.14.21-150400.24.119.1

kernel-source-vanilla: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.119.1

kernel-zfcpdump: before 5.14.21-150400.24.119.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-extra: before 5.14.21-150400.24.119.1

kernel-docs: before 5.14.21-150400.24.119.1

kernel-source: before 5.14.21-150400.24.119.1

kernel-macros: before 5.14.21-150400.24.119.1

kernel-devel: before 5.14.21-150400.24.119.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.119.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-build: before 5.14.21-150400.24.119.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-devel: before 5.14.21-150400.24.119.1

reiserfs-kmp-default: before 5.14.21-150400.24.119.1

kernel-syms: before 5.14.21-150400.24.119.1

kernel-64kb-debugsource: before 5.14.21-150400.24.119.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel: before 5.14.21-150400.24.119.1

kernel-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default: before 5.14.21-150400.24.119.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

ocfs2-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default: before 5.14.21-150400.24.119.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default-debuginfo: before 1-150400.9.3.1

kernel-default-livepatch: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_26-debugsource: before 1-150400.9.3.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-debugsource: before 5.14.21-150400.24.119.1

kernel-default-base: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-default: before 5.14.21-150400.24.119.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241641-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Improper locking

EUVDB-ID: #VU91527

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47187

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the arch/arm64/boot/dts/qcom/msm8998.dtsi. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-extra: before 5.14.21-150400.24.119.1

dtb-allwinner: before 5.14.21-150400.24.119.1

kernel-64kb-optional: before 5.14.21-150400.24.119.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.119.1

dtb-sprd: before 5.14.21-150400.24.119.1

dtb-qcom: before 5.14.21-150400.24.119.1

dtb-apple: before 5.14.21-150400.24.119.1

dtb-cavium: before 5.14.21-150400.24.119.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.119.1

dtb-exynos: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-amd: before 5.14.21-150400.24.119.1

dtb-broadcom: before 5.14.21-150400.24.119.1

dtb-hisilicon: before 5.14.21-150400.24.119.1

dtb-amlogic: before 5.14.21-150400.24.119.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-xilinx: before 5.14.21-150400.24.119.1

dtb-socionext: before 5.14.21-150400.24.119.1

dtb-lg: before 5.14.21-150400.24.119.1

dtb-altera: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-renesas: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-marvell: before 5.14.21-150400.24.119.1

dtb-arm: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-amazon: before 5.14.21-150400.24.119.1

dtb-mediatek: before 5.14.21-150400.24.119.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-apm: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-freescale: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-rockchip: before 5.14.21-150400.24.119.1

dtb-nvidia: before 5.14.21-150400.24.119.1

dtb-aarch64: before 5.14.21-150400.24.119.1

kernel-kvmsmall: before 5.14.21-150400.24.119.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kselftests-kmp-default: before 5.14.21-150400.24.119.1

kernel-default-optional: before 5.14.21-150400.24.119.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-qa: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-base-rebuild: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel: before 5.14.21-150400.24.119.1

kernel-debug-debugsource: before 5.14.21-150400.24.119.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-debug-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug: before 5.14.21-150400.24.119.1

kernel-docs-html: before 5.14.21-150400.24.119.1

kernel-source-vanilla: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.119.1

kernel-zfcpdump: before 5.14.21-150400.24.119.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-extra: before 5.14.21-150400.24.119.1

kernel-docs: before 5.14.21-150400.24.119.1

kernel-source: before 5.14.21-150400.24.119.1

kernel-macros: before 5.14.21-150400.24.119.1

kernel-devel: before 5.14.21-150400.24.119.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.119.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-build: before 5.14.21-150400.24.119.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-devel: before 5.14.21-150400.24.119.1

reiserfs-kmp-default: before 5.14.21-150400.24.119.1

kernel-syms: before 5.14.21-150400.24.119.1

kernel-64kb-debugsource: before 5.14.21-150400.24.119.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel: before 5.14.21-150400.24.119.1

kernel-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default: before 5.14.21-150400.24.119.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

ocfs2-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default: before 5.14.21-150400.24.119.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default-debuginfo: before 1-150400.9.3.1

kernel-default-livepatch: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_26-debugsource: before 1-150400.9.3.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-debugsource: before 5.14.21-150400.24.119.1

kernel-default-base: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-default: before 5.14.21-150400.24.119.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241641-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) Resource management error

EUVDB-ID: #VU93843

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47188

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the ufshcd_abort() function in drivers/scsi/ufs/ufshcd.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-extra: before 5.14.21-150400.24.119.1

dtb-allwinner: before 5.14.21-150400.24.119.1

kernel-64kb-optional: before 5.14.21-150400.24.119.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.119.1

dtb-sprd: before 5.14.21-150400.24.119.1

dtb-qcom: before 5.14.21-150400.24.119.1

dtb-apple: before 5.14.21-150400.24.119.1

dtb-cavium: before 5.14.21-150400.24.119.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.119.1

dtb-exynos: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-amd: before 5.14.21-150400.24.119.1

dtb-broadcom: before 5.14.21-150400.24.119.1

dtb-hisilicon: before 5.14.21-150400.24.119.1

dtb-amlogic: before 5.14.21-150400.24.119.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-xilinx: before 5.14.21-150400.24.119.1

dtb-socionext: before 5.14.21-150400.24.119.1

dtb-lg: before 5.14.21-150400.24.119.1

dtb-altera: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-renesas: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-marvell: before 5.14.21-150400.24.119.1

dtb-arm: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-amazon: before 5.14.21-150400.24.119.1

dtb-mediatek: before 5.14.21-150400.24.119.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-apm: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-freescale: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-rockchip: before 5.14.21-150400.24.119.1

dtb-nvidia: before 5.14.21-150400.24.119.1

dtb-aarch64: before 5.14.21-150400.24.119.1

kernel-kvmsmall: before 5.14.21-150400.24.119.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kselftests-kmp-default: before 5.14.21-150400.24.119.1

kernel-default-optional: before 5.14.21-150400.24.119.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-qa: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-base-rebuild: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel: before 5.14.21-150400.24.119.1

kernel-debug-debugsource: before 5.14.21-150400.24.119.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-debug-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug: before 5.14.21-150400.24.119.1

kernel-docs-html: before 5.14.21-150400.24.119.1

kernel-source-vanilla: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.119.1

kernel-zfcpdump: before 5.14.21-150400.24.119.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-extra: before 5.14.21-150400.24.119.1

kernel-docs: before 5.14.21-150400.24.119.1

kernel-source: before 5.14.21-150400.24.119.1

kernel-macros: before 5.14.21-150400.24.119.1

kernel-devel: before 5.14.21-150400.24.119.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.119.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-build: before 5.14.21-150400.24.119.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-devel: before 5.14.21-150400.24.119.1

reiserfs-kmp-default: before 5.14.21-150400.24.119.1

kernel-syms: before 5.14.21-150400.24.119.1

kernel-64kb-debugsource: before 5.14.21-150400.24.119.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel: before 5.14.21-150400.24.119.1

kernel-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default: before 5.14.21-150400.24.119.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

ocfs2-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default: before 5.14.21-150400.24.119.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default-debuginfo: before 1-150400.9.3.1

kernel-default-livepatch: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_26-debugsource: before 1-150400.9.3.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-debugsource: before 5.14.21-150400.24.119.1

kernel-default-base: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-default: before 5.14.21-150400.24.119.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241641-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

9) Race condition

EUVDB-ID: #VU93380

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47189

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a race condition within the run_ordered_work() and normal_work_helper() functions in fs/btrfs/async-thread.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-extra: before 5.14.21-150400.24.119.1

dtb-allwinner: before 5.14.21-150400.24.119.1

kernel-64kb-optional: before 5.14.21-150400.24.119.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.119.1

dtb-sprd: before 5.14.21-150400.24.119.1

dtb-qcom: before 5.14.21-150400.24.119.1

dtb-apple: before 5.14.21-150400.24.119.1

dtb-cavium: before 5.14.21-150400.24.119.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.119.1

dtb-exynos: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-amd: before 5.14.21-150400.24.119.1

dtb-broadcom: before 5.14.21-150400.24.119.1

dtb-hisilicon: before 5.14.21-150400.24.119.1

dtb-amlogic: before 5.14.21-150400.24.119.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-xilinx: before 5.14.21-150400.24.119.1

dtb-socionext: before 5.14.21-150400.24.119.1

dtb-lg: before 5.14.21-150400.24.119.1

dtb-altera: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-renesas: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-marvell: before 5.14.21-150400.24.119.1

dtb-arm: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-amazon: before 5.14.21-150400.24.119.1

dtb-mediatek: before 5.14.21-150400.24.119.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-apm: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-freescale: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-rockchip: before 5.14.21-150400.24.119.1

dtb-nvidia: before 5.14.21-150400.24.119.1

dtb-aarch64: before 5.14.21-150400.24.119.1

kernel-kvmsmall: before 5.14.21-150400.24.119.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kselftests-kmp-default: before 5.14.21-150400.24.119.1

kernel-default-optional: before 5.14.21-150400.24.119.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-qa: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-base-rebuild: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel: before 5.14.21-150400.24.119.1

kernel-debug-debugsource: before 5.14.21-150400.24.119.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-debug-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug: before 5.14.21-150400.24.119.1

kernel-docs-html: before 5.14.21-150400.24.119.1

kernel-source-vanilla: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.119.1

kernel-zfcpdump: before 5.14.21-150400.24.119.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-extra: before 5.14.21-150400.24.119.1

kernel-docs: before 5.14.21-150400.24.119.1

kernel-source: before 5.14.21-150400.24.119.1

kernel-macros: before 5.14.21-150400.24.119.1

kernel-devel: before 5.14.21-150400.24.119.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.119.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-build: before 5.14.21-150400.24.119.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-devel: before 5.14.21-150400.24.119.1

reiserfs-kmp-default: before 5.14.21-150400.24.119.1

kernel-syms: before 5.14.21-150400.24.119.1

kernel-64kb-debugsource: before 5.14.21-150400.24.119.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel: before 5.14.21-150400.24.119.1

kernel-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default: before 5.14.21-150400.24.119.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

ocfs2-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default: before 5.14.21-150400.24.119.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default-debuginfo: before 1-150400.9.3.1

kernel-default-livepatch: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_26-debugsource: before 1-150400.9.3.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-debugsource: before 5.14.21-150400.24.119.1

kernel-default-base: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-default: before 5.14.21-150400.24.119.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241641-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

10) Out-of-bounds read

EUVDB-ID: #VU90325

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47191

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the resp_readcap16() function in drivers/scsi/scsi_debug.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-extra: before 5.14.21-150400.24.119.1

dtb-allwinner: before 5.14.21-150400.24.119.1

kernel-64kb-optional: before 5.14.21-150400.24.119.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.119.1

dtb-sprd: before 5.14.21-150400.24.119.1

dtb-qcom: before 5.14.21-150400.24.119.1

dtb-apple: before 5.14.21-150400.24.119.1

dtb-cavium: before 5.14.21-150400.24.119.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.119.1

dtb-exynos: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-amd: before 5.14.21-150400.24.119.1

dtb-broadcom: before 5.14.21-150400.24.119.1

dtb-hisilicon: before 5.14.21-150400.24.119.1

dtb-amlogic: before 5.14.21-150400.24.119.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-xilinx: before 5.14.21-150400.24.119.1

dtb-socionext: before 5.14.21-150400.24.119.1

dtb-lg: before 5.14.21-150400.24.119.1

dtb-altera: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-renesas: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-marvell: before 5.14.21-150400.24.119.1

dtb-arm: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-amazon: before 5.14.21-150400.24.119.1

dtb-mediatek: before 5.14.21-150400.24.119.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-apm: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-freescale: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-rockchip: before 5.14.21-150400.24.119.1

dtb-nvidia: before 5.14.21-150400.24.119.1

dtb-aarch64: before 5.14.21-150400.24.119.1

kernel-kvmsmall: before 5.14.21-150400.24.119.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kselftests-kmp-default: before 5.14.21-150400.24.119.1

kernel-default-optional: before 5.14.21-150400.24.119.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-qa: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-base-rebuild: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel: before 5.14.21-150400.24.119.1

kernel-debug-debugsource: before 5.14.21-150400.24.119.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-debug-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug: before 5.14.21-150400.24.119.1

kernel-docs-html: before 5.14.21-150400.24.119.1

kernel-source-vanilla: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.119.1

kernel-zfcpdump: before 5.14.21-150400.24.119.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-extra: before 5.14.21-150400.24.119.1

kernel-docs: before 5.14.21-150400.24.119.1

kernel-source: before 5.14.21-150400.24.119.1

kernel-macros: before 5.14.21-150400.24.119.1

kernel-devel: before 5.14.21-150400.24.119.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.119.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-build: before 5.14.21-150400.24.119.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-devel: before 5.14.21-150400.24.119.1

reiserfs-kmp-default: before 5.14.21-150400.24.119.1

kernel-syms: before 5.14.21-150400.24.119.1

kernel-64kb-debugsource: before 5.14.21-150400.24.119.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel: before 5.14.21-150400.24.119.1

kernel-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default: before 5.14.21-150400.24.119.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

ocfs2-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default: before 5.14.21-150400.24.119.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default-debuginfo: before 1-150400.9.3.1

kernel-default-livepatch: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_26-debugsource: before 1-150400.9.3.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-debugsource: before 5.14.21-150400.24.119.1

kernel-default-base: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-default: before 5.14.21-150400.24.119.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241641-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

11) State Issues

EUVDB-ID: #VU89240

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47192

CWE-ID: CWE-371 - State Issues

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an error during iSCSI recovery within the store_state_field() function in drivers/scsi/scsi_sysfs.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-extra: before 5.14.21-150400.24.119.1

dtb-allwinner: before 5.14.21-150400.24.119.1

kernel-64kb-optional: before 5.14.21-150400.24.119.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.119.1

dtb-sprd: before 5.14.21-150400.24.119.1

dtb-qcom: before 5.14.21-150400.24.119.1

dtb-apple: before 5.14.21-150400.24.119.1

dtb-cavium: before 5.14.21-150400.24.119.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.119.1

dtb-exynos: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-amd: before 5.14.21-150400.24.119.1

dtb-broadcom: before 5.14.21-150400.24.119.1

dtb-hisilicon: before 5.14.21-150400.24.119.1

dtb-amlogic: before 5.14.21-150400.24.119.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-xilinx: before 5.14.21-150400.24.119.1

dtb-socionext: before 5.14.21-150400.24.119.1

dtb-lg: before 5.14.21-150400.24.119.1

dtb-altera: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-renesas: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-marvell: before 5.14.21-150400.24.119.1

dtb-arm: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-amazon: before 5.14.21-150400.24.119.1

dtb-mediatek: before 5.14.21-150400.24.119.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-apm: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-freescale: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-rockchip: before 5.14.21-150400.24.119.1

dtb-nvidia: before 5.14.21-150400.24.119.1

dtb-aarch64: before 5.14.21-150400.24.119.1

kernel-kvmsmall: before 5.14.21-150400.24.119.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kselftests-kmp-default: before 5.14.21-150400.24.119.1

kernel-default-optional: before 5.14.21-150400.24.119.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-qa: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-base-rebuild: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel: before 5.14.21-150400.24.119.1

kernel-debug-debugsource: before 5.14.21-150400.24.119.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-debug-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug: before 5.14.21-150400.24.119.1

kernel-docs-html: before 5.14.21-150400.24.119.1

kernel-source-vanilla: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.119.1

kernel-zfcpdump: before 5.14.21-150400.24.119.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-extra: before 5.14.21-150400.24.119.1

kernel-docs: before 5.14.21-150400.24.119.1

kernel-source: before 5.14.21-150400.24.119.1

kernel-macros: before 5.14.21-150400.24.119.1

kernel-devel: before 5.14.21-150400.24.119.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.119.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-build: before 5.14.21-150400.24.119.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-devel: before 5.14.21-150400.24.119.1

reiserfs-kmp-default: before 5.14.21-150400.24.119.1

kernel-syms: before 5.14.21-150400.24.119.1

kernel-64kb-debugsource: before 5.14.21-150400.24.119.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel: before 5.14.21-150400.24.119.1

kernel-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default: before 5.14.21-150400.24.119.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

ocfs2-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default: before 5.14.21-150400.24.119.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default-debuginfo: before 1-150400.9.3.1

kernel-default-livepatch: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_26-debugsource: before 1-150400.9.3.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-debugsource: before 5.14.21-150400.24.119.1

kernel-default-base: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-default: before 5.14.21-150400.24.119.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241641-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

12) Memory leak

EUVDB-ID: #VU90008

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47193

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the pm8001_init_ccb_tag(), pm8001_pci_remove() and remove() functions in drivers/scsi/pm8001/pm8001_init.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-extra: before 5.14.21-150400.24.119.1

dtb-allwinner: before 5.14.21-150400.24.119.1

kernel-64kb-optional: before 5.14.21-150400.24.119.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.119.1

dtb-sprd: before 5.14.21-150400.24.119.1

dtb-qcom: before 5.14.21-150400.24.119.1

dtb-apple: before 5.14.21-150400.24.119.1

dtb-cavium: before 5.14.21-150400.24.119.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.119.1

dtb-exynos: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-amd: before 5.14.21-150400.24.119.1

dtb-broadcom: before 5.14.21-150400.24.119.1

dtb-hisilicon: before 5.14.21-150400.24.119.1

dtb-amlogic: before 5.14.21-150400.24.119.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-xilinx: before 5.14.21-150400.24.119.1

dtb-socionext: before 5.14.21-150400.24.119.1

dtb-lg: before 5.14.21-150400.24.119.1

dtb-altera: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-renesas: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-marvell: before 5.14.21-150400.24.119.1

dtb-arm: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-amazon: before 5.14.21-150400.24.119.1

dtb-mediatek: before 5.14.21-150400.24.119.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-apm: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-freescale: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-rockchip: before 5.14.21-150400.24.119.1

dtb-nvidia: before 5.14.21-150400.24.119.1

dtb-aarch64: before 5.14.21-150400.24.119.1

kernel-kvmsmall: before 5.14.21-150400.24.119.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kselftests-kmp-default: before 5.14.21-150400.24.119.1

kernel-default-optional: before 5.14.21-150400.24.119.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-qa: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-base-rebuild: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel: before 5.14.21-150400.24.119.1

kernel-debug-debugsource: before 5.14.21-150400.24.119.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-debug-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug: before 5.14.21-150400.24.119.1

kernel-docs-html: before 5.14.21-150400.24.119.1

kernel-source-vanilla: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.119.1

kernel-zfcpdump: before 5.14.21-150400.24.119.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-extra: before 5.14.21-150400.24.119.1

kernel-docs: before 5.14.21-150400.24.119.1

kernel-source: before 5.14.21-150400.24.119.1

kernel-macros: before 5.14.21-150400.24.119.1

kernel-devel: before 5.14.21-150400.24.119.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.119.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-build: before 5.14.21-150400.24.119.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-devel: before 5.14.21-150400.24.119.1

reiserfs-kmp-default: before 5.14.21-150400.24.119.1

kernel-syms: before 5.14.21-150400.24.119.1

kernel-64kb-debugsource: before 5.14.21-150400.24.119.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel: before 5.14.21-150400.24.119.1

kernel-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default: before 5.14.21-150400.24.119.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

ocfs2-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default: before 5.14.21-150400.24.119.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default-debuginfo: before 1-150400.9.3.1

kernel-default-livepatch: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_26-debugsource: before 1-150400.9.3.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-debugsource: before 5.14.21-150400.24.119.1

kernel-default-base: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-default: before 5.14.21-150400.24.119.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241641-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

13) Improper initialization

EUVDB-ID: #VU92392

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47194

CWE-ID: CWE-665 - Improper Initialization

Exploit availability: No

Description

The vulnerability allows a local user to execute arbitrary code.

The vulnerability exists due to improper initialization error within the cfg80211_change_iface() function in net/wireless/util.c. A local user can execute arbitrary code.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-extra: before 5.14.21-150400.24.119.1

dtb-allwinner: before 5.14.21-150400.24.119.1

kernel-64kb-optional: before 5.14.21-150400.24.119.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.119.1

dtb-sprd: before 5.14.21-150400.24.119.1

dtb-qcom: before 5.14.21-150400.24.119.1

dtb-apple: before 5.14.21-150400.24.119.1

dtb-cavium: before 5.14.21-150400.24.119.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.119.1

dtb-exynos: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-amd: before 5.14.21-150400.24.119.1

dtb-broadcom: before 5.14.21-150400.24.119.1

dtb-hisilicon: before 5.14.21-150400.24.119.1

dtb-amlogic: before 5.14.21-150400.24.119.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-xilinx: before 5.14.21-150400.24.119.1

dtb-socionext: before 5.14.21-150400.24.119.1

dtb-lg: before 5.14.21-150400.24.119.1

dtb-altera: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-renesas: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-marvell: before 5.14.21-150400.24.119.1

dtb-arm: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-amazon: before 5.14.21-150400.24.119.1

dtb-mediatek: before 5.14.21-150400.24.119.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-apm: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-freescale: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-rockchip: before 5.14.21-150400.24.119.1

dtb-nvidia: before 5.14.21-150400.24.119.1

dtb-aarch64: before 5.14.21-150400.24.119.1

kernel-kvmsmall: before 5.14.21-150400.24.119.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kselftests-kmp-default: before 5.14.21-150400.24.119.1

kernel-default-optional: before 5.14.21-150400.24.119.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-qa: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-base-rebuild: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel: before 5.14.21-150400.24.119.1

kernel-debug-debugsource: before 5.14.21-150400.24.119.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-debug-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug: before 5.14.21-150400.24.119.1

kernel-docs-html: before 5.14.21-150400.24.119.1

kernel-source-vanilla: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.119.1

kernel-zfcpdump: before 5.14.21-150400.24.119.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-extra: before 5.14.21-150400.24.119.1

kernel-docs: before 5.14.21-150400.24.119.1

kernel-source: before 5.14.21-150400.24.119.1

kernel-macros: before 5.14.21-150400.24.119.1

kernel-devel: before 5.14.21-150400.24.119.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.119.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-build: before 5.14.21-150400.24.119.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-devel: before 5.14.21-150400.24.119.1

reiserfs-kmp-default: before 5.14.21-150400.24.119.1

kernel-syms: before 5.14.21-150400.24.119.1

kernel-64kb-debugsource: before 5.14.21-150400.24.119.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel: before 5.14.21-150400.24.119.1

kernel-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default: before 5.14.21-150400.24.119.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

ocfs2-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default: before 5.14.21-150400.24.119.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default-debuginfo: before 1-150400.9.3.1

kernel-default-livepatch: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_26-debugsource: before 1-150400.9.3.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-debugsource: before 5.14.21-150400.24.119.1

kernel-default-base: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-default: before 5.14.21-150400.24.119.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241641-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

14) Use-after-free

EUVDB-ID: #VU90204

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47195

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the spi_unregister_controller() function in drivers/spi/spi.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-extra: before 5.14.21-150400.24.119.1

dtb-allwinner: before 5.14.21-150400.24.119.1

kernel-64kb-optional: before 5.14.21-150400.24.119.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.119.1

dtb-sprd: before 5.14.21-150400.24.119.1

dtb-qcom: before 5.14.21-150400.24.119.1

dtb-apple: before 5.14.21-150400.24.119.1

dtb-cavium: before 5.14.21-150400.24.119.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.119.1

dtb-exynos: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-amd: before 5.14.21-150400.24.119.1

dtb-broadcom: before 5.14.21-150400.24.119.1

dtb-hisilicon: before 5.14.21-150400.24.119.1

dtb-amlogic: before 5.14.21-150400.24.119.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-xilinx: before 5.14.21-150400.24.119.1

dtb-socionext: before 5.14.21-150400.24.119.1

dtb-lg: before 5.14.21-150400.24.119.1

dtb-altera: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-renesas: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-marvell: before 5.14.21-150400.24.119.1

dtb-arm: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-amazon: before 5.14.21-150400.24.119.1

dtb-mediatek: before 5.14.21-150400.24.119.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-apm: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-freescale: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-rockchip: before 5.14.21-150400.24.119.1

dtb-nvidia: before 5.14.21-150400.24.119.1

dtb-aarch64: before 5.14.21-150400.24.119.1

kernel-kvmsmall: before 5.14.21-150400.24.119.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kselftests-kmp-default: before 5.14.21-150400.24.119.1

kernel-default-optional: before 5.14.21-150400.24.119.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-qa: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-base-rebuild: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel: before 5.14.21-150400.24.119.1

kernel-debug-debugsource: before 5.14.21-150400.24.119.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-debug-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug: before 5.14.21-150400.24.119.1

kernel-docs-html: before 5.14.21-150400.24.119.1

kernel-source-vanilla: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.119.1

kernel-zfcpdump: before 5.14.21-150400.24.119.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-extra: before 5.14.21-150400.24.119.1

kernel-docs: before 5.14.21-150400.24.119.1

kernel-source: before 5.14.21-150400.24.119.1

kernel-macros: before 5.14.21-150400.24.119.1

kernel-devel: before 5.14.21-150400.24.119.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.119.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-build: before 5.14.21-150400.24.119.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-devel: before 5.14.21-150400.24.119.1

reiserfs-kmp-default: before 5.14.21-150400.24.119.1

kernel-syms: before 5.14.21-150400.24.119.1

kernel-64kb-debugsource: before 5.14.21-150400.24.119.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel: before 5.14.21-150400.24.119.1

kernel-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default: before 5.14.21-150400.24.119.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

ocfs2-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default: before 5.14.21-150400.24.119.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default-debuginfo: before 1-150400.9.3.1

kernel-default-livepatch: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_26-debugsource: before 1-150400.9.3.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-debugsource: before 5.14.21-150400.24.119.1

kernel-default-base: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-default: before 5.14.21-150400.24.119.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241641-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

15) Use-after-free

EUVDB-ID: #VU90203

Risk: Low

CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47196

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the create_qp() function in drivers/infiniband/core/verbs.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-extra: before 5.14.21-150400.24.119.1

dtb-allwinner: before 5.14.21-150400.24.119.1

kernel-64kb-optional: before 5.14.21-150400.24.119.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.119.1

dtb-sprd: before 5.14.21-150400.24.119.1

dtb-qcom: before 5.14.21-150400.24.119.1

dtb-apple: before 5.14.21-150400.24.119.1

dtb-cavium: before 5.14.21-150400.24.119.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.119.1

dtb-exynos: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-amd: before 5.14.21-150400.24.119.1

dtb-broadcom: before 5.14.21-150400.24.119.1

dtb-hisilicon: before 5.14.21-150400.24.119.1

dtb-amlogic: before 5.14.21-150400.24.119.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-xilinx: before 5.14.21-150400.24.119.1

dtb-socionext: before 5.14.21-150400.24.119.1

dtb-lg: before 5.14.21-150400.24.119.1

dtb-altera: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-renesas: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-marvell: before 5.14.21-150400.24.119.1

dtb-arm: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-amazon: before 5.14.21-150400.24.119.1

dtb-mediatek: before 5.14.21-150400.24.119.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-apm: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-freescale: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-rockchip: before 5.14.21-150400.24.119.1

dtb-nvidia: before 5.14.21-150400.24.119.1

dtb-aarch64: before 5.14.21-150400.24.119.1

kernel-kvmsmall: before 5.14.21-150400.24.119.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kselftests-kmp-default: before 5.14.21-150400.24.119.1

kernel-default-optional: before 5.14.21-150400.24.119.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-qa: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-base-rebuild: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel: before 5.14.21-150400.24.119.1

kernel-debug-debugsource: before 5.14.21-150400.24.119.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-debug-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug: before 5.14.21-150400.24.119.1

kernel-docs-html: before 5.14.21-150400.24.119.1

kernel-source-vanilla: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.119.1

kernel-zfcpdump: before 5.14.21-150400.24.119.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-extra: before 5.14.21-150400.24.119.1

kernel-docs: before 5.14.21-150400.24.119.1

kernel-source: before 5.14.21-150400.24.119.1

kernel-macros: before 5.14.21-150400.24.119.1

kernel-devel: before 5.14.21-150400.24.119.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.119.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-build: before 5.14.21-150400.24.119.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-devel: before 5.14.21-150400.24.119.1

reiserfs-kmp-default: before 5.14.21-150400.24.119.1

kernel-syms: before 5.14.21-150400.24.119.1

kernel-64kb-debugsource: before 5.14.21-150400.24.119.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel: before 5.14.21-150400.24.119.1

kernel-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default: before 5.14.21-150400.24.119.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

ocfs2-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default: before 5.14.21-150400.24.119.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default-debuginfo: before 1-150400.9.3.1

kernel-default-livepatch: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_26-debugsource: before 1-150400.9.3.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-debugsource: before 5.14.21-150400.24.119.1

kernel-default-base: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-default: before 5.14.21-150400.24.119.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241641-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

16) NULL pointer dereference

EUVDB-ID: #VU93057

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47197

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the mlx5_debug_cq_remove() function in drivers/net/ethernet/mellanox/mlx5/core/debugfs.c, within the mlx5_core_destroy_cq() function in drivers/net/ethernet/mellanox/mlx5/core/cq.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-extra: before 5.14.21-150400.24.119.1

dtb-allwinner: before 5.14.21-150400.24.119.1

kernel-64kb-optional: before 5.14.21-150400.24.119.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.119.1

dtb-sprd: before 5.14.21-150400.24.119.1

dtb-qcom: before 5.14.21-150400.24.119.1

dtb-apple: before 5.14.21-150400.24.119.1

dtb-cavium: before 5.14.21-150400.24.119.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.119.1

dtb-exynos: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-amd: before 5.14.21-150400.24.119.1

dtb-broadcom: before 5.14.21-150400.24.119.1

dtb-hisilicon: before 5.14.21-150400.24.119.1

dtb-amlogic: before 5.14.21-150400.24.119.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-xilinx: before 5.14.21-150400.24.119.1

dtb-socionext: before 5.14.21-150400.24.119.1

dtb-lg: before 5.14.21-150400.24.119.1

dtb-altera: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-renesas: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-marvell: before 5.14.21-150400.24.119.1

dtb-arm: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-amazon: before 5.14.21-150400.24.119.1

dtb-mediatek: before 5.14.21-150400.24.119.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-apm: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-freescale: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-rockchip: before 5.14.21-150400.24.119.1

dtb-nvidia: before 5.14.21-150400.24.119.1

dtb-aarch64: before 5.14.21-150400.24.119.1

kernel-kvmsmall: before 5.14.21-150400.24.119.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kselftests-kmp-default: before 5.14.21-150400.24.119.1

kernel-default-optional: before 5.14.21-150400.24.119.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-qa: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-base-rebuild: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel: before 5.14.21-150400.24.119.1

kernel-debug-debugsource: before 5.14.21-150400.24.119.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-debug-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug: before 5.14.21-150400.24.119.1

kernel-docs-html: before 5.14.21-150400.24.119.1

kernel-source-vanilla: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.119.1

kernel-zfcpdump: before 5.14.21-150400.24.119.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-extra: before 5.14.21-150400.24.119.1

kernel-docs: before 5.14.21-150400.24.119.1

kernel-source: before 5.14.21-150400.24.119.1

kernel-macros: before 5.14.21-150400.24.119.1

kernel-devel: before 5.14.21-150400.24.119.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.119.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-build: before 5.14.21-150400.24.119.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-devel: before 5.14.21-150400.24.119.1

reiserfs-kmp-default: before 5.14.21-150400.24.119.1

kernel-syms: before 5.14.21-150400.24.119.1

kernel-64kb-debugsource: before 5.14.21-150400.24.119.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel: before 5.14.21-150400.24.119.1

kernel-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default: before 5.14.21-150400.24.119.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

ocfs2-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default: before 5.14.21-150400.24.119.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default-debuginfo: before 1-150400.9.3.1

kernel-default-livepatch: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_26-debugsource: before 1-150400.9.3.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-debugsource: before 5.14.21-150400.24.119.1

kernel-default-base: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-default: before 5.14.21-150400.24.119.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241641-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

17) Use-after-free

EUVDB-ID: #VU90208

Risk: Low

CVSSv3.1: 6.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47198

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the lpfc_mbx_cmpl_fc_reg_login() function in drivers/scsi/lpfc/lpfc_hbadisc.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-extra: before 5.14.21-150400.24.119.1

dtb-allwinner: before 5.14.21-150400.24.119.1

kernel-64kb-optional: before 5.14.21-150400.24.119.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.119.1

dtb-sprd: before 5.14.21-150400.24.119.1

dtb-qcom: before 5.14.21-150400.24.119.1

dtb-apple: before 5.14.21-150400.24.119.1

dtb-cavium: before 5.14.21-150400.24.119.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.119.1

dtb-exynos: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-amd: before 5.14.21-150400.24.119.1

dtb-broadcom: before 5.14.21-150400.24.119.1

dtb-hisilicon: before 5.14.21-150400.24.119.1

dtb-amlogic: before 5.14.21-150400.24.119.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-xilinx: before 5.14.21-150400.24.119.1

dtb-socionext: before 5.14.21-150400.24.119.1

dtb-lg: before 5.14.21-150400.24.119.1

dtb-altera: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-renesas: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-marvell: before 5.14.21-150400.24.119.1

dtb-arm: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-amazon: before 5.14.21-150400.24.119.1

dtb-mediatek: before 5.14.21-150400.24.119.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-apm: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-freescale: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-rockchip: before 5.14.21-150400.24.119.1

dtb-nvidia: before 5.14.21-150400.24.119.1

dtb-aarch64: before 5.14.21-150400.24.119.1

kernel-kvmsmall: before 5.14.21-150400.24.119.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kselftests-kmp-default: before 5.14.21-150400.24.119.1

kernel-default-optional: before 5.14.21-150400.24.119.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-qa: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-base-rebuild: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel: before 5.14.21-150400.24.119.1

kernel-debug-debugsource: before 5.14.21-150400.24.119.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-debug-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug: before 5.14.21-150400.24.119.1

kernel-docs-html: before 5.14.21-150400.24.119.1

kernel-source-vanilla: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.119.1

kernel-zfcpdump: before 5.14.21-150400.24.119.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-extra: before 5.14.21-150400.24.119.1

kernel-docs: before 5.14.21-150400.24.119.1

kernel-source: before 5.14.21-150400.24.119.1

kernel-macros: before 5.14.21-150400.24.119.1

kernel-devel: before 5.14.21-150400.24.119.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.119.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-build: before 5.14.21-150400.24.119.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-devel: before 5.14.21-150400.24.119.1

reiserfs-kmp-default: before 5.14.21-150400.24.119.1

kernel-syms: before 5.14.21-150400.24.119.1

kernel-64kb-debugsource: before 5.14.21-150400.24.119.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel: before 5.14.21-150400.24.119.1

kernel-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default: before 5.14.21-150400.24.119.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

ocfs2-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default: before 5.14.21-150400.24.119.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default-debuginfo: before 1-150400.9.3.1

kernel-default-livepatch: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_26-debugsource: before 1-150400.9.3.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-debugsource: before 5.14.21-150400.24.119.1

kernel-default-base: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-default: before 5.14.21-150400.24.119.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241641-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

18) Memory leak

EUVDB-ID: #VU90476

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47199

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the parse_tc_nic_actions() and parse_tc_fdb_actions() functions in drivers/net/ethernet/mellanox/mlx5/core/en_tc.c, within the mlx5_tc_ct_match_add(), mlx5_tc_ct_parse_action() and __mlx5_tc_ct_flow_offload_clear() functions in drivers/net/ethernet/mellanox/mlx5/core/en/tc_ct.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-extra: before 5.14.21-150400.24.119.1

dtb-allwinner: before 5.14.21-150400.24.119.1

kernel-64kb-optional: before 5.14.21-150400.24.119.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.119.1

dtb-sprd: before 5.14.21-150400.24.119.1

dtb-qcom: before 5.14.21-150400.24.119.1

dtb-apple: before 5.14.21-150400.24.119.1

dtb-cavium: before 5.14.21-150400.24.119.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.119.1

dtb-exynos: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-amd: before 5.14.21-150400.24.119.1

dtb-broadcom: before 5.14.21-150400.24.119.1

dtb-hisilicon: before 5.14.21-150400.24.119.1

dtb-amlogic: before 5.14.21-150400.24.119.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-xilinx: before 5.14.21-150400.24.119.1

dtb-socionext: before 5.14.21-150400.24.119.1

dtb-lg: before 5.14.21-150400.24.119.1

dtb-altera: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-renesas: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-marvell: before 5.14.21-150400.24.119.1

dtb-arm: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-amazon: before 5.14.21-150400.24.119.1

dtb-mediatek: before 5.14.21-150400.24.119.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-apm: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-freescale: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-rockchip: before 5.14.21-150400.24.119.1

dtb-nvidia: before 5.14.21-150400.24.119.1

dtb-aarch64: before 5.14.21-150400.24.119.1

kernel-kvmsmall: before 5.14.21-150400.24.119.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kselftests-kmp-default: before 5.14.21-150400.24.119.1

kernel-default-optional: before 5.14.21-150400.24.119.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-qa: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-base-rebuild: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel: before 5.14.21-150400.24.119.1

kernel-debug-debugsource: before 5.14.21-150400.24.119.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-debug-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug: before 5.14.21-150400.24.119.1

kernel-docs-html: before 5.14.21-150400.24.119.1

kernel-source-vanilla: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.119.1

kernel-zfcpdump: before 5.14.21-150400.24.119.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-extra: before 5.14.21-150400.24.119.1

kernel-docs: before 5.14.21-150400.24.119.1

kernel-source: before 5.14.21-150400.24.119.1

kernel-macros: before 5.14.21-150400.24.119.1

kernel-devel: before 5.14.21-150400.24.119.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.119.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-build: before 5.14.21-150400.24.119.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-devel: before 5.14.21-150400.24.119.1

reiserfs-kmp-default: before 5.14.21-150400.24.119.1

kernel-syms: before 5.14.21-150400.24.119.1

kernel-64kb-debugsource: before 5.14.21-150400.24.119.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel: before 5.14.21-150400.24.119.1

kernel-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default: before 5.14.21-150400.24.119.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

ocfs2-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default: before 5.14.21-150400.24.119.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default-debuginfo: before 1-150400.9.3.1

kernel-default-livepatch: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_26-debugsource: before 1-150400.9.3.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-debugsource: before 5.14.21-150400.24.119.1

kernel-default-base: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-default: before 5.14.21-150400.24.119.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241641-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

19) Use-after-free

EUVDB-ID: #VU90206

Risk: Low

CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47200

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the drm_gem_prime_mmap() function in drivers/gpu/drm/drm_prime.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-extra: before 5.14.21-150400.24.119.1

dtb-allwinner: before 5.14.21-150400.24.119.1

kernel-64kb-optional: before 5.14.21-150400.24.119.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.119.1

dtb-sprd: before 5.14.21-150400.24.119.1

dtb-qcom: before 5.14.21-150400.24.119.1

dtb-apple: before 5.14.21-150400.24.119.1

dtb-cavium: before 5.14.21-150400.24.119.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.119.1

dtb-exynos: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-amd: before 5.14.21-150400.24.119.1

dtb-broadcom: before 5.14.21-150400.24.119.1

dtb-hisilicon: before 5.14.21-150400.24.119.1

dtb-amlogic: before 5.14.21-150400.24.119.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-xilinx: before 5.14.21-150400.24.119.1

dtb-socionext: before 5.14.21-150400.24.119.1

dtb-lg: before 5.14.21-150400.24.119.1

dtb-altera: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-renesas: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-marvell: before 5.14.21-150400.24.119.1

dtb-arm: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-amazon: before 5.14.21-150400.24.119.1

dtb-mediatek: before 5.14.21-150400.24.119.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-apm: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-freescale: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-rockchip: before 5.14.21-150400.24.119.1

dtb-nvidia: before 5.14.21-150400.24.119.1

dtb-aarch64: before 5.14.21-150400.24.119.1

kernel-kvmsmall: before 5.14.21-150400.24.119.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kselftests-kmp-default: before 5.14.21-150400.24.119.1

kernel-default-optional: before 5.14.21-150400.24.119.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-qa: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-base-rebuild: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel: before 5.14.21-150400.24.119.1

kernel-debug-debugsource: before 5.14.21-150400.24.119.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-debug-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug: before 5.14.21-150400.24.119.1

kernel-docs-html: before 5.14.21-150400.24.119.1

kernel-source-vanilla: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.119.1

kernel-zfcpdump: before 5.14.21-150400.24.119.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-extra: before 5.14.21-150400.24.119.1

kernel-docs: before 5.14.21-150400.24.119.1

kernel-source: before 5.14.21-150400.24.119.1

kernel-macros: before 5.14.21-150400.24.119.1

kernel-devel: before 5.14.21-150400.24.119.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.119.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-build: before 5.14.21-150400.24.119.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-devel: before 5.14.21-150400.24.119.1

reiserfs-kmp-default: before 5.14.21-150400.24.119.1

kernel-syms: before 5.14.21-150400.24.119.1

kernel-64kb-debugsource: before 5.14.21-150400.24.119.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel: before 5.14.21-150400.24.119.1

kernel-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default: before 5.14.21-150400.24.119.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

ocfs2-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default: before 5.14.21-150400.24.119.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default-debuginfo: before 1-150400.9.3.1

kernel-default-livepatch: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_26-debugsource: before 1-150400.9.3.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-debugsource: before 5.14.21-150400.24.119.1

kernel-default-base: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-default: before 5.14.21-150400.24.119.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241641-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

20) Resource management error

EUVDB-ID: #VU92971

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47201

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the iavf_disable_vf() function in drivers/net/ethernet/intel/iavf/iavf_main.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-extra: before 5.14.21-150400.24.119.1

dtb-allwinner: before 5.14.21-150400.24.119.1

kernel-64kb-optional: before 5.14.21-150400.24.119.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.119.1

dtb-sprd: before 5.14.21-150400.24.119.1

dtb-qcom: before 5.14.21-150400.24.119.1

dtb-apple: before 5.14.21-150400.24.119.1

dtb-cavium: before 5.14.21-150400.24.119.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.119.1

dtb-exynos: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-amd: before 5.14.21-150400.24.119.1

dtb-broadcom: before 5.14.21-150400.24.119.1

dtb-hisilicon: before 5.14.21-150400.24.119.1

dtb-amlogic: before 5.14.21-150400.24.119.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-xilinx: before 5.14.21-150400.24.119.1

dtb-socionext: before 5.14.21-150400.24.119.1

dtb-lg: before 5.14.21-150400.24.119.1

dtb-altera: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-renesas: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-marvell: before 5.14.21-150400.24.119.1

dtb-arm: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-amazon: before 5.14.21-150400.24.119.1

dtb-mediatek: before 5.14.21-150400.24.119.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-apm: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-freescale: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-rockchip: before 5.14.21-150400.24.119.1

dtb-nvidia: before 5.14.21-150400.24.119.1

dtb-aarch64: before 5.14.21-150400.24.119.1

kernel-kvmsmall: before 5.14.21-150400.24.119.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kselftests-kmp-default: before 5.14.21-150400.24.119.1

kernel-default-optional: before 5.14.21-150400.24.119.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-qa: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-base-rebuild: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel: before 5.14.21-150400.24.119.1

kernel-debug-debugsource: before 5.14.21-150400.24.119.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-debug-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug: before 5.14.21-150400.24.119.1

kernel-docs-html: before 5.14.21-150400.24.119.1

kernel-source-vanilla: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.119.1

kernel-zfcpdump: before 5.14.21-150400.24.119.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-extra: before 5.14.21-150400.24.119.1

kernel-docs: before 5.14.21-150400.24.119.1

kernel-source: before 5.14.21-150400.24.119.1

kernel-macros: before 5.14.21-150400.24.119.1

kernel-devel: before 5.14.21-150400.24.119.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.119.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-build: before 5.14.21-150400.24.119.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-devel: before 5.14.21-150400.24.119.1

reiserfs-kmp-default: before 5.14.21-150400.24.119.1

kernel-syms: before 5.14.21-150400.24.119.1

kernel-64kb-debugsource: before 5.14.21-150400.24.119.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel: before 5.14.21-150400.24.119.1

kernel-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default: before 5.14.21-150400.24.119.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

ocfs2-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default: before 5.14.21-150400.24.119.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default-debuginfo: before 1-150400.9.3.1

kernel-default-livepatch: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_26-debugsource: before 1-150400.9.3.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-debugsource: before 5.14.21-150400.24.119.1

kernel-default-base: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-default: before 5.14.21-150400.24.119.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241641-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

21) NULL pointer dereference

EUVDB-ID: #VU90582

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47202

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the of_thermal_get_temp(), of_thermal_set_emul_temp(), of_thermal_get_trend() and of_thermal_set_trip_temp() functions in drivers/thermal/of-thermal.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-extra: before 5.14.21-150400.24.119.1

dtb-allwinner: before 5.14.21-150400.24.119.1

kernel-64kb-optional: before 5.14.21-150400.24.119.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.119.1

dtb-sprd: before 5.14.21-150400.24.119.1

dtb-qcom: before 5.14.21-150400.24.119.1

dtb-apple: before 5.14.21-150400.24.119.1

dtb-cavium: before 5.14.21-150400.24.119.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.119.1

dtb-exynos: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-amd: before 5.14.21-150400.24.119.1

dtb-broadcom: before 5.14.21-150400.24.119.1

dtb-hisilicon: before 5.14.21-150400.24.119.1

dtb-amlogic: before 5.14.21-150400.24.119.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-xilinx: before 5.14.21-150400.24.119.1

dtb-socionext: before 5.14.21-150400.24.119.1

dtb-lg: before 5.14.21-150400.24.119.1

dtb-altera: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-renesas: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-marvell: before 5.14.21-150400.24.119.1

dtb-arm: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-amazon: before 5.14.21-150400.24.119.1

dtb-mediatek: before 5.14.21-150400.24.119.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-apm: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-freescale: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-rockchip: before 5.14.21-150400.24.119.1

dtb-nvidia: before 5.14.21-150400.24.119.1

dtb-aarch64: before 5.14.21-150400.24.119.1

kernel-kvmsmall: before 5.14.21-150400.24.119.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kselftests-kmp-default: before 5.14.21-150400.24.119.1

kernel-default-optional: before 5.14.21-150400.24.119.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-qa: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-base-rebuild: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel: before 5.14.21-150400.24.119.1

kernel-debug-debugsource: before 5.14.21-150400.24.119.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-debug-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug: before 5.14.21-150400.24.119.1

kernel-docs-html: before 5.14.21-150400.24.119.1

kernel-source-vanilla: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.119.1

kernel-zfcpdump: before 5.14.21-150400.24.119.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-extra: before 5.14.21-150400.24.119.1

kernel-docs: before 5.14.21-150400.24.119.1

kernel-source: before 5.14.21-150400.24.119.1

kernel-macros: before 5.14.21-150400.24.119.1

kernel-devel: before 5.14.21-150400.24.119.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.119.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-build: before 5.14.21-150400.24.119.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-devel: before 5.14.21-150400.24.119.1

reiserfs-kmp-default: before 5.14.21-150400.24.119.1

kernel-syms: before 5.14.21-150400.24.119.1

kernel-64kb-debugsource: before 5.14.21-150400.24.119.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel: before 5.14.21-150400.24.119.1

kernel-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default: before 5.14.21-150400.24.119.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

ocfs2-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default: before 5.14.21-150400.24.119.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default-debuginfo: before 1-150400.9.3.1

kernel-default-livepatch: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_26-debugsource: before 1-150400.9.3.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-debugsource: before 5.14.21-150400.24.119.1

kernel-default-base: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-default: before 5.14.21-150400.24.119.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241641-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

22) Buffer overflow

EUVDB-ID: #VU93156

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47203

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the lpfc_drain_txq() function in drivers/scsi/lpfc/lpfc_sli.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-extra: before 5.14.21-150400.24.119.1

dtb-allwinner: before 5.14.21-150400.24.119.1

kernel-64kb-optional: before 5.14.21-150400.24.119.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.119.1

dtb-sprd: before 5.14.21-150400.24.119.1

dtb-qcom: before 5.14.21-150400.24.119.1

dtb-apple: before 5.14.21-150400.24.119.1

dtb-cavium: before 5.14.21-150400.24.119.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.119.1

dtb-exynos: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-amd: before 5.14.21-150400.24.119.1

dtb-broadcom: before 5.14.21-150400.24.119.1

dtb-hisilicon: before 5.14.21-150400.24.119.1

dtb-amlogic: before 5.14.21-150400.24.119.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-xilinx: before 5.14.21-150400.24.119.1

dtb-socionext: before 5.14.21-150400.24.119.1

dtb-lg: before 5.14.21-150400.24.119.1

dtb-altera: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-renesas: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-marvell: before 5.14.21-150400.24.119.1

dtb-arm: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-amazon: before 5.14.21-150400.24.119.1

dtb-mediatek: before 5.14.21-150400.24.119.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-apm: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-freescale: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-rockchip: before 5.14.21-150400.24.119.1

dtb-nvidia: before 5.14.21-150400.24.119.1

dtb-aarch64: before 5.14.21-150400.24.119.1

kernel-kvmsmall: before 5.14.21-150400.24.119.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kselftests-kmp-default: before 5.14.21-150400.24.119.1

kernel-default-optional: before 5.14.21-150400.24.119.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-qa: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-base-rebuild: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel: before 5.14.21-150400.24.119.1

kernel-debug-debugsource: before 5.14.21-150400.24.119.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-debug-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug: before 5.14.21-150400.24.119.1

kernel-docs-html: before 5.14.21-150400.24.119.1

kernel-source-vanilla: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.119.1

kernel-zfcpdump: before 5.14.21-150400.24.119.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-extra: before 5.14.21-150400.24.119.1

kernel-docs: before 5.14.21-150400.24.119.1

kernel-source: before 5.14.21-150400.24.119.1

kernel-macros: before 5.14.21-150400.24.119.1

kernel-devel: before 5.14.21-150400.24.119.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.119.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-build: before 5.14.21-150400.24.119.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-devel: before 5.14.21-150400.24.119.1

reiserfs-kmp-default: before 5.14.21-150400.24.119.1

kernel-syms: before 5.14.21-150400.24.119.1

kernel-64kb-debugsource: before 5.14.21-150400.24.119.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel: before 5.14.21-150400.24.119.1

kernel-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default: before 5.14.21-150400.24.119.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

ocfs2-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default: before 5.14.21-150400.24.119.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default-debuginfo: before 1-150400.9.3.1

kernel-default-livepatch: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_26-debugsource: before 1-150400.9.3.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-debugsource: before 5.14.21-150400.24.119.1

kernel-default-base: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-default: before 5.14.21-150400.24.119.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241641-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

23) Use-after-free

EUVDB-ID: #VU90205

Risk: Low

CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47204

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the dpaa2_eth_remove() function in drivers/net/ethernet/freescale/dpaa2/dpaa2-eth.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-extra: before 5.14.21-150400.24.119.1

dtb-allwinner: before 5.14.21-150400.24.119.1

kernel-64kb-optional: before 5.14.21-150400.24.119.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.119.1

dtb-sprd: before 5.14.21-150400.24.119.1

dtb-qcom: before 5.14.21-150400.24.119.1

dtb-apple: before 5.14.21-150400.24.119.1

dtb-cavium: before 5.14.21-150400.24.119.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.119.1

dtb-exynos: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-amd: before 5.14.21-150400.24.119.1

dtb-broadcom: before 5.14.21-150400.24.119.1

dtb-hisilicon: before 5.14.21-150400.24.119.1

dtb-amlogic: before 5.14.21-150400.24.119.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-xilinx: before 5.14.21-150400.24.119.1

dtb-socionext: before 5.14.21-150400.24.119.1

dtb-lg: before 5.14.21-150400.24.119.1

dtb-altera: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-renesas: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-marvell: before 5.14.21-150400.24.119.1

dtb-arm: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-amazon: before 5.14.21-150400.24.119.1

dtb-mediatek: before 5.14.21-150400.24.119.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-apm: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-freescale: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-rockchip: before 5.14.21-150400.24.119.1

dtb-nvidia: before 5.14.21-150400.24.119.1

dtb-aarch64: before 5.14.21-150400.24.119.1

kernel-kvmsmall: before 5.14.21-150400.24.119.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kselftests-kmp-default: before 5.14.21-150400.24.119.1

kernel-default-optional: before 5.14.21-150400.24.119.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-qa: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-base-rebuild: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel: before 5.14.21-150400.24.119.1

kernel-debug-debugsource: before 5.14.21-150400.24.119.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-debug-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug: before 5.14.21-150400.24.119.1

kernel-docs-html: before 5.14.21-150400.24.119.1

kernel-source-vanilla: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.119.1

kernel-zfcpdump: before 5.14.21-150400.24.119.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-extra: before 5.14.21-150400.24.119.1

kernel-docs: before 5.14.21-150400.24.119.1

kernel-source: before 5.14.21-150400.24.119.1

kernel-macros: before 5.14.21-150400.24.119.1

kernel-devel: before 5.14.21-150400.24.119.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.119.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-build: before 5.14.21-150400.24.119.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-devel: before 5.14.21-150400.24.119.1

reiserfs-kmp-default: before 5.14.21-150400.24.119.1

kernel-syms: before 5.14.21-150400.24.119.1

kernel-64kb-debugsource: before 5.14.21-150400.24.119.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel: before 5.14.21-150400.24.119.1

kernel-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default: before 5.14.21-150400.24.119.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

ocfs2-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default: before 5.14.21-150400.24.119.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default-debuginfo: before 1-150400.9.3.1

kernel-default-livepatch: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_26-debugsource: before 1-150400.9.3.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-debugsource: before 5.14.21-150400.24.119.1

kernel-default-base: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-default: before 5.14.21-150400.24.119.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241641-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

24) Memory leak

EUVDB-ID: #VU90007

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47205

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the DEFINE_SPINLOCK() and devm_sunxi_ccu_release() functions in drivers/clk/sunxi-ng/ccu_common.c, within the suniv_f1c100s_ccu_setup() function in drivers/clk/sunxi-ng/ccu-suniv-f1c100s.c, within the sun9i_a80_ccu_probe() function in drivers/clk/sunxi-ng/ccu-sun9i-a80.c, within the sun9i_a80_usb_clk_probe() function in drivers/clk/sunxi-ng/ccu-sun9i-a80-usb.c, within the sun9i_a80_de_clk_probe() function in drivers/clk/sunxi-ng/ccu-sun9i-a80-de.c, within the sun8i_v3_v3s_ccu_init() function in drivers/clk/sunxi-ng/ccu-sun8i-v3s.c, within the sun8i_r40_ccu_probe() function in drivers/clk/sunxi-ng/ccu-sun8i-r40.c, within the sunxi_h3_h5_ccu_init() function in drivers/clk/sunxi-ng/ccu-sun8i-h3.c, within the sunxi_de2_clk_probe() function in drivers/clk/sunxi-ng/ccu-sun8i-de2.c, within the sun8i_a83t_ccu_probe() function in drivers/clk/sunxi-ng/ccu-sun8i-a83t.c, within the sun8i_a33_ccu_setup() and ccu_pll_notifier_register() functions in drivers/clk/sunxi-ng/ccu-sun8i-a33.c, within the sun8i_a23_ccu_setup() function in drivers/clk/sunxi-ng/ccu-sun8i-a23.c, within the sun6i_a31_ccu_setup() function in drivers/clk/sunxi-ng/ccu-sun6i-a31.c, within the sun5i_ccu_init() function in drivers/clk/sunxi-ng/ccu-sun5i.c, within the sun50i_h616_ccu_setup() function in drivers/clk/sunxi-ng/ccu-sun50i-h616.c, within the sun50i_h6_ccu_probe() function in drivers/clk/sunxi-ng/ccu-sun50i-h6.c, within the sunxi_r_ccu_init() function in drivers/clk/sunxi-ng/ccu-sun50i-h6-r.c, within the sun50i_a64_ccu_probe() function in drivers/clk/sunxi-ng/ccu-sun50i-a64.c, within the sun50i_a100_ccu_probe() function in drivers/clk/sunxi-ng/ccu-sun50i-a100.c, within the sun50i_a100_r_ccu_probe() function in drivers/clk/sunxi-ng/ccu-sun50i-a100-r.c, within the sun4i_ccu_init() and sunxi_ccu_probe() functions in drivers/clk/sunxi-ng/ccu-sun4i-a10.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-extra: before 5.14.21-150400.24.119.1

dtb-allwinner: before 5.14.21-150400.24.119.1

kernel-64kb-optional: before 5.14.21-150400.24.119.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.119.1

dtb-sprd: before 5.14.21-150400.24.119.1

dtb-qcom: before 5.14.21-150400.24.119.1

dtb-apple: before 5.14.21-150400.24.119.1

dtb-cavium: before 5.14.21-150400.24.119.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.119.1

dtb-exynos: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-amd: before 5.14.21-150400.24.119.1

dtb-broadcom: before 5.14.21-150400.24.119.1

dtb-hisilicon: before 5.14.21-150400.24.119.1

dtb-amlogic: before 5.14.21-150400.24.119.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-xilinx: before 5.14.21-150400.24.119.1

dtb-socionext: before 5.14.21-150400.24.119.1

dtb-lg: before 5.14.21-150400.24.119.1

dtb-altera: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-renesas: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-marvell: before 5.14.21-150400.24.119.1

dtb-arm: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-amazon: before 5.14.21-150400.24.119.1

dtb-mediatek: before 5.14.21-150400.24.119.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-apm: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-freescale: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-rockchip: before 5.14.21-150400.24.119.1

dtb-nvidia: before 5.14.21-150400.24.119.1

dtb-aarch64: before 5.14.21-150400.24.119.1

kernel-kvmsmall: before 5.14.21-150400.24.119.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kselftests-kmp-default: before 5.14.21-150400.24.119.1

kernel-default-optional: before 5.14.21-150400.24.119.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-qa: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-base-rebuild: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel: before 5.14.21-150400.24.119.1

kernel-debug-debugsource: before 5.14.21-150400.24.119.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-debug-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug: before 5.14.21-150400.24.119.1

kernel-docs-html: before 5.14.21-150400.24.119.1

kernel-source-vanilla: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.119.1

kernel-zfcpdump: before 5.14.21-150400.24.119.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-extra: before 5.14.21-150400.24.119.1

kernel-docs: before 5.14.21-150400.24.119.1

kernel-source: before 5.14.21-150400.24.119.1

kernel-macros: before 5.14.21-150400.24.119.1

kernel-devel: before 5.14.21-150400.24.119.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.119.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-build: before 5.14.21-150400.24.119.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-devel: before 5.14.21-150400.24.119.1

reiserfs-kmp-default: before 5.14.21-150400.24.119.1

kernel-syms: before 5.14.21-150400.24.119.1

kernel-64kb-debugsource: before 5.14.21-150400.24.119.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel: before 5.14.21-150400.24.119.1

kernel-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default: before 5.14.21-150400.24.119.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

ocfs2-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default: before 5.14.21-150400.24.119.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default-debuginfo: before 1-150400.9.3.1

kernel-default-livepatch: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_26-debugsource: before 1-150400.9.3.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-debugsource: before 5.14.21-150400.24.119.1

kernel-default-base: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-default: before 5.14.21-150400.24.119.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241641-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

25) NULL pointer dereference

EUVDB-ID: #VU92072

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47206

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the ohci_hcd_tmio_drv_probe() function in drivers/usb/host/ohci-tmio.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-extra: before 5.14.21-150400.24.119.1

dtb-allwinner: before 5.14.21-150400.24.119.1

kernel-64kb-optional: before 5.14.21-150400.24.119.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.119.1

dtb-sprd: before 5.14.21-150400.24.119.1

dtb-qcom: before 5.14.21-150400.24.119.1

dtb-apple: before 5.14.21-150400.24.119.1

dtb-cavium: before 5.14.21-150400.24.119.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.119.1

dtb-exynos: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-amd: before 5.14.21-150400.24.119.1

dtb-broadcom: before 5.14.21-150400.24.119.1

dtb-hisilicon: before 5.14.21-150400.24.119.1

dtb-amlogic: before 5.14.21-150400.24.119.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-xilinx: before 5.14.21-150400.24.119.1

dtb-socionext: before 5.14.21-150400.24.119.1

dtb-lg: before 5.14.21-150400.24.119.1

dtb-altera: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-renesas: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-marvell: before 5.14.21-150400.24.119.1

dtb-arm: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-amazon: before 5.14.21-150400.24.119.1

dtb-mediatek: before 5.14.21-150400.24.119.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-apm: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-freescale: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-rockchip: before 5.14.21-150400.24.119.1

dtb-nvidia: before 5.14.21-150400.24.119.1

dtb-aarch64: before 5.14.21-150400.24.119.1

kernel-kvmsmall: before 5.14.21-150400.24.119.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kselftests-kmp-default: before 5.14.21-150400.24.119.1

kernel-default-optional: before 5.14.21-150400.24.119.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-qa: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-base-rebuild: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel: before 5.14.21-150400.24.119.1

kernel-debug-debugsource: before 5.14.21-150400.24.119.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-debug-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug: before 5.14.21-150400.24.119.1

kernel-docs-html: before 5.14.21-150400.24.119.1

kernel-source-vanilla: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.119.1

kernel-zfcpdump: before 5.14.21-150400.24.119.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-extra: before 5.14.21-150400.24.119.1

kernel-docs: before 5.14.21-150400.24.119.1

kernel-source: before 5.14.21-150400.24.119.1

kernel-macros: before 5.14.21-150400.24.119.1

kernel-devel: before 5.14.21-150400.24.119.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.119.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-build: before 5.14.21-150400.24.119.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-devel: before 5.14.21-150400.24.119.1

reiserfs-kmp-default: before 5.14.21-150400.24.119.1

kernel-syms: before 5.14.21-150400.24.119.1

kernel-64kb-debugsource: before 5.14.21-150400.24.119.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel: before 5.14.21-150400.24.119.1

kernel-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default: before 5.14.21-150400.24.119.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

ocfs2-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default: before 5.14.21-150400.24.119.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default-debuginfo: before 1-150400.9.3.1

kernel-default-livepatch: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_26-debugsource: before 1-150400.9.3.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-debugsource: before 5.14.21-150400.24.119.1

kernel-default-base: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-default: before 5.14.21-150400.24.119.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241641-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

26) NULL pointer dereference

EUVDB-ID: #VU90583

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47207

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the snd_gf1_dma_interrupt() function in sound/isa/gus/gus_dma.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-extra: before 5.14.21-150400.24.119.1

dtb-allwinner: before 5.14.21-150400.24.119.1

kernel-64kb-optional: before 5.14.21-150400.24.119.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.119.1

dtb-sprd: before 5.14.21-150400.24.119.1

dtb-qcom: before 5.14.21-150400.24.119.1

dtb-apple: before 5.14.21-150400.24.119.1

dtb-cavium: before 5.14.21-150400.24.119.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.119.1

dtb-exynos: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-amd: before 5.14.21-150400.24.119.1

dtb-broadcom: before 5.14.21-150400.24.119.1

dtb-hisilicon: before 5.14.21-150400.24.119.1

dtb-amlogic: before 5.14.21-150400.24.119.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-xilinx: before 5.14.21-150400.24.119.1

dtb-socionext: before 5.14.21-150400.24.119.1

dtb-lg: before 5.14.21-150400.24.119.1

dtb-altera: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-renesas: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-marvell: before 5.14.21-150400.24.119.1

dtb-arm: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-amazon: before 5.14.21-150400.24.119.1

dtb-mediatek: before 5.14.21-150400.24.119.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-apm: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-freescale: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-rockchip: before 5.14.21-150400.24.119.1

dtb-nvidia: before 5.14.21-150400.24.119.1

dtb-aarch64: before 5.14.21-150400.24.119.1

kernel-kvmsmall: before 5.14.21-150400.24.119.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kselftests-kmp-default: before 5.14.21-150400.24.119.1

kernel-default-optional: before 5.14.21-150400.24.119.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-qa: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-base-rebuild: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel: before 5.14.21-150400.24.119.1

kernel-debug-debugsource: before 5.14.21-150400.24.119.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-debug-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug: before 5.14.21-150400.24.119.1

kernel-docs-html: before 5.14.21-150400.24.119.1

kernel-source-vanilla: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.119.1

kernel-zfcpdump: before 5.14.21-150400.24.119.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-extra: before 5.14.21-150400.24.119.1

kernel-docs: before 5.14.21-150400.24.119.1

kernel-source: before 5.14.21-150400.24.119.1

kernel-macros: before 5.14.21-150400.24.119.1

kernel-devel: before 5.14.21-150400.24.119.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.119.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-build: before 5.14.21-150400.24.119.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-devel: before 5.14.21-150400.24.119.1

reiserfs-kmp-default: before 5.14.21-150400.24.119.1

kernel-syms: before 5.14.21-150400.24.119.1

kernel-64kb-debugsource: before 5.14.21-150400.24.119.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel: before 5.14.21-150400.24.119.1

kernel-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default: before 5.14.21-150400.24.119.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

ocfs2-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default: before 5.14.21-150400.24.119.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default-debuginfo: before 1-150400.9.3.1

kernel-default-livepatch: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_26-debugsource: before 1-150400.9.3.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-debugsource: before 5.14.21-150400.24.119.1

kernel-default-base: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-default: before 5.14.21-150400.24.119.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241641-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

27) Use-after-free

EUVDB-ID: #VU90207

Risk: Low

CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47209

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the rq_of_rt_se() and rt_rq_of_se() functions in kernel/sched/rt.c, within the free_fair_sched_group() and unregister_fair_sched_group() functions in kernel/sched/fair.c, within the sched_free_group(), sched_online_group(), cpu_cgroup_css_released() and cpu_cgroup_css_free() functions in kernel/sched/core.c, within the autogroup_destroy() function in kernel/sched/autogroup.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-extra: before 5.14.21-150400.24.119.1

dtb-allwinner: before 5.14.21-150400.24.119.1

kernel-64kb-optional: before 5.14.21-150400.24.119.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.119.1

dtb-sprd: before 5.14.21-150400.24.119.1

dtb-qcom: before 5.14.21-150400.24.119.1

dtb-apple: before 5.14.21-150400.24.119.1

dtb-cavium: before 5.14.21-150400.24.119.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.119.1

dtb-exynos: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-amd: before 5.14.21-150400.24.119.1

dtb-broadcom: before 5.14.21-150400.24.119.1

dtb-hisilicon: before 5.14.21-150400.24.119.1

dtb-amlogic: before 5.14.21-150400.24.119.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-xilinx: before 5.14.21-150400.24.119.1

dtb-socionext: before 5.14.21-150400.24.119.1

dtb-lg: before 5.14.21-150400.24.119.1

dtb-altera: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-renesas: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-marvell: before 5.14.21-150400.24.119.1

dtb-arm: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-amazon: before 5.14.21-150400.24.119.1

dtb-mediatek: before 5.14.21-150400.24.119.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-apm: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-freescale: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-rockchip: before 5.14.21-150400.24.119.1

dtb-nvidia: before 5.14.21-150400.24.119.1

dtb-aarch64: before 5.14.21-150400.24.119.1

kernel-kvmsmall: before 5.14.21-150400.24.119.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kselftests-kmp-default: before 5.14.21-150400.24.119.1

kernel-default-optional: before 5.14.21-150400.24.119.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-qa: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-base-rebuild: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel: before 5.14.21-150400.24.119.1

kernel-debug-debugsource: before 5.14.21-150400.24.119.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-debug-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug: before 5.14.21-150400.24.119.1

kernel-docs-html: before 5.14.21-150400.24.119.1

kernel-source-vanilla: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.119.1

kernel-zfcpdump: before 5.14.21-150400.24.119.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-extra: before 5.14.21-150400.24.119.1

kernel-docs: before 5.14.21-150400.24.119.1

kernel-source: before 5.14.21-150400.24.119.1

kernel-macros: before 5.14.21-150400.24.119.1

kernel-devel: before 5.14.21-150400.24.119.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.119.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-build: before 5.14.21-150400.24.119.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-devel: before 5.14.21-150400.24.119.1

reiserfs-kmp-default: before 5.14.21-150400.24.119.1

kernel-syms: before 5.14.21-150400.24.119.1

kernel-64kb-debugsource: before 5.14.21-150400.24.119.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel: before 5.14.21-150400.24.119.1

kernel-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default: before 5.14.21-150400.24.119.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

ocfs2-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default: before 5.14.21-150400.24.119.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default-debuginfo: before 1-150400.9.3.1

kernel-default-livepatch: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_26-debugsource: before 1-150400.9.3.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-debugsource: before 5.14.21-150400.24.119.1

kernel-default-base: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-default: before 5.14.21-150400.24.119.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241641-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

28) Input validation error

EUVDB-ID: #VU93688

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47210

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the tps6598x_block_read() function in drivers/usb/typec/tps6598x.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-extra: before 5.14.21-150400.24.119.1

dtb-allwinner: before 5.14.21-150400.24.119.1

kernel-64kb-optional: before 5.14.21-150400.24.119.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.119.1

dtb-sprd: before 5.14.21-150400.24.119.1

dtb-qcom: before 5.14.21-150400.24.119.1

dtb-apple: before 5.14.21-150400.24.119.1

dtb-cavium: before 5.14.21-150400.24.119.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.119.1

dtb-exynos: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-amd: before 5.14.21-150400.24.119.1

dtb-broadcom: before 5.14.21-150400.24.119.1

dtb-hisilicon: before 5.14.21-150400.24.119.1

dtb-amlogic: before 5.14.21-150400.24.119.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-xilinx: before 5.14.21-150400.24.119.1

dtb-socionext: before 5.14.21-150400.24.119.1

dtb-lg: before 5.14.21-150400.24.119.1

dtb-altera: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-renesas: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-marvell: before 5.14.21-150400.24.119.1

dtb-arm: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-amazon: before 5.14.21-150400.24.119.1

dtb-mediatek: before 5.14.21-150400.24.119.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-apm: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-freescale: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-rockchip: before 5.14.21-150400.24.119.1

dtb-nvidia: before 5.14.21-150400.24.119.1

dtb-aarch64: before 5.14.21-150400.24.119.1

kernel-kvmsmall: before 5.14.21-150400.24.119.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kselftests-kmp-default: before 5.14.21-150400.24.119.1

kernel-default-optional: before 5.14.21-150400.24.119.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-qa: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-base-rebuild: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel: before 5.14.21-150400.24.119.1

kernel-debug-debugsource: before 5.14.21-150400.24.119.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-debug-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug: before 5.14.21-150400.24.119.1

kernel-docs-html: before 5.14.21-150400.24.119.1

kernel-source-vanilla: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.119.1

kernel-zfcpdump: before 5.14.21-150400.24.119.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-extra: before 5.14.21-150400.24.119.1

kernel-docs: before 5.14.21-150400.24.119.1

kernel-source: before 5.14.21-150400.24.119.1

kernel-macros: before 5.14.21-150400.24.119.1

kernel-devel: before 5.14.21-150400.24.119.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.119.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-build: before 5.14.21-150400.24.119.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-devel: before 5.14.21-150400.24.119.1

reiserfs-kmp-default: before 5.14.21-150400.24.119.1

kernel-syms: before 5.14.21-150400.24.119.1

kernel-64kb-debugsource: before 5.14.21-150400.24.119.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel: before 5.14.21-150400.24.119.1

kernel-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default: before 5.14.21-150400.24.119.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

ocfs2-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default: before 5.14.21-150400.24.119.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default-debuginfo: before 1-150400.9.3.1

kernel-default-livepatch: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_26-debugsource: before 1-150400.9.3.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-debugsource: before 5.14.21-150400.24.119.1

kernel-default-base: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-default: before 5.14.21-150400.24.119.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241641-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

29) NULL pointer dereference

EUVDB-ID: #VU89394

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47211

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error within the snd_usb_set_sample_rate_v2v3() function in sound/usb/clock.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-extra: before 5.14.21-150400.24.119.1

dtb-allwinner: before 5.14.21-150400.24.119.1

kernel-64kb-optional: before 5.14.21-150400.24.119.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.119.1

dtb-sprd: before 5.14.21-150400.24.119.1

dtb-qcom: before 5.14.21-150400.24.119.1

dtb-apple: before 5.14.21-150400.24.119.1

dtb-cavium: before 5.14.21-150400.24.119.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.119.1

dtb-exynos: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-amd: before 5.14.21-150400.24.119.1

dtb-broadcom: before 5.14.21-150400.24.119.1

dtb-hisilicon: before 5.14.21-150400.24.119.1

dtb-amlogic: before 5.14.21-150400.24.119.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-xilinx: before 5.14.21-150400.24.119.1

dtb-socionext: before 5.14.21-150400.24.119.1

dtb-lg: before 5.14.21-150400.24.119.1

dtb-altera: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-renesas: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-marvell: before 5.14.21-150400.24.119.1

dtb-arm: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-amazon: before 5.14.21-150400.24.119.1

dtb-mediatek: before 5.14.21-150400.24.119.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-apm: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-freescale: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-rockchip: before 5.14.21-150400.24.119.1

dtb-nvidia: before 5.14.21-150400.24.119.1

dtb-aarch64: before 5.14.21-150400.24.119.1

kernel-kvmsmall: before 5.14.21-150400.24.119.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kselftests-kmp-default: before 5.14.21-150400.24.119.1

kernel-default-optional: before 5.14.21-150400.24.119.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-qa: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-base-rebuild: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel: before 5.14.21-150400.24.119.1

kernel-debug-debugsource: before 5.14.21-150400.24.119.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-debug-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug: before 5.14.21-150400.24.119.1

kernel-docs-html: before 5.14.21-150400.24.119.1

kernel-source-vanilla: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.119.1

kernel-zfcpdump: before 5.14.21-150400.24.119.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-extra: before 5.14.21-150400.24.119.1

kernel-docs: before 5.14.21-150400.24.119.1

kernel-source: before 5.14.21-150400.24.119.1

kernel-macros: before 5.14.21-150400.24.119.1

kernel-devel: before 5.14.21-150400.24.119.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.119.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-build: before 5.14.21-150400.24.119.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-devel: before 5.14.21-150400.24.119.1

reiserfs-kmp-default: before 5.14.21-150400.24.119.1

kernel-syms: before 5.14.21-150400.24.119.1

kernel-64kb-debugsource: before 5.14.21-150400.24.119.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel: before 5.14.21-150400.24.119.1

kernel-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default: before 5.14.21-150400.24.119.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

ocfs2-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default: before 5.14.21-150400.24.119.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default-debuginfo: before 1-150400.9.3.1

kernel-default-livepatch: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_26-debugsource: before 1-150400.9.3.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-debugsource: before 5.14.21-150400.24.119.1

kernel-default-base: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-default: before 5.14.21-150400.24.119.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241641-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

30) Error Handling

EUVDB-ID: #VU89241

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47212

CWE-ID: CWE-388 - Error Handling

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to incorrect error handling within the mlx5_internal_err_ret_value() function in drivers/net/ethernet/mellanox/mlx5/core/cmd.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-extra: before 5.14.21-150400.24.119.1

dtb-allwinner: before 5.14.21-150400.24.119.1

kernel-64kb-optional: before 5.14.21-150400.24.119.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.119.1

dtb-sprd: before 5.14.21-150400.24.119.1

dtb-qcom: before 5.14.21-150400.24.119.1

dtb-apple: before 5.14.21-150400.24.119.1

dtb-cavium: before 5.14.21-150400.24.119.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.119.1

dtb-exynos: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-amd: before 5.14.21-150400.24.119.1

dtb-broadcom: before 5.14.21-150400.24.119.1

dtb-hisilicon: before 5.14.21-150400.24.119.1

dtb-amlogic: before 5.14.21-150400.24.119.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-xilinx: before 5.14.21-150400.24.119.1

dtb-socionext: before 5.14.21-150400.24.119.1

dtb-lg: before 5.14.21-150400.24.119.1

dtb-altera: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-renesas: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-marvell: before 5.14.21-150400.24.119.1

dtb-arm: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-amazon: before 5.14.21-150400.24.119.1

dtb-mediatek: before 5.14.21-150400.24.119.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-apm: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-freescale: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-rockchip: before 5.14.21-150400.24.119.1

dtb-nvidia: before 5.14.21-150400.24.119.1

dtb-aarch64: before 5.14.21-150400.24.119.1

kernel-kvmsmall: before 5.14.21-150400.24.119.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kselftests-kmp-default: before 5.14.21-150400.24.119.1

kernel-default-optional: before 5.14.21-150400.24.119.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-qa: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-base-rebuild: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel: before 5.14.21-150400.24.119.1

kernel-debug-debugsource: before 5.14.21-150400.24.119.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-debug-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug: before 5.14.21-150400.24.119.1

kernel-docs-html: before 5.14.21-150400.24.119.1

kernel-source-vanilla: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.119.1

kernel-zfcpdump: before 5.14.21-150400.24.119.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-extra: before 5.14.21-150400.24.119.1

kernel-docs: before 5.14.21-150400.24.119.1

kernel-source: before 5.14.21-150400.24.119.1

kernel-macros: before 5.14.21-150400.24.119.1

kernel-devel: before 5.14.21-150400.24.119.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.119.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-build: before 5.14.21-150400.24.119.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-devel: before 5.14.21-150400.24.119.1

reiserfs-kmp-default: before 5.14.21-150400.24.119.1

kernel-syms: before 5.14.21-150400.24.119.1

kernel-64kb-debugsource: before 5.14.21-150400.24.119.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel: before 5.14.21-150400.24.119.1

kernel-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default: before 5.14.21-150400.24.119.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

ocfs2-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default: before 5.14.21-150400.24.119.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default-debuginfo: before 1-150400.9.3.1

kernel-default-livepatch: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_26-debugsource: before 1-150400.9.3.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-debugsource: before 5.14.21-150400.24.119.1

kernel-default-base: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-default: before 5.14.21-150400.24.119.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241641-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

31) Buffer overflow

EUVDB-ID: #VU93157

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47215

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the DECLARE_BITMAP(), resync_handle_seq_match(), mlx5e_ktls_add_rx() and mlx5e_ktls_rx_handle_resync_list() functions in drivers/net/ethernet/mellanox/mlx5/core/en_accel/ktls_rx.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-extra: before 5.14.21-150400.24.119.1

dtb-allwinner: before 5.14.21-150400.24.119.1

kernel-64kb-optional: before 5.14.21-150400.24.119.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.119.1

dtb-sprd: before 5.14.21-150400.24.119.1

dtb-qcom: before 5.14.21-150400.24.119.1

dtb-apple: before 5.14.21-150400.24.119.1

dtb-cavium: before 5.14.21-150400.24.119.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.119.1

dtb-exynos: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-amd: before 5.14.21-150400.24.119.1

dtb-broadcom: before 5.14.21-150400.24.119.1

dtb-hisilicon: before 5.14.21-150400.24.119.1

dtb-amlogic: before 5.14.21-150400.24.119.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-xilinx: before 5.14.21-150400.24.119.1

dtb-socionext: before 5.14.21-150400.24.119.1

dtb-lg: before 5.14.21-150400.24.119.1

dtb-altera: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-renesas: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-marvell: before 5.14.21-150400.24.119.1

dtb-arm: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-amazon: before 5.14.21-150400.24.119.1

dtb-mediatek: before 5.14.21-150400.24.119.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-apm: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-freescale: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-rockchip: before 5.14.21-150400.24.119.1

dtb-nvidia: before 5.14.21-150400.24.119.1

dtb-aarch64: before 5.14.21-150400.24.119.1

kernel-kvmsmall: before 5.14.21-150400.24.119.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kselftests-kmp-default: before 5.14.21-150400.24.119.1

kernel-default-optional: before 5.14.21-150400.24.119.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-qa: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-base-rebuild: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel: before 5.14.21-150400.24.119.1

kernel-debug-debugsource: before 5.14.21-150400.24.119.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-debug-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug: before 5.14.21-150400.24.119.1

kernel-docs-html: before 5.14.21-150400.24.119.1

kernel-source-vanilla: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.119.1

kernel-zfcpdump: before 5.14.21-150400.24.119.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-extra: before 5.14.21-150400.24.119.1

kernel-docs: before 5.14.21-150400.24.119.1

kernel-source: before 5.14.21-150400.24.119.1

kernel-macros: before 5.14.21-150400.24.119.1

kernel-devel: before 5.14.21-150400.24.119.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.119.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-build: before 5.14.21-150400.24.119.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-devel: before 5.14.21-150400.24.119.1

reiserfs-kmp-default: before 5.14.21-150400.24.119.1

kernel-syms: before 5.14.21-150400.24.119.1

kernel-64kb-debugsource: before 5.14.21-150400.24.119.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel: before 5.14.21-150400.24.119.1

kernel-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default: before 5.14.21-150400.24.119.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

ocfs2-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default: before 5.14.21-150400.24.119.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default-debuginfo: before 1-150400.9.3.1

kernel-default-livepatch: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_26-debugsource: before 1-150400.9.3.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-debugsource: before 5.14.21-150400.24.119.1

kernel-default-base: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-default: before 5.14.21-150400.24.119.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241641-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

32) Memory leak

EUVDB-ID: #VU91648

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47216

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the asc_prt_adv_board_info() function in drivers/scsi/advansys.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-extra: before 5.14.21-150400.24.119.1

dtb-allwinner: before 5.14.21-150400.24.119.1

kernel-64kb-optional: before 5.14.21-150400.24.119.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.119.1

dtb-sprd: before 5.14.21-150400.24.119.1

dtb-qcom: before 5.14.21-150400.24.119.1

dtb-apple: before 5.14.21-150400.24.119.1

dtb-cavium: before 5.14.21-150400.24.119.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.119.1

dtb-exynos: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-amd: before 5.14.21-150400.24.119.1

dtb-broadcom: before 5.14.21-150400.24.119.1

dtb-hisilicon: before 5.14.21-150400.24.119.1

dtb-amlogic: before 5.14.21-150400.24.119.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-xilinx: before 5.14.21-150400.24.119.1

dtb-socionext: before 5.14.21-150400.24.119.1

dtb-lg: before 5.14.21-150400.24.119.1

dtb-altera: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-renesas: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-marvell: before 5.14.21-150400.24.119.1

dtb-arm: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-amazon: before 5.14.21-150400.24.119.1

dtb-mediatek: before 5.14.21-150400.24.119.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-apm: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-freescale: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-rockchip: before 5.14.21-150400.24.119.1

dtb-nvidia: before 5.14.21-150400.24.119.1

dtb-aarch64: before 5.14.21-150400.24.119.1

kernel-kvmsmall: before 5.14.21-150400.24.119.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kselftests-kmp-default: before 5.14.21-150400.24.119.1

kernel-default-optional: before 5.14.21-150400.24.119.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-qa: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-base-rebuild: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel: before 5.14.21-150400.24.119.1

kernel-debug-debugsource: before 5.14.21-150400.24.119.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-debug-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug: before 5.14.21-150400.24.119.1

kernel-docs-html: before 5.14.21-150400.24.119.1

kernel-source-vanilla: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.119.1

kernel-zfcpdump: before 5.14.21-150400.24.119.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-extra: before 5.14.21-150400.24.119.1

kernel-docs: before 5.14.21-150400.24.119.1

kernel-source: before 5.14.21-150400.24.119.1

kernel-macros: before 5.14.21-150400.24.119.1

kernel-devel: before 5.14.21-150400.24.119.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.119.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-build: before 5.14.21-150400.24.119.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-devel: before 5.14.21-150400.24.119.1

reiserfs-kmp-default: before 5.14.21-150400.24.119.1

kernel-syms: before 5.14.21-150400.24.119.1

kernel-64kb-debugsource: before 5.14.21-150400.24.119.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel: before 5.14.21-150400.24.119.1

kernel-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default: before 5.14.21-150400.24.119.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

ocfs2-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default: before 5.14.21-150400.24.119.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default-debuginfo: before 1-150400.9.3.1

kernel-default-livepatch: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_26-debugsource: before 1-150400.9.3.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-debugsource: before 5.14.21-150400.24.119.1

kernel-default-base: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-default: before 5.14.21-150400.24.119.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241641-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

33) NULL pointer dereference

EUVDB-ID: #VU90584

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47217

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the set_hv_tscchange_cb() function in arch/x86/hyperv/hv_init.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-extra: before 5.14.21-150400.24.119.1

dtb-allwinner: before 5.14.21-150400.24.119.1

kernel-64kb-optional: before 5.14.21-150400.24.119.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.119.1

dtb-sprd: before 5.14.21-150400.24.119.1

dtb-qcom: before 5.14.21-150400.24.119.1

dtb-apple: before 5.14.21-150400.24.119.1

dtb-cavium: before 5.14.21-150400.24.119.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.119.1

dtb-exynos: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-amd: before 5.14.21-150400.24.119.1

dtb-broadcom: before 5.14.21-150400.24.119.1

dtb-hisilicon: before 5.14.21-150400.24.119.1

dtb-amlogic: before 5.14.21-150400.24.119.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-xilinx: before 5.14.21-150400.24.119.1

dtb-socionext: before 5.14.21-150400.24.119.1

dtb-lg: before 5.14.21-150400.24.119.1

dtb-altera: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-renesas: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-marvell: before 5.14.21-150400.24.119.1

dtb-arm: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-amazon: before 5.14.21-150400.24.119.1

dtb-mediatek: before 5.14.21-150400.24.119.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-apm: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-freescale: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-rockchip: before 5.14.21-150400.24.119.1

dtb-nvidia: before 5.14.21-150400.24.119.1

dtb-aarch64: before 5.14.21-150400.24.119.1

kernel-kvmsmall: before 5.14.21-150400.24.119.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kselftests-kmp-default: before 5.14.21-150400.24.119.1

kernel-default-optional: before 5.14.21-150400.24.119.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-qa: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-base-rebuild: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel: before 5.14.21-150400.24.119.1

kernel-debug-debugsource: before 5.14.21-150400.24.119.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-debug-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug: before 5.14.21-150400.24.119.1

kernel-docs-html: before 5.14.21-150400.24.119.1

kernel-source-vanilla: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.119.1

kernel-zfcpdump: before 5.14.21-150400.24.119.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-extra: before 5.14.21-150400.24.119.1

kernel-docs: before 5.14.21-150400.24.119.1

kernel-source: before 5.14.21-150400.24.119.1

kernel-macros: before 5.14.21-150400.24.119.1

kernel-devel: before 5.14.21-150400.24.119.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.119.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-build: before 5.14.21-150400.24.119.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-devel: before 5.14.21-150400.24.119.1

reiserfs-kmp-default: before 5.14.21-150400.24.119.1

kernel-syms: before 5.14.21-150400.24.119.1

kernel-64kb-debugsource: before 5.14.21-150400.24.119.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel: before 5.14.21-150400.24.119.1

kernel-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default: before 5.14.21-150400.24.119.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

ocfs2-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default: before 5.14.21-150400.24.119.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default-debuginfo: before 1-150400.9.3.1

kernel-default-livepatch: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_26-debugsource: before 1-150400.9.3.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-debugsource: before 5.14.21-150400.24.119.1

kernel-default-base: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-default: before 5.14.21-150400.24.119.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241641-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

34) NULL pointer dereference

EUVDB-ID: #VU90585

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47218

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the hashtab_compute_size() function in security/selinux/ss/hashtab.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-extra: before 5.14.21-150400.24.119.1

dtb-allwinner: before 5.14.21-150400.24.119.1

kernel-64kb-optional: before 5.14.21-150400.24.119.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.119.1

dtb-sprd: before 5.14.21-150400.24.119.1

dtb-qcom: before 5.14.21-150400.24.119.1

dtb-apple: before 5.14.21-150400.24.119.1

dtb-cavium: before 5.14.21-150400.24.119.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.119.1

dtb-exynos: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-amd: before 5.14.21-150400.24.119.1

dtb-broadcom: before 5.14.21-150400.24.119.1

dtb-hisilicon: before 5.14.21-150400.24.119.1

dtb-amlogic: before 5.14.21-150400.24.119.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-xilinx: before 5.14.21-150400.24.119.1

dtb-socionext: before 5.14.21-150400.24.119.1

dtb-lg: before 5.14.21-150400.24.119.1

dtb-altera: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-renesas: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-marvell: before 5.14.21-150400.24.119.1

dtb-arm: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-amazon: before 5.14.21-150400.24.119.1

dtb-mediatek: before 5.14.21-150400.24.119.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-apm: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-freescale: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-rockchip: before 5.14.21-150400.24.119.1

dtb-nvidia: before 5.14.21-150400.24.119.1

dtb-aarch64: before 5.14.21-150400.24.119.1

kernel-kvmsmall: before 5.14.21-150400.24.119.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kselftests-kmp-default: before 5.14.21-150400.24.119.1

kernel-default-optional: before 5.14.21-150400.24.119.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-qa: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-base-rebuild: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel: before 5.14.21-150400.24.119.1

kernel-debug-debugsource: before 5.14.21-150400.24.119.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-debug-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug: before 5.14.21-150400.24.119.1

kernel-docs-html: before 5.14.21-150400.24.119.1

kernel-source-vanilla: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.119.1

kernel-zfcpdump: before 5.14.21-150400.24.119.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-extra: before 5.14.21-150400.24.119.1

kernel-docs: before 5.14.21-150400.24.119.1

kernel-source: before 5.14.21-150400.24.119.1

kernel-macros: before 5.14.21-150400.24.119.1

kernel-devel: before 5.14.21-150400.24.119.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.119.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-build: before 5.14.21-150400.24.119.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-devel: before 5.14.21-150400.24.119.1

reiserfs-kmp-default: before 5.14.21-150400.24.119.1

kernel-syms: before 5.14.21-150400.24.119.1

kernel-64kb-debugsource: before 5.14.21-150400.24.119.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel: before 5.14.21-150400.24.119.1

kernel-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default: before 5.14.21-150400.24.119.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

ocfs2-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default: before 5.14.21-150400.24.119.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default-debuginfo: before 1-150400.9.3.1

kernel-default-livepatch: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_26-debugsource: before 1-150400.9.3.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-debugsource: before 5.14.21-150400.24.119.1

kernel-default-base: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-default: before 5.14.21-150400.24.119.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241641-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

35) Out-of-bounds read

EUVDB-ID: #VU90324

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47219

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the resp_report_tgtpgs() function in drivers/scsi/scsi_debug.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-extra: before 5.14.21-150400.24.119.1

dtb-allwinner: before 5.14.21-150400.24.119.1

kernel-64kb-optional: before 5.14.21-150400.24.119.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.119.1

dtb-sprd: before 5.14.21-150400.24.119.1

dtb-qcom: before 5.14.21-150400.24.119.1

dtb-apple: before 5.14.21-150400.24.119.1

dtb-cavium: before 5.14.21-150400.24.119.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.119.1

dtb-exynos: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-amd: before 5.14.21-150400.24.119.1

dtb-broadcom: before 5.14.21-150400.24.119.1

dtb-hisilicon: before 5.14.21-150400.24.119.1

dtb-amlogic: before 5.14.21-150400.24.119.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-xilinx: before 5.14.21-150400.24.119.1

dtb-socionext: before 5.14.21-150400.24.119.1

dtb-lg: before 5.14.21-150400.24.119.1

dtb-altera: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-renesas: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-marvell: before 5.14.21-150400.24.119.1

dtb-arm: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-amazon: before 5.14.21-150400.24.119.1

dtb-mediatek: before 5.14.21-150400.24.119.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-apm: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-freescale: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-rockchip: before 5.14.21-150400.24.119.1

dtb-nvidia: before 5.14.21-150400.24.119.1

dtb-aarch64: before 5.14.21-150400.24.119.1

kernel-kvmsmall: before 5.14.21-150400.24.119.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kselftests-kmp-default: before 5.14.21-150400.24.119.1

kernel-default-optional: before 5.14.21-150400.24.119.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-qa: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-base-rebuild: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel: before 5.14.21-150400.24.119.1

kernel-debug-debugsource: before 5.14.21-150400.24.119.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-debug-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug: before 5.14.21-150400.24.119.1

kernel-docs-html: before 5.14.21-150400.24.119.1

kernel-source-vanilla: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.119.1

kernel-zfcpdump: before 5.14.21-150400.24.119.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-extra: before 5.14.21-150400.24.119.1

kernel-docs: before 5.14.21-150400.24.119.1

kernel-source: before 5.14.21-150400.24.119.1

kernel-macros: before 5.14.21-150400.24.119.1

kernel-devel: before 5.14.21-150400.24.119.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.119.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-build: before 5.14.21-150400.24.119.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-devel: before 5.14.21-150400.24.119.1

reiserfs-kmp-default: before 5.14.21-150400.24.119.1

kernel-syms: before 5.14.21-150400.24.119.1

kernel-64kb-debugsource: before 5.14.21-150400.24.119.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel: before 5.14.21-150400.24.119.1

kernel-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default: before 5.14.21-150400.24.119.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

ocfs2-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default: before 5.14.21-150400.24.119.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default-debuginfo: before 1-150400.9.3.1

kernel-default-livepatch: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_26-debugsource: before 1-150400.9.3.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-debugsource: before 5.14.21-150400.24.119.1

kernel-default-base: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-default: before 5.14.21-150400.24.119.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241641-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

36) Improper locking

EUVDB-ID: #VU92033

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-48631

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the __ext4_ext_check() function in fs/ext4/extents.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-extra: before 5.14.21-150400.24.119.1

dtb-allwinner: before 5.14.21-150400.24.119.1

kernel-64kb-optional: before 5.14.21-150400.24.119.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.119.1

dtb-sprd: before 5.14.21-150400.24.119.1

dtb-qcom: before 5.14.21-150400.24.119.1

dtb-apple: before 5.14.21-150400.24.119.1

dtb-cavium: before 5.14.21-150400.24.119.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.119.1

dtb-exynos: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-amd: before 5.14.21-150400.24.119.1

dtb-broadcom: before 5.14.21-150400.24.119.1

dtb-hisilicon: before 5.14.21-150400.24.119.1

dtb-amlogic: before 5.14.21-150400.24.119.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-xilinx: before 5.14.21-150400.24.119.1

dtb-socionext: before 5.14.21-150400.24.119.1

dtb-lg: before 5.14.21-150400.24.119.1

dtb-altera: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-renesas: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-marvell: before 5.14.21-150400.24.119.1

dtb-arm: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-amazon: before 5.14.21-150400.24.119.1

dtb-mediatek: before 5.14.21-150400.24.119.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-apm: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-freescale: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-rockchip: before 5.14.21-150400.24.119.1

dtb-nvidia: before 5.14.21-150400.24.119.1

dtb-aarch64: before 5.14.21-150400.24.119.1

kernel-kvmsmall: before 5.14.21-150400.24.119.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kselftests-kmp-default: before 5.14.21-150400.24.119.1

kernel-default-optional: before 5.14.21-150400.24.119.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-qa: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-base-rebuild: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel: before 5.14.21-150400.24.119.1

kernel-debug-debugsource: before 5.14.21-150400.24.119.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-debug-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug: before 5.14.21-150400.24.119.1

kernel-docs-html: before 5.14.21-150400.24.119.1

kernel-source-vanilla: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.119.1

kernel-zfcpdump: before 5.14.21-150400.24.119.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-extra: before 5.14.21-150400.24.119.1

kernel-docs: before 5.14.21-150400.24.119.1

kernel-source: before 5.14.21-150400.24.119.1

kernel-macros: before 5.14.21-150400.24.119.1

kernel-devel: before 5.14.21-150400.24.119.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.119.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-build: before 5.14.21-150400.24.119.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-devel: before 5.14.21-150400.24.119.1

reiserfs-kmp-default: before 5.14.21-150400.24.119.1

kernel-syms: before 5.14.21-150400.24.119.1

kernel-64kb-debugsource: before 5.14.21-150400.24.119.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel: before 5.14.21-150400.24.119.1

kernel-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default: before 5.14.21-150400.24.119.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

ocfs2-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default: before 5.14.21-150400.24.119.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default-debuginfo: before 1-150400.9.3.1

kernel-default-livepatch: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_26-debugsource: before 1-150400.9.3.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-debugsource: before 5.14.21-150400.24.119.1

kernel-default-base: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-default: before 5.14.21-150400.24.119.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241641-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

37) Use-after-free

EUVDB-ID: #VU90189

Risk: Low

CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-48637

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the bnxt_tx_int() function in drivers/net/ethernet/broadcom/bnxt/bnxt.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-extra: before 5.14.21-150400.24.119.1

dtb-allwinner: before 5.14.21-150400.24.119.1

kernel-64kb-optional: before 5.14.21-150400.24.119.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.119.1

dtb-sprd: before 5.14.21-150400.24.119.1

dtb-qcom: before 5.14.21-150400.24.119.1

dtb-apple: before 5.14.21-150400.24.119.1

dtb-cavium: before 5.14.21-150400.24.119.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.119.1

dtb-exynos: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-amd: before 5.14.21-150400.24.119.1

dtb-broadcom: before 5.14.21-150400.24.119.1

dtb-hisilicon: before 5.14.21-150400.24.119.1

dtb-amlogic: before 5.14.21-150400.24.119.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-xilinx: before 5.14.21-150400.24.119.1

dtb-socionext: before 5.14.21-150400.24.119.1

dtb-lg: before 5.14.21-150400.24.119.1

dtb-altera: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-renesas: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-marvell: before 5.14.21-150400.24.119.1

dtb-arm: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-amazon: before 5.14.21-150400.24.119.1

dtb-mediatek: before 5.14.21-150400.24.119.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-apm: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-freescale: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-rockchip: before 5.14.21-150400.24.119.1

dtb-nvidia: before 5.14.21-150400.24.119.1

dtb-aarch64: before 5.14.21-150400.24.119.1

kernel-kvmsmall: before 5.14.21-150400.24.119.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kselftests-kmp-default: before 5.14.21-150400.24.119.1

kernel-default-optional: before 5.14.21-150400.24.119.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-qa: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-base-rebuild: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel: before 5.14.21-150400.24.119.1

kernel-debug-debugsource: before 5.14.21-150400.24.119.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-debug-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug: before 5.14.21-150400.24.119.1

kernel-docs-html: before 5.14.21-150400.24.119.1

kernel-source-vanilla: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.119.1

kernel-zfcpdump: before 5.14.21-150400.24.119.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-extra: before 5.14.21-150400.24.119.1

kernel-docs: before 5.14.21-150400.24.119.1

kernel-source: before 5.14.21-150400.24.119.1

kernel-macros: before 5.14.21-150400.24.119.1

kernel-devel: before 5.14.21-150400.24.119.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.119.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-build: before 5.14.21-150400.24.119.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-devel: before 5.14.21-150400.24.119.1

reiserfs-kmp-default: before 5.14.21-150400.24.119.1

kernel-syms: before 5.14.21-150400.24.119.1

kernel-64kb-debugsource: before 5.14.21-150400.24.119.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel: before 5.14.21-150400.24.119.1

kernel-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default: before 5.14.21-150400.24.119.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

ocfs2-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default: before 5.14.21-150400.24.119.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default-debuginfo: before 1-150400.9.3.1

kernel-default-livepatch: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_26-debugsource: before 1-150400.9.3.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-debugsource: before 5.14.21-150400.24.119.1

kernel-default-base: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-default: before 5.14.21-150400.24.119.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241641-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

38) Input validation error

EUVDB-ID: #VU93687

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-48638

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the cgroup_get_from_id() function in kernel/cgroup/cgroup.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-extra: before 5.14.21-150400.24.119.1

dtb-allwinner: before 5.14.21-150400.24.119.1

kernel-64kb-optional: before 5.14.21-150400.24.119.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.119.1

dtb-sprd: before 5.14.21-150400.24.119.1

dtb-qcom: before 5.14.21-150400.24.119.1

dtb-apple: before 5.14.21-150400.24.119.1

dtb-cavium: before 5.14.21-150400.24.119.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.119.1

dtb-exynos: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-amd: before 5.14.21-150400.24.119.1

dtb-broadcom: before 5.14.21-150400.24.119.1

dtb-hisilicon: before 5.14.21-150400.24.119.1

dtb-amlogic: before 5.14.21-150400.24.119.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-xilinx: before 5.14.21-150400.24.119.1

dtb-socionext: before 5.14.21-150400.24.119.1

dtb-lg: before 5.14.21-150400.24.119.1

dtb-altera: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-renesas: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-marvell: before 5.14.21-150400.24.119.1

dtb-arm: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-amazon: before 5.14.21-150400.24.119.1

dtb-mediatek: before 5.14.21-150400.24.119.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-apm: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-freescale: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-rockchip: before 5.14.21-150400.24.119.1

dtb-nvidia: before 5.14.21-150400.24.119.1

dtb-aarch64: before 5.14.21-150400.24.119.1

kernel-kvmsmall: before 5.14.21-150400.24.119.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kselftests-kmp-default: before 5.14.21-150400.24.119.1

kernel-default-optional: before 5.14.21-150400.24.119.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-qa: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-base-rebuild: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel: before 5.14.21-150400.24.119.1

kernel-debug-debugsource: before 5.14.21-150400.24.119.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-debug-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug: before 5.14.21-150400.24.119.1

kernel-docs-html: before 5.14.21-150400.24.119.1

kernel-source-vanilla: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.119.1

kernel-zfcpdump: before 5.14.21-150400.24.119.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-extra: before 5.14.21-150400.24.119.1

kernel-docs: before 5.14.21-150400.24.119.1

kernel-source: before 5.14.21-150400.24.119.1

kernel-macros: before 5.14.21-150400.24.119.1

kernel-devel: before 5.14.21-150400.24.119.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.119.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-build: before 5.14.21-150400.24.119.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-devel: before 5.14.21-150400.24.119.1

reiserfs-kmp-default: before 5.14.21-150400.24.119.1

kernel-syms: before 5.14.21-150400.24.119.1

kernel-64kb-debugsource: before 5.14.21-150400.24.119.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel: before 5.14.21-150400.24.119.1

kernel-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default: before 5.14.21-150400.24.119.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

ocfs2-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default: before 5.14.21-150400.24.119.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default-debuginfo: before 1-150400.9.3.1

kernel-default-livepatch: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_26-debugsource: before 1-150400.9.3.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-debugsource: before 5.14.21-150400.24.119.1

kernel-default-base: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-default: before 5.14.21-150400.24.119.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241641-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

39) NULL pointer dereference

EUVDB-ID: #VU90564

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-48647

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the efx_probe_interrupts() function in drivers/net/ethernet/sfc/efx_channels.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-extra: before 5.14.21-150400.24.119.1

dtb-allwinner: before 5.14.21-150400.24.119.1

kernel-64kb-optional: before 5.14.21-150400.24.119.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.119.1

dtb-sprd: before 5.14.21-150400.24.119.1

dtb-qcom: before 5.14.21-150400.24.119.1

dtb-apple: before 5.14.21-150400.24.119.1

dtb-cavium: before 5.14.21-150400.24.119.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.119.1

dtb-exynos: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-amd: before 5.14.21-150400.24.119.1

dtb-broadcom: before 5.14.21-150400.24.119.1

dtb-hisilicon: before 5.14.21-150400.24.119.1

dtb-amlogic: before 5.14.21-150400.24.119.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-xilinx: before 5.14.21-150400.24.119.1

dtb-socionext: before 5.14.21-150400.24.119.1

dtb-lg: before 5.14.21-150400.24.119.1

dtb-altera: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-renesas: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-marvell: before 5.14.21-150400.24.119.1

dtb-arm: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-amazon: before 5.14.21-150400.24.119.1

dtb-mediatek: before 5.14.21-150400.24.119.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-apm: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-freescale: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-rockchip: before 5.14.21-150400.24.119.1

dtb-nvidia: before 5.14.21-150400.24.119.1

dtb-aarch64: before 5.14.21-150400.24.119.1

kernel-kvmsmall: before 5.14.21-150400.24.119.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kselftests-kmp-default: before 5.14.21-150400.24.119.1

kernel-default-optional: before 5.14.21-150400.24.119.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-qa: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-base-rebuild: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel: before 5.14.21-150400.24.119.1

kernel-debug-debugsource: before 5.14.21-150400.24.119.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-debug-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug: before 5.14.21-150400.24.119.1

kernel-docs-html: before 5.14.21-150400.24.119.1

kernel-source-vanilla: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.119.1

kernel-zfcpdump: before 5.14.21-150400.24.119.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-extra: before 5.14.21-150400.24.119.1

kernel-docs: before 5.14.21-150400.24.119.1

kernel-source: before 5.14.21-150400.24.119.1

kernel-macros: before 5.14.21-150400.24.119.1

kernel-devel: before 5.14.21-150400.24.119.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.119.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-build: before 5.14.21-150400.24.119.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-devel: before 5.14.21-150400.24.119.1

reiserfs-kmp-default: before 5.14.21-150400.24.119.1

kernel-syms: before 5.14.21-150400.24.119.1

kernel-64kb-debugsource: before 5.14.21-150400.24.119.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel: before 5.14.21-150400.24.119.1

kernel-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default: before 5.14.21-150400.24.119.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

ocfs2-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default: before 5.14.21-150400.24.119.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default-debuginfo: before 1-150400.9.3.1

kernel-default-livepatch: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_26-debugsource: before 1-150400.9.3.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-debugsource: before 5.14.21-150400.24.119.1

kernel-default-base: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-default: before 5.14.21-150400.24.119.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241641-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

40) NULL pointer dereference

EUVDB-ID: #VU90566

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-48648

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the efx_hard_start_xmit() function in drivers/net/ethernet/sfc/tx.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-extra: before 5.14.21-150400.24.119.1

dtb-allwinner: before 5.14.21-150400.24.119.1

kernel-64kb-optional: before 5.14.21-150400.24.119.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.119.1

dtb-sprd: before 5.14.21-150400.24.119.1

dtb-qcom: before 5.14.21-150400.24.119.1

dtb-apple: before 5.14.21-150400.24.119.1

dtb-cavium: before 5.14.21-150400.24.119.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.119.1

dtb-exynos: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-amd: before 5.14.21-150400.24.119.1

dtb-broadcom: before 5.14.21-150400.24.119.1

dtb-hisilicon: before 5.14.21-150400.24.119.1

dtb-amlogic: before 5.14.21-150400.24.119.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-xilinx: before 5.14.21-150400.24.119.1

dtb-socionext: before 5.14.21-150400.24.119.1

dtb-lg: before 5.14.21-150400.24.119.1

dtb-altera: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-renesas: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-marvell: before 5.14.21-150400.24.119.1

dtb-arm: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-amazon: before 5.14.21-150400.24.119.1

dtb-mediatek: before 5.14.21-150400.24.119.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-apm: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-freescale: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-rockchip: before 5.14.21-150400.24.119.1

dtb-nvidia: before 5.14.21-150400.24.119.1

dtb-aarch64: before 5.14.21-150400.24.119.1

kernel-kvmsmall: before 5.14.21-150400.24.119.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kselftests-kmp-default: before 5.14.21-150400.24.119.1

kernel-default-optional: before 5.14.21-150400.24.119.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-qa: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-base-rebuild: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel: before 5.14.21-150400.24.119.1

kernel-debug-debugsource: before 5.14.21-150400.24.119.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-debug-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug: before 5.14.21-150400.24.119.1

kernel-docs-html: before 5.14.21-150400.24.119.1

kernel-source-vanilla: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.119.1

kernel-zfcpdump: before 5.14.21-150400.24.119.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-extra: before 5.14.21-150400.24.119.1

kernel-docs: before 5.14.21-150400.24.119.1

kernel-source: before 5.14.21-150400.24.119.1

kernel-macros: before 5.14.21-150400.24.119.1

kernel-devel: before 5.14.21-150400.24.119.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.119.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-build: before 5.14.21-150400.24.119.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-devel: before 5.14.21-150400.24.119.1

reiserfs-kmp-default: before 5.14.21-150400.24.119.1

kernel-syms: before 5.14.21-150400.24.119.1

kernel-64kb-debugsource: before 5.14.21-150400.24.119.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel: before 5.14.21-150400.24.119.1

kernel-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default: before 5.14.21-150400.24.119.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

ocfs2-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default: before 5.14.21-150400.24.119.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default-debuginfo: before 1-150400.9.3.1

kernel-default-livepatch: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_26-debugsource: before 1-150400.9.3.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-debugsource: before 5.14.21-150400.24.119.1

kernel-default-base: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-default: before 5.14.21-150400.24.119.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241641-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

41) Memory leak

EUVDB-ID: #VU89997

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-48650

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the __qlt_24xx_handle_abts() function in drivers/scsi/qla2xxx/qla_target.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-extra: before 5.14.21-150400.24.119.1

dtb-allwinner: before 5.14.21-150400.24.119.1

kernel-64kb-optional: before 5.14.21-150400.24.119.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.119.1

dtb-sprd: before 5.14.21-150400.24.119.1

dtb-qcom: before 5.14.21-150400.24.119.1

dtb-apple: before 5.14.21-150400.24.119.1

dtb-cavium: before 5.14.21-150400.24.119.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.119.1

dtb-exynos: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-amd: before 5.14.21-150400.24.119.1

dtb-broadcom: before 5.14.21-150400.24.119.1

dtb-hisilicon: before 5.14.21-150400.24.119.1

dtb-amlogic: before 5.14.21-150400.24.119.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-xilinx: before 5.14.21-150400.24.119.1

dtb-socionext: before 5.14.21-150400.24.119.1

dtb-lg: before 5.14.21-150400.24.119.1

dtb-altera: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-renesas: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-marvell: before 5.14.21-150400.24.119.1

dtb-arm: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-amazon: before 5.14.21-150400.24.119.1

dtb-mediatek: before 5.14.21-150400.24.119.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-apm: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-freescale: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-rockchip: before 5.14.21-150400.24.119.1

dtb-nvidia: before 5.14.21-150400.24.119.1

dtb-aarch64: before 5.14.21-150400.24.119.1

kernel-kvmsmall: before 5.14.21-150400.24.119.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kselftests-kmp-default: before 5.14.21-150400.24.119.1

kernel-default-optional: before 5.14.21-150400.24.119.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-qa: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-base-rebuild: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel: before 5.14.21-150400.24.119.1

kernel-debug-debugsource: before 5.14.21-150400.24.119.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-debug-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug: before 5.14.21-150400.24.119.1

kernel-docs-html: before 5.14.21-150400.24.119.1

kernel-source-vanilla: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.119.1

kernel-zfcpdump: before 5.14.21-150400.24.119.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-extra: before 5.14.21-150400.24.119.1

kernel-docs: before 5.14.21-150400.24.119.1

kernel-source: before 5.14.21-150400.24.119.1

kernel-macros: before 5.14.21-150400.24.119.1

kernel-devel: before 5.14.21-150400.24.119.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.119.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-build: before 5.14.21-150400.24.119.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-devel: before 5.14.21-150400.24.119.1

reiserfs-kmp-default: before 5.14.21-150400.24.119.1

kernel-syms: before 5.14.21-150400.24.119.1

kernel-64kb-debugsource: before 5.14.21-150400.24.119.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel: before 5.14.21-150400.24.119.1

kernel-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default: before 5.14.21-150400.24.119.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

ocfs2-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default: before 5.14.21-150400.24.119.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default-debuginfo: before 1-150400.9.3.1

kernel-default-livepatch: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_26-debugsource: before 1-150400.9.3.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-debugsource: before 5.14.21-150400.24.119.1

kernel-default-base: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-default: before 5.14.21-150400.24.119.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241641-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

42) Out-of-bounds read

EUVDB-ID: #VU89680

Risk: Medium

CVSSv3.1: 4.7 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-48651

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition in drivers/net/ipvlan/ipvlan_core.c. A remote attacker on the local network can send specially crafted packets to the system, trigger an out-of-bounds read error and read contents of memory on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-extra: before 5.14.21-150400.24.119.1

dtb-allwinner: before 5.14.21-150400.24.119.1

kernel-64kb-optional: before 5.14.21-150400.24.119.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.119.1

dtb-sprd: before 5.14.21-150400.24.119.1

dtb-qcom: before 5.14.21-150400.24.119.1

dtb-apple: before 5.14.21-150400.24.119.1

dtb-cavium: before 5.14.21-150400.24.119.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.119.1

dtb-exynos: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-amd: before 5.14.21-150400.24.119.1

dtb-broadcom: before 5.14.21-150400.24.119.1

dtb-hisilicon: before 5.14.21-150400.24.119.1

dtb-amlogic: before 5.14.21-150400.24.119.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-xilinx: before 5.14.21-150400.24.119.1

dtb-socionext: before 5.14.21-150400.24.119.1

dtb-lg: before 5.14.21-150400.24.119.1

dtb-altera: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-renesas: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-marvell: before 5.14.21-150400.24.119.1

dtb-arm: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-amazon: before 5.14.21-150400.24.119.1

dtb-mediatek: before 5.14.21-150400.24.119.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-apm: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-freescale: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-rockchip: before 5.14.21-150400.24.119.1

dtb-nvidia: before 5.14.21-150400.24.119.1

dtb-aarch64: before 5.14.21-150400.24.119.1

kernel-kvmsmall: before 5.14.21-150400.24.119.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kselftests-kmp-default: before 5.14.21-150400.24.119.1

kernel-default-optional: before 5.14.21-150400.24.119.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-qa: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-base-rebuild: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel: before 5.14.21-150400.24.119.1

kernel-debug-debugsource: before 5.14.21-150400.24.119.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-debug-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug: before 5.14.21-150400.24.119.1

kernel-docs-html: before 5.14.21-150400.24.119.1

kernel-source-vanilla: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.119.1

kernel-zfcpdump: before 5.14.21-150400.24.119.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-extra: before 5.14.21-150400.24.119.1

kernel-docs: before 5.14.21-150400.24.119.1

kernel-source: before 5.14.21-150400.24.119.1

kernel-macros: before 5.14.21-150400.24.119.1

kernel-devel: before 5.14.21-150400.24.119.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.119.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-build: before 5.14.21-150400.24.119.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-devel: before 5.14.21-150400.24.119.1

reiserfs-kmp-default: before 5.14.21-150400.24.119.1

kernel-syms: before 5.14.21-150400.24.119.1

kernel-64kb-debugsource: before 5.14.21-150400.24.119.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel: before 5.14.21-150400.24.119.1

kernel-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default: before 5.14.21-150400.24.119.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

ocfs2-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default: before 5.14.21-150400.24.119.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default-debuginfo: before 1-150400.9.3.1

kernel-default-livepatch: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_26-debugsource: before 1-150400.9.3.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-debugsource: before 5.14.21-150400.24.119.1

kernel-default-base: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-default: before 5.14.21-150400.24.119.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241641-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

43) Improper locking

EUVDB-ID: #VU92032

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-48653

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the ice_schedule_reset() function in drivers/net/ethernet/intel/ice/ice_main.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-extra: before 5.14.21-150400.24.119.1

dtb-allwinner: before 5.14.21-150400.24.119.1

kernel-64kb-optional: before 5.14.21-150400.24.119.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.119.1

dtb-sprd: before 5.14.21-150400.24.119.1

dtb-qcom: before 5.14.21-150400.24.119.1

dtb-apple: before 5.14.21-150400.24.119.1

dtb-cavium: before 5.14.21-150400.24.119.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.119.1

dtb-exynos: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-amd: before 5.14.21-150400.24.119.1

dtb-broadcom: before 5.14.21-150400.24.119.1

dtb-hisilicon: before 5.14.21-150400.24.119.1

dtb-amlogic: before 5.14.21-150400.24.119.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-xilinx: before 5.14.21-150400.24.119.1

dtb-socionext: before 5.14.21-150400.24.119.1

dtb-lg: before 5.14.21-150400.24.119.1

dtb-altera: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-renesas: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-marvell: before 5.14.21-150400.24.119.1

dtb-arm: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-amazon: before 5.14.21-150400.24.119.1

dtb-mediatek: before 5.14.21-150400.24.119.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-apm: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-freescale: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-rockchip: before 5.14.21-150400.24.119.1

dtb-nvidia: before 5.14.21-150400.24.119.1

dtb-aarch64: before 5.14.21-150400.24.119.1

kernel-kvmsmall: before 5.14.21-150400.24.119.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kselftests-kmp-default: before 5.14.21-150400.24.119.1

kernel-default-optional: before 5.14.21-150400.24.119.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-qa: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-base-rebuild: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel: before 5.14.21-150400.24.119.1

kernel-debug-debugsource: before 5.14.21-150400.24.119.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-debug-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug: before 5.14.21-150400.24.119.1

kernel-docs-html: before 5.14.21-150400.24.119.1

kernel-source-vanilla: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.119.1

kernel-zfcpdump: before 5.14.21-150400.24.119.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-extra: before 5.14.21-150400.24.119.1

kernel-docs: before 5.14.21-150400.24.119.1

kernel-source: before 5.14.21-150400.24.119.1

kernel-macros: before 5.14.21-150400.24.119.1

kernel-devel: before 5.14.21-150400.24.119.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.119.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-build: before 5.14.21-150400.24.119.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-devel: before 5.14.21-150400.24.119.1

reiserfs-kmp-default: before 5.14.21-150400.24.119.1

kernel-syms: before 5.14.21-150400.24.119.1

kernel-64kb-debugsource: before 5.14.21-150400.24.119.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel: before 5.14.21-150400.24.119.1

kernel-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default: before 5.14.21-150400.24.119.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

ocfs2-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default: before 5.14.21-150400.24.119.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default-debuginfo: before 1-150400.9.3.1

kernel-default-livepatch: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_26-debugsource: before 1-150400.9.3.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-debugsource: before 5.14.21-150400.24.119.1

kernel-default-base: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-default: before 5.14.21-150400.24.119.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241641-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

44) Memory leak

EUVDB-ID: #VU91645

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-48654

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to memory leak within the nf_osf_find() function in net/netfilter/nfnetlink_osf.c. A local user can gain access to sensitive information.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-extra: before 5.14.21-150400.24.119.1

dtb-allwinner: before 5.14.21-150400.24.119.1

kernel-64kb-optional: before 5.14.21-150400.24.119.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.119.1

dtb-sprd: before 5.14.21-150400.24.119.1

dtb-qcom: before 5.14.21-150400.24.119.1

dtb-apple: before 5.14.21-150400.24.119.1

dtb-cavium: before 5.14.21-150400.24.119.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.119.1

dtb-exynos: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-amd: before 5.14.21-150400.24.119.1

dtb-broadcom: before 5.14.21-150400.24.119.1

dtb-hisilicon: before 5.14.21-150400.24.119.1

dtb-amlogic: before 5.14.21-150400.24.119.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-xilinx: before 5.14.21-150400.24.119.1

dtb-socionext: before 5.14.21-150400.24.119.1

dtb-lg: before 5.14.21-150400.24.119.1

dtb-altera: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-renesas: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-marvell: before 5.14.21-150400.24.119.1

dtb-arm: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-amazon: before 5.14.21-150400.24.119.1

dtb-mediatek: before 5.14.21-150400.24.119.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-apm: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-freescale: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-rockchip: before 5.14.21-150400.24.119.1

dtb-nvidia: before 5.14.21-150400.24.119.1

dtb-aarch64: before 5.14.21-150400.24.119.1

kernel-kvmsmall: before 5.14.21-150400.24.119.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kselftests-kmp-default: before 5.14.21-150400.24.119.1

kernel-default-optional: before 5.14.21-150400.24.119.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-qa: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-base-rebuild: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel: before 5.14.21-150400.24.119.1

kernel-debug-debugsource: before 5.14.21-150400.24.119.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-debug-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug: before 5.14.21-150400.24.119.1

kernel-docs-html: before 5.14.21-150400.24.119.1

kernel-source-vanilla: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.119.1

kernel-zfcpdump: before 5.14.21-150400.24.119.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-extra: before 5.14.21-150400.24.119.1

kernel-docs: before 5.14.21-150400.24.119.1

kernel-source: before 5.14.21-150400.24.119.1

kernel-macros: before 5.14.21-150400.24.119.1

kernel-devel: before 5.14.21-150400.24.119.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.119.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-build: before 5.14.21-150400.24.119.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-devel: before 5.14.21-150400.24.119.1

reiserfs-kmp-default: before 5.14.21-150400.24.119.1

kernel-syms: before 5.14.21-150400.24.119.1

kernel-64kb-debugsource: before 5.14.21-150400.24.119.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel: before 5.14.21-150400.24.119.1

kernel-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default: before 5.14.21-150400.24.119.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

ocfs2-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default: before 5.14.21-150400.24.119.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default-debuginfo: before 1-150400.9.3.1

kernel-default-livepatch: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_26-debugsource: before 1-150400.9.3.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-debugsource: before 5.14.21-150400.24.119.1

kernel-default-base: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-default: before 5.14.21-150400.24.119.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241641-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

45) Out-of-bounds read

EUVDB-ID: #VU91400

Risk: Low

CVSSv3.1: 6.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-48655

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to execute arbitrary code.

The vulnerability exists due to an out-of-bounds read error within the scmi_domain_reset() function in drivers/firmware/arm_scmi/reset.c. A local user can execute arbitrary code.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-extra: before 5.14.21-150400.24.119.1

dtb-allwinner: before 5.14.21-150400.24.119.1

kernel-64kb-optional: before 5.14.21-150400.24.119.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.119.1

dtb-sprd: before 5.14.21-150400.24.119.1

dtb-qcom: before 5.14.21-150400.24.119.1

dtb-apple: before 5.14.21-150400.24.119.1

dtb-cavium: before 5.14.21-150400.24.119.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.119.1

dtb-exynos: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-amd: before 5.14.21-150400.24.119.1

dtb-broadcom: before 5.14.21-150400.24.119.1

dtb-hisilicon: before 5.14.21-150400.24.119.1

dtb-amlogic: before 5.14.21-150400.24.119.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-xilinx: before 5.14.21-150400.24.119.1

dtb-socionext: before 5.14.21-150400.24.119.1

dtb-lg: before 5.14.21-150400.24.119.1

dtb-altera: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-renesas: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-marvell: before 5.14.21-150400.24.119.1

dtb-arm: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-amazon: before 5.14.21-150400.24.119.1

dtb-mediatek: before 5.14.21-150400.24.119.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-apm: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-freescale: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-rockchip: before 5.14.21-150400.24.119.1

dtb-nvidia: before 5.14.21-150400.24.119.1

dtb-aarch64: before 5.14.21-150400.24.119.1

kernel-kvmsmall: before 5.14.21-150400.24.119.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kselftests-kmp-default: before 5.14.21-150400.24.119.1

kernel-default-optional: before 5.14.21-150400.24.119.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-qa: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-base-rebuild: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel: before 5.14.21-150400.24.119.1

kernel-debug-debugsource: before 5.14.21-150400.24.119.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-debug-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug: before 5.14.21-150400.24.119.1

kernel-docs-html: before 5.14.21-150400.24.119.1

kernel-source-vanilla: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.119.1

kernel-zfcpdump: before 5.14.21-150400.24.119.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-extra: before 5.14.21-150400.24.119.1

kernel-docs: before 5.14.21-150400.24.119.1

kernel-source: before 5.14.21-150400.24.119.1

kernel-macros: before 5.14.21-150400.24.119.1

kernel-devel: before 5.14.21-150400.24.119.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.119.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-build: before 5.14.21-150400.24.119.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-devel: before 5.14.21-150400.24.119.1

reiserfs-kmp-default: before 5.14.21-150400.24.119.1

kernel-syms: before 5.14.21-150400.24.119.1

kernel-64kb-debugsource: before 5.14.21-150400.24.119.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel: before 5.14.21-150400.24.119.1

kernel-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default: before 5.14.21-150400.24.119.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

ocfs2-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default: before 5.14.21-150400.24.119.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default-debuginfo: before 1-150400.9.3.1

kernel-default-livepatch: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_26-debugsource: before 1-150400.9.3.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-debugsource: before 5.14.21-150400.24.119.1

kernel-default-base: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-default: before 5.14.21-150400.24.119.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241641-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

46) Information disclosure

EUVDB-ID: #VU91362

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-48656

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to information disclosure within the of_xudma_dev_get() function in drivers/dma/ti/k3-udma-private.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-extra: before 5.14.21-150400.24.119.1

dtb-allwinner: before 5.14.21-150400.24.119.1

kernel-64kb-optional: before 5.14.21-150400.24.119.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.119.1

dtb-sprd: before 5.14.21-150400.24.119.1

dtb-qcom: before 5.14.21-150400.24.119.1

dtb-apple: before 5.14.21-150400.24.119.1

dtb-cavium: before 5.14.21-150400.24.119.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.119.1

dtb-exynos: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-amd: before 5.14.21-150400.24.119.1

dtb-broadcom: before 5.14.21-150400.24.119.1

dtb-hisilicon: before 5.14.21-150400.24.119.1

dtb-amlogic: before 5.14.21-150400.24.119.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-xilinx: before 5.14.21-150400.24.119.1

dtb-socionext: before 5.14.21-150400.24.119.1

dtb-lg: before 5.14.21-150400.24.119.1

dtb-altera: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-renesas: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-marvell: before 5.14.21-150400.24.119.1

dtb-arm: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-amazon: before 5.14.21-150400.24.119.1

dtb-mediatek: before 5.14.21-150400.24.119.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-apm: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-freescale: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-rockchip: before 5.14.21-150400.24.119.1

dtb-nvidia: before 5.14.21-150400.24.119.1

dtb-aarch64: before 5.14.21-150400.24.119.1

kernel-kvmsmall: before 5.14.21-150400.24.119.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kselftests-kmp-default: before 5.14.21-150400.24.119.1

kernel-default-optional: before 5.14.21-150400.24.119.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-qa: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-base-rebuild: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel: before 5.14.21-150400.24.119.1

kernel-debug-debugsource: before 5.14.21-150400.24.119.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-debug-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug: before 5.14.21-150400.24.119.1

kernel-docs-html: before 5.14.21-150400.24.119.1

kernel-source-vanilla: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.119.1

kernel-zfcpdump: before 5.14.21-150400.24.119.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-extra: before 5.14.21-150400.24.119.1

kernel-docs: before 5.14.21-150400.24.119.1

kernel-source: before 5.14.21-150400.24.119.1

kernel-macros: before 5.14.21-150400.24.119.1

kernel-devel: before 5.14.21-150400.24.119.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.119.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-build: before 5.14.21-150400.24.119.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-devel: before 5.14.21-150400.24.119.1

reiserfs-kmp-default: before 5.14.21-150400.24.119.1

kernel-syms: before 5.14.21-150400.24.119.1

kernel-64kb-debugsource: before 5.14.21-150400.24.119.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel: before 5.14.21-150400.24.119.1

kernel-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default: before 5.14.21-150400.24.119.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

ocfs2-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default: before 5.14.21-150400.24.119.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default-debuginfo: before 1-150400.9.3.1

kernel-default-livepatch: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_26-debugsource: before 1-150400.9.3.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-debugsource: before 5.14.21-150400.24.119.1

kernel-default-base: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-default: before 5.14.21-150400.24.119.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241641-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

47) Buffer overflow

EUVDB-ID: #VU91438

Risk: Low

CVSSv3.1: 6.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-48657

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to execute arbitrary code.

The vulnerability exists due to memory corruption within the validate_cpu_freq_invariance_counters() function in arch/arm64/kernel/topology.c. A local user can execute arbitrary code.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-extra: before 5.14.21-150400.24.119.1

dtb-allwinner: before 5.14.21-150400.24.119.1

kernel-64kb-optional: before 5.14.21-150400.24.119.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.119.1

dtb-sprd: before 5.14.21-150400.24.119.1

dtb-qcom: before 5.14.21-150400.24.119.1

dtb-apple: before 5.14.21-150400.24.119.1

dtb-cavium: before 5.14.21-150400.24.119.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.119.1

dtb-exynos: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-amd: before 5.14.21-150400.24.119.1

dtb-broadcom: before 5.14.21-150400.24.119.1

dtb-hisilicon: before 5.14.21-150400.24.119.1

dtb-amlogic: before 5.14.21-150400.24.119.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-xilinx: before 5.14.21-150400.24.119.1

dtb-socionext: before 5.14.21-150400.24.119.1

dtb-lg: before 5.14.21-150400.24.119.1

dtb-altera: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-renesas: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-marvell: before 5.14.21-150400.24.119.1

dtb-arm: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-amazon: before 5.14.21-150400.24.119.1

dtb-mediatek: before 5.14.21-150400.24.119.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-apm: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-freescale: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-rockchip: before 5.14.21-150400.24.119.1

dtb-nvidia: before 5.14.21-150400.24.119.1

dtb-aarch64: before 5.14.21-150400.24.119.1

kernel-kvmsmall: before 5.14.21-150400.24.119.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kselftests-kmp-default: before 5.14.21-150400.24.119.1

kernel-default-optional: before 5.14.21-150400.24.119.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-qa: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-base-rebuild: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel: before 5.14.21-150400.24.119.1

kernel-debug-debugsource: before 5.14.21-150400.24.119.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-debug-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug: before 5.14.21-150400.24.119.1

kernel-docs-html: before 5.14.21-150400.24.119.1

kernel-source-vanilla: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.119.1

kernel-zfcpdump: before 5.14.21-150400.24.119.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-extra: before 5.14.21-150400.24.119.1

kernel-docs: before 5.14.21-150400.24.119.1

kernel-source: before 5.14.21-150400.24.119.1

kernel-macros: before 5.14.21-150400.24.119.1

kernel-devel: before 5.14.21-150400.24.119.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.119.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-build: before 5.14.21-150400.24.119.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-devel: before 5.14.21-150400.24.119.1

reiserfs-kmp-default: before 5.14.21-150400.24.119.1

kernel-syms: before 5.14.21-150400.24.119.1

kernel-64kb-debugsource: before 5.14.21-150400.24.119.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel: before 5.14.21-150400.24.119.1

kernel-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default: before 5.14.21-150400.24.119.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

ocfs2-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default: before 5.14.21-150400.24.119.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default-debuginfo: before 1-150400.9.3.1

kernel-default-livepatch: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_26-debugsource: before 1-150400.9.3.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-debugsource: before 5.14.21-150400.24.119.1

kernel-default-base: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-default: before 5.14.21-150400.24.119.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241641-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

48) Resource management error

EUVDB-ID: #VU93198

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-48660

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the lineevent_create() function in drivers/gpio/gpiolib-cdev.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-extra: before 5.14.21-150400.24.119.1

dtb-allwinner: before 5.14.21-150400.24.119.1

kernel-64kb-optional: before 5.14.21-150400.24.119.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.119.1

dtb-sprd: before 5.14.21-150400.24.119.1

dtb-qcom: before 5.14.21-150400.24.119.1

dtb-apple: before 5.14.21-150400.24.119.1

dtb-cavium: before 5.14.21-150400.24.119.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.119.1

dtb-exynos: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-amd: before 5.14.21-150400.24.119.1

dtb-broadcom: before 5.14.21-150400.24.119.1

dtb-hisilicon: before 5.14.21-150400.24.119.1

dtb-amlogic: before 5.14.21-150400.24.119.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-xilinx: before 5.14.21-150400.24.119.1

dtb-socionext: before 5.14.21-150400.24.119.1

dtb-lg: before 5.14.21-150400.24.119.1

dtb-altera: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-renesas: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-marvell: before 5.14.21-150400.24.119.1

dtb-arm: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-amazon: before 5.14.21-150400.24.119.1

dtb-mediatek: before 5.14.21-150400.24.119.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-apm: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-freescale: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-rockchip: before 5.14.21-150400.24.119.1

dtb-nvidia: before 5.14.21-150400.24.119.1

dtb-aarch64: before 5.14.21-150400.24.119.1

kernel-kvmsmall: before 5.14.21-150400.24.119.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kselftests-kmp-default: before 5.14.21-150400.24.119.1

kernel-default-optional: before 5.14.21-150400.24.119.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-qa: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-base-rebuild: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel: before 5.14.21-150400.24.119.1

kernel-debug-debugsource: before 5.14.21-150400.24.119.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-debug-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug: before 5.14.21-150400.24.119.1

kernel-docs-html: before 5.14.21-150400.24.119.1

kernel-source-vanilla: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.119.1

kernel-zfcpdump: before 5.14.21-150400.24.119.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-extra: before 5.14.21-150400.24.119.1

kernel-docs: before 5.14.21-150400.24.119.1

kernel-source: before 5.14.21-150400.24.119.1

kernel-macros: before 5.14.21-150400.24.119.1

kernel-devel: before 5.14.21-150400.24.119.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.119.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-build: before 5.14.21-150400.24.119.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-devel: before 5.14.21-150400.24.119.1

reiserfs-kmp-default: before 5.14.21-150400.24.119.1

kernel-syms: before 5.14.21-150400.24.119.1

kernel-64kb-debugsource: before 5.14.21-150400.24.119.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel: before 5.14.21-150400.24.119.1

kernel-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default: before 5.14.21-150400.24.119.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

ocfs2-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default: before 5.14.21-150400.24.119.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default-debuginfo: before 1-150400.9.3.1

kernel-default-livepatch: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_26-debugsource: before 1-150400.9.3.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-debugsource: before 5.14.21-150400.24.119.1

kernel-default-base: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-default: before 5.14.21-150400.24.119.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241641-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

49) Resource management error

EUVDB-ID: #VU93197

Risk: Low

CVSSv3.1: 6.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-48662

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to execute arbitrary code.

The vulnerability exists due to resource management error within the i915_gem_context_release() and context_close() functions in drivers/gpu/drm/i915/gem/i915_gem_context.c. A local user can execute arbitrary code.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-extra: before 5.14.21-150400.24.119.1

dtb-allwinner: before 5.14.21-150400.24.119.1

kernel-64kb-optional: before 5.14.21-150400.24.119.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.119.1

dtb-sprd: before 5.14.21-150400.24.119.1

dtb-qcom: before 5.14.21-150400.24.119.1

dtb-apple: before 5.14.21-150400.24.119.1

dtb-cavium: before 5.14.21-150400.24.119.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.119.1

dtb-exynos: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-amd: before 5.14.21-150400.24.119.1

dtb-broadcom: before 5.14.21-150400.24.119.1

dtb-hisilicon: before 5.14.21-150400.24.119.1

dtb-amlogic: before 5.14.21-150400.24.119.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-xilinx: before 5.14.21-150400.24.119.1

dtb-socionext: before 5.14.21-150400.24.119.1

dtb-lg: before 5.14.21-150400.24.119.1

dtb-altera: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-renesas: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-marvell: before 5.14.21-150400.24.119.1

dtb-arm: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-amazon: before 5.14.21-150400.24.119.1

dtb-mediatek: before 5.14.21-150400.24.119.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-apm: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-freescale: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-rockchip: before 5.14.21-150400.24.119.1

dtb-nvidia: before 5.14.21-150400.24.119.1

dtb-aarch64: before 5.14.21-150400.24.119.1

kernel-kvmsmall: before 5.14.21-150400.24.119.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kselftests-kmp-default: before 5.14.21-150400.24.119.1

kernel-default-optional: before 5.14.21-150400.24.119.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-qa: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-base-rebuild: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel: before 5.14.21-150400.24.119.1

kernel-debug-debugsource: before 5.14.21-150400.24.119.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-debug-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug: before 5.14.21-150400.24.119.1

kernel-docs-html: before 5.14.21-150400.24.119.1

kernel-source-vanilla: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.119.1

kernel-zfcpdump: before 5.14.21-150400.24.119.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-extra: before 5.14.21-150400.24.119.1

kernel-docs: before 5.14.21-150400.24.119.1

kernel-source: before 5.14.21-150400.24.119.1

kernel-macros: before 5.14.21-150400.24.119.1

kernel-devel: before 5.14.21-150400.24.119.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.119.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-build: before 5.14.21-150400.24.119.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-devel: before 5.14.21-150400.24.119.1

reiserfs-kmp-default: before 5.14.21-150400.24.119.1

kernel-syms: before 5.14.21-150400.24.119.1

kernel-64kb-debugsource: before 5.14.21-150400.24.119.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel: before 5.14.21-150400.24.119.1

kernel-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default: before 5.14.21-150400.24.119.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

ocfs2-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default: before 5.14.21-150400.24.119.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default-debuginfo: before 1-150400.9.3.1

kernel-default-livepatch: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_26-debugsource: before 1-150400.9.3.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-debugsource: before 5.14.21-150400.24.119.1

kernel-default-base: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-default: before 5.14.21-150400.24.119.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241641-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

50) NULL pointer dereference

EUVDB-ID: #VU90567

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-48663

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the gpio_mockup_init() function in drivers/gpio/gpio-mockup.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-extra: before 5.14.21-150400.24.119.1

dtb-allwinner: before 5.14.21-150400.24.119.1

kernel-64kb-optional: before 5.14.21-150400.24.119.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.119.1

dtb-sprd: before 5.14.21-150400.24.119.1

dtb-qcom: before 5.14.21-150400.24.119.1

dtb-apple: before 5.14.21-150400.24.119.1

dtb-cavium: before 5.14.21-150400.24.119.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.119.1

dtb-exynos: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-amd: before 5.14.21-150400.24.119.1

dtb-broadcom: before 5.14.21-150400.24.119.1

dtb-hisilicon: before 5.14.21-150400.24.119.1

dtb-amlogic: before 5.14.21-150400.24.119.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-xilinx: before 5.14.21-150400.24.119.1

dtb-socionext: before 5.14.21-150400.24.119.1

dtb-lg: before 5.14.21-150400.24.119.1

dtb-altera: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-renesas: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-marvell: before 5.14.21-150400.24.119.1

dtb-arm: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-amazon: before 5.14.21-150400.24.119.1

dtb-mediatek: before 5.14.21-150400.24.119.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-apm: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-freescale: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-rockchip: before 5.14.21-150400.24.119.1

dtb-nvidia: before 5.14.21-150400.24.119.1

dtb-aarch64: before 5.14.21-150400.24.119.1

kernel-kvmsmall: before 5.14.21-150400.24.119.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kselftests-kmp-default: before 5.14.21-150400.24.119.1

kernel-default-optional: before 5.14.21-150400.24.119.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-qa: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-base-rebuild: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel: before 5.14.21-150400.24.119.1

kernel-debug-debugsource: before 5.14.21-150400.24.119.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-debug-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug: before 5.14.21-150400.24.119.1

kernel-docs-html: before 5.14.21-150400.24.119.1

kernel-source-vanilla: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.119.1

kernel-zfcpdump: before 5.14.21-150400.24.119.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-extra: before 5.14.21-150400.24.119.1

kernel-docs: before 5.14.21-150400.24.119.1

kernel-source: before 5.14.21-150400.24.119.1

kernel-macros: before 5.14.21-150400.24.119.1

kernel-devel: before 5.14.21-150400.24.119.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.119.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-build: before 5.14.21-150400.24.119.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-devel: before 5.14.21-150400.24.119.1

reiserfs-kmp-default: before 5.14.21-150400.24.119.1

kernel-syms: before 5.14.21-150400.24.119.1

kernel-64kb-debugsource: before 5.14.21-150400.24.119.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel: before 5.14.21-150400.24.119.1

kernel-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default: before 5.14.21-150400.24.119.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

ocfs2-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default: before 5.14.21-150400.24.119.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default-debuginfo: before 1-150400.9.3.1

kernel-default-livepatch: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_26-debugsource: before 1-150400.9.3.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-debugsource: before 5.14.21-150400.24.119.1

kernel-default-base: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-default: before 5.14.21-150400.24.119.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241641-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

51) Resource management error

EUVDB-ID: #VU93644

Risk: Low

CVSSv3.1: 2.9 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-48667

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to corrupt data.

The vulnerability exists due to improper management of internal resources within the smb3_insert_range() function in fs/cifs/smb2ops.c. A local user can corrupt data.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-extra: before 5.14.21-150400.24.119.1

dtb-allwinner: before 5.14.21-150400.24.119.1

kernel-64kb-optional: before 5.14.21-150400.24.119.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.119.1

dtb-sprd: before 5.14.21-150400.24.119.1

dtb-qcom: before 5.14.21-150400.24.119.1

dtb-apple: before 5.14.21-150400.24.119.1

dtb-cavium: before 5.14.21-150400.24.119.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.119.1

dtb-exynos: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-amd: before 5.14.21-150400.24.119.1

dtb-broadcom: before 5.14.21-150400.24.119.1

dtb-hisilicon: before 5.14.21-150400.24.119.1

dtb-amlogic: before 5.14.21-150400.24.119.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-xilinx: before 5.14.21-150400.24.119.1

dtb-socionext: before 5.14.21-150400.24.119.1

dtb-lg: before 5.14.21-150400.24.119.1

dtb-altera: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-renesas: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-marvell: before 5.14.21-150400.24.119.1

dtb-arm: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-amazon: before 5.14.21-150400.24.119.1

dtb-mediatek: before 5.14.21-150400.24.119.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-apm: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-freescale: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-rockchip: before 5.14.21-150400.24.119.1

dtb-nvidia: before 5.14.21-150400.24.119.1

dtb-aarch64: before 5.14.21-150400.24.119.1

kernel-kvmsmall: before 5.14.21-150400.24.119.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kselftests-kmp-default: before 5.14.21-150400.24.119.1

kernel-default-optional: before 5.14.21-150400.24.119.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-qa: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-base-rebuild: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel: before 5.14.21-150400.24.119.1

kernel-debug-debugsource: before 5.14.21-150400.24.119.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-debug-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug: before 5.14.21-150400.24.119.1

kernel-docs-html: before 5.14.21-150400.24.119.1

kernel-source-vanilla: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.119.1

kernel-zfcpdump: before 5.14.21-150400.24.119.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-extra: before 5.14.21-150400.24.119.1

kernel-docs: before 5.14.21-150400.24.119.1

kernel-source: before 5.14.21-150400.24.119.1

kernel-macros: before 5.14.21-150400.24.119.1

kernel-devel: before 5.14.21-150400.24.119.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.119.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-build: before 5.14.21-150400.24.119.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-devel: before 5.14.21-150400.24.119.1

reiserfs-kmp-default: before 5.14.21-150400.24.119.1

kernel-syms: before 5.14.21-150400.24.119.1

kernel-64kb-debugsource: before 5.14.21-150400.24.119.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel: before 5.14.21-150400.24.119.1

kernel-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default: before 5.14.21-150400.24.119.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

ocfs2-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default: before 5.14.21-150400.24.119.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default-debuginfo: before 1-150400.9.3.1

kernel-default-livepatch: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_26-debugsource: before 1-150400.9.3.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-debugsource: before 5.14.21-150400.24.119.1

kernel-default-base: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-default: before 5.14.21-150400.24.119.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241641-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

52) Resource management error

EUVDB-ID: #VU93645

Risk: Low

CVSSv3.1: 2.9 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-48668

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to corrupt data.

The vulnerability exists due to improper management of internal resources within the smb3_collapse_range() function in fs/cifs/smb2ops.c. A local user can corrupt data.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-extra: before 5.14.21-150400.24.119.1

dtb-allwinner: before 5.14.21-150400.24.119.1

kernel-64kb-optional: before 5.14.21-150400.24.119.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.119.1

dtb-sprd: before 5.14.21-150400.24.119.1

dtb-qcom: before 5.14.21-150400.24.119.1

dtb-apple: before 5.14.21-150400.24.119.1

dtb-cavium: before 5.14.21-150400.24.119.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.119.1

dtb-exynos: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-amd: before 5.14.21-150400.24.119.1

dtb-broadcom: before 5.14.21-150400.24.119.1

dtb-hisilicon: before 5.14.21-150400.24.119.1

dtb-amlogic: before 5.14.21-150400.24.119.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-xilinx: before 5.14.21-150400.24.119.1

dtb-socionext: before 5.14.21-150400.24.119.1

dtb-lg: before 5.14.21-150400.24.119.1

dtb-altera: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-renesas: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-marvell: before 5.14.21-150400.24.119.1

dtb-arm: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-amazon: before 5.14.21-150400.24.119.1

dtb-mediatek: before 5.14.21-150400.24.119.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-apm: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-freescale: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-rockchip: before 5.14.21-150400.24.119.1

dtb-nvidia: before 5.14.21-150400.24.119.1

dtb-aarch64: before 5.14.21-150400.24.119.1

kernel-kvmsmall: before 5.14.21-150400.24.119.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kselftests-kmp-default: before 5.14.21-150400.24.119.1

kernel-default-optional: before 5.14.21-150400.24.119.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-qa: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-base-rebuild: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel: before 5.14.21-150400.24.119.1

kernel-debug-debugsource: before 5.14.21-150400.24.119.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-debug-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug: before 5.14.21-150400.24.119.1

kernel-docs-html: before 5.14.21-150400.24.119.1

kernel-source-vanilla: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.119.1

kernel-zfcpdump: before 5.14.21-150400.24.119.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-extra: before 5.14.21-150400.24.119.1

kernel-docs: before 5.14.21-150400.24.119.1

kernel-source: before 5.14.21-150400.24.119.1

kernel-macros: before 5.14.21-150400.24.119.1

kernel-devel: before 5.14.21-150400.24.119.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.119.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-build: before 5.14.21-150400.24.119.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-devel: before 5.14.21-150400.24.119.1

reiserfs-kmp-default: before 5.14.21-150400.24.119.1

kernel-syms: before 5.14.21-150400.24.119.1

kernel-64kb-debugsource: before 5.14.21-150400.24.119.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel: before 5.14.21-150400.24.119.1

kernel-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default: before 5.14.21-150400.24.119.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

ocfs2-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default: before 5.14.21-150400.24.119.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default-debuginfo: before 1-150400.9.3.1

kernel-default-livepatch: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_26-debugsource: before 1-150400.9.3.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-debugsource: before 5.14.21-150400.24.119.1

kernel-default-base: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-default: before 5.14.21-150400.24.119.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241641-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

53) Improper locking

EUVDB-ID: #VU90810

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-0160

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the __sock_map_delete() and sock_hash_delete_elem() functions in net/core/sock_map.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-extra: before 5.14.21-150400.24.119.1

dtb-allwinner: before 5.14.21-150400.24.119.1

kernel-64kb-optional: before 5.14.21-150400.24.119.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.119.1

dtb-sprd: before 5.14.21-150400.24.119.1

dtb-qcom: before 5.14.21-150400.24.119.1

dtb-apple: before 5.14.21-150400.24.119.1

dtb-cavium: before 5.14.21-150400.24.119.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.119.1

dtb-exynos: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-amd: before 5.14.21-150400.24.119.1

dtb-broadcom: before 5.14.21-150400.24.119.1

dtb-hisilicon: before 5.14.21-150400.24.119.1

dtb-amlogic: before 5.14.21-150400.24.119.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-xilinx: before 5.14.21-150400.24.119.1

dtb-socionext: before 5.14.21-150400.24.119.1

dtb-lg: before 5.14.21-150400.24.119.1

dtb-altera: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-renesas: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-marvell: before 5.14.21-150400.24.119.1

dtb-arm: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-amazon: before 5.14.21-150400.24.119.1

dtb-mediatek: before 5.14.21-150400.24.119.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-apm: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-freescale: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-rockchip: before 5.14.21-150400.24.119.1

dtb-nvidia: before 5.14.21-150400.24.119.1

dtb-aarch64: before 5.14.21-150400.24.119.1

kernel-kvmsmall: before 5.14.21-150400.24.119.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kselftests-kmp-default: before 5.14.21-150400.24.119.1

kernel-default-optional: before 5.14.21-150400.24.119.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-qa: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-base-rebuild: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel: before 5.14.21-150400.24.119.1

kernel-debug-debugsource: before 5.14.21-150400.24.119.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-debug-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug: before 5.14.21-150400.24.119.1

kernel-docs-html: before 5.14.21-150400.24.119.1

kernel-source-vanilla: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.119.1

kernel-zfcpdump: before 5.14.21-150400.24.119.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-extra: before 5.14.21-150400.24.119.1

kernel-docs: before 5.14.21-150400.24.119.1

kernel-source: before 5.14.21-150400.24.119.1

kernel-macros: before 5.14.21-150400.24.119.1

kernel-devel: before 5.14.21-150400.24.119.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.119.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-build: before 5.14.21-150400.24.119.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-devel: before 5.14.21-150400.24.119.1

reiserfs-kmp-default: before 5.14.21-150400.24.119.1

kernel-syms: before 5.14.21-150400.24.119.1

kernel-64kb-debugsource: before 5.14.21-150400.24.119.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel: before 5.14.21-150400.24.119.1

kernel-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default: before 5.14.21-150400.24.119.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

ocfs2-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default: before 5.14.21-150400.24.119.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default-debuginfo: before 1-150400.9.3.1

kernel-default-livepatch: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_26-debugsource: before 1-150400.9.3.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-debugsource: before 5.14.21-150400.24.119.1

kernel-default-base: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-default: before 5.14.21-150400.24.119.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241641-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

54) Out-of-bounds read

EUVDB-ID: #VU88821

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52476

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary condition within the branch_type() and get_branch_type() functions in arch/x86/events/utils.c. A local user can trigger an out-of-bounds read error and crash the kernel.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-extra: before 5.14.21-150400.24.119.1

dtb-allwinner: before 5.14.21-150400.24.119.1

kernel-64kb-optional: before 5.14.21-150400.24.119.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.119.1

dtb-sprd: before 5.14.21-150400.24.119.1

dtb-qcom: before 5.14.21-150400.24.119.1

dtb-apple: before 5.14.21-150400.24.119.1

dtb-cavium: before 5.14.21-150400.24.119.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.119.1

dtb-exynos: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-amd: before 5.14.21-150400.24.119.1

dtb-broadcom: before 5.14.21-150400.24.119.1

dtb-hisilicon: before 5.14.21-150400.24.119.1

dtb-amlogic: before 5.14.21-150400.24.119.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-xilinx: before 5.14.21-150400.24.119.1

dtb-socionext: before 5.14.21-150400.24.119.1

dtb-lg: before 5.14.21-150400.24.119.1

dtb-altera: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-renesas: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-marvell: before 5.14.21-150400.24.119.1

dtb-arm: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-amazon: before 5.14.21-150400.24.119.1

dtb-mediatek: before 5.14.21-150400.24.119.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-apm: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-freescale: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-rockchip: before 5.14.21-150400.24.119.1

dtb-nvidia: before 5.14.21-150400.24.119.1

dtb-aarch64: before 5.14.21-150400.24.119.1

kernel-kvmsmall: before 5.14.21-150400.24.119.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kselftests-kmp-default: before 5.14.21-150400.24.119.1

kernel-default-optional: before 5.14.21-150400.24.119.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-qa: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-base-rebuild: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel: before 5.14.21-150400.24.119.1

kernel-debug-debugsource: before 5.14.21-150400.24.119.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-debug-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug: before 5.14.21-150400.24.119.1

kernel-docs-html: before 5.14.21-150400.24.119.1

kernel-source-vanilla: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.119.1

kernel-zfcpdump: before 5.14.21-150400.24.119.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-extra: before 5.14.21-150400.24.119.1

kernel-docs: before 5.14.21-150400.24.119.1

kernel-source: before 5.14.21-150400.24.119.1

kernel-macros: before 5.14.21-150400.24.119.1

kernel-devel: before 5.14.21-150400.24.119.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.119.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-build: before 5.14.21-150400.24.119.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-devel: before 5.14.21-150400.24.119.1

reiserfs-kmp-default: before 5.14.21-150400.24.119.1

kernel-syms: before 5.14.21-150400.24.119.1

kernel-64kb-debugsource: before 5.14.21-150400.24.119.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel: before 5.14.21-150400.24.119.1

kernel-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default: before 5.14.21-150400.24.119.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

ocfs2-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default: before 5.14.21-150400.24.119.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default-debuginfo: before 1-150400.9.3.1

kernel-default-livepatch: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_26-debugsource: before 1-150400.9.3.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-debugsource: before 5.14.21-150400.24.119.1

kernel-default-base: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-default: before 5.14.21-150400.24.119.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241641-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

55) Memory leak

EUVDB-ID: #VU91657

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52500

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the mpi_set_controller_config_resp() function in drivers/scsi/pm8001/pm80xx_hwi.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-extra: before 5.14.21-150400.24.119.1

dtb-allwinner: before 5.14.21-150400.24.119.1

kernel-64kb-optional: before 5.14.21-150400.24.119.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.119.1

dtb-sprd: before 5.14.21-150400.24.119.1

dtb-qcom: before 5.14.21-150400.24.119.1

dtb-apple: before 5.14.21-150400.24.119.1

dtb-cavium: before 5.14.21-150400.24.119.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.119.1

dtb-exynos: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-amd: before 5.14.21-150400.24.119.1

dtb-broadcom: before 5.14.21-150400.24.119.1

dtb-hisilicon: before 5.14.21-150400.24.119.1

dtb-amlogic: before 5.14.21-150400.24.119.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-xilinx: before 5.14.21-150400.24.119.1

dtb-socionext: before 5.14.21-150400.24.119.1

dtb-lg: before 5.14.21-150400.24.119.1

dtb-altera: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-renesas: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-marvell: before 5.14.21-150400.24.119.1

dtb-arm: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-amazon: before 5.14.21-150400.24.119.1

dtb-mediatek: before 5.14.21-150400.24.119.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-apm: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-freescale: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-rockchip: before 5.14.21-150400.24.119.1

dtb-nvidia: before 5.14.21-150400.24.119.1

dtb-aarch64: before 5.14.21-150400.24.119.1

kernel-kvmsmall: before 5.14.21-150400.24.119.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kselftests-kmp-default: before 5.14.21-150400.24.119.1

kernel-default-optional: before 5.14.21-150400.24.119.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-qa: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-base-rebuild: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel: before 5.14.21-150400.24.119.1

kernel-debug-debugsource: before 5.14.21-150400.24.119.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-debug-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug: before 5.14.21-150400.24.119.1

kernel-docs-html: before 5.14.21-150400.24.119.1

kernel-source-vanilla: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.119.1

kernel-zfcpdump: before 5.14.21-150400.24.119.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-extra: before 5.14.21-150400.24.119.1

kernel-docs: before 5.14.21-150400.24.119.1

kernel-source: before 5.14.21-150400.24.119.1

kernel-macros: before 5.14.21-150400.24.119.1

kernel-devel: before 5.14.21-150400.24.119.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.119.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-build: before 5.14.21-150400.24.119.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-devel: before 5.14.21-150400.24.119.1

reiserfs-kmp-default: before 5.14.21-150400.24.119.1

kernel-syms: before 5.14.21-150400.24.119.1

kernel-64kb-debugsource: before 5.14.21-150400.24.119.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel: before 5.14.21-150400.24.119.1

kernel-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default: before 5.14.21-150400.24.119.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

ocfs2-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default: before 5.14.21-150400.24.119.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default-debuginfo: before 1-150400.9.3.1

kernel-default-livepatch: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_26-debugsource: before 1-150400.9.3.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-debugsource: before 5.14.21-150400.24.119.1

kernel-default-base: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-default: before 5.14.21-150400.24.119.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241641-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

56) Improper locking

EUVDB-ID: #VU91539

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52590

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the ocfs2_rename() function in fs/ocfs2/namei.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-extra: before 5.14.21-150400.24.119.1

dtb-allwinner: before 5.14.21-150400.24.119.1

kernel-64kb-optional: before 5.14.21-150400.24.119.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.119.1

dtb-sprd: before 5.14.21-150400.24.119.1

dtb-qcom: before 5.14.21-150400.24.119.1

dtb-apple: before 5.14.21-150400.24.119.1

dtb-cavium: before 5.14.21-150400.24.119.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.119.1

dtb-exynos: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-amd: before 5.14.21-150400.24.119.1

dtb-broadcom: before 5.14.21-150400.24.119.1

dtb-hisilicon: before 5.14.21-150400.24.119.1

dtb-amlogic: before 5.14.21-150400.24.119.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-xilinx: before 5.14.21-150400.24.119.1

dtb-socionext: before 5.14.21-150400.24.119.1

dtb-lg: before 5.14.21-150400.24.119.1

dtb-altera: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-renesas: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-marvell: before 5.14.21-150400.24.119.1

dtb-arm: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-amazon: before 5.14.21-150400.24.119.1

dtb-mediatek: before 5.14.21-150400.24.119.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-apm: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-freescale: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-rockchip: before 5.14.21-150400.24.119.1

dtb-nvidia: before 5.14.21-150400.24.119.1

dtb-aarch64: before 5.14.21-150400.24.119.1

kernel-kvmsmall: before 5.14.21-150400.24.119.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kselftests-kmp-default: before 5.14.21-150400.24.119.1

kernel-default-optional: before 5.14.21-150400.24.119.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-qa: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-base-rebuild: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel: before 5.14.21-150400.24.119.1

kernel-debug-debugsource: before 5.14.21-150400.24.119.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-debug-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug: before 5.14.21-150400.24.119.1

kernel-docs-html: before 5.14.21-150400.24.119.1

kernel-source-vanilla: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.119.1

kernel-zfcpdump: before 5.14.21-150400.24.119.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-extra: before 5.14.21-150400.24.119.1

kernel-docs: before 5.14.21-150400.24.119.1

kernel-source: before 5.14.21-150400.24.119.1

kernel-macros: before 5.14.21-150400.24.119.1

kernel-devel: before 5.14.21-150400.24.119.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.119.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-build: before 5.14.21-150400.24.119.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-devel: before 5.14.21-150400.24.119.1

reiserfs-kmp-default: before 5.14.21-150400.24.119.1

kernel-syms: before 5.14.21-150400.24.119.1

kernel-64kb-debugsource: before 5.14.21-150400.24.119.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel: before 5.14.21-150400.24.119.1

kernel-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default: before 5.14.21-150400.24.119.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

ocfs2-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default: before 5.14.21-150400.24.119.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default-debuginfo: before 1-150400.9.3.1

kernel-default-livepatch: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_26-debugsource: before 1-150400.9.3.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-debugsource: before 5.14.21-150400.24.119.1

kernel-default-base: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-default: before 5.14.21-150400.24.119.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241641-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

57) Improper locking

EUVDB-ID: #VU91538

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52591

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the reiserfs_rename() function in fs/reiserfs/namei.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-extra: before 5.14.21-150400.24.119.1

dtb-allwinner: before 5.14.21-150400.24.119.1

kernel-64kb-optional: before 5.14.21-150400.24.119.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.119.1

dtb-sprd: before 5.14.21-150400.24.119.1

dtb-qcom: before 5.14.21-150400.24.119.1

dtb-apple: before 5.14.21-150400.24.119.1

dtb-cavium: before 5.14.21-150400.24.119.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.119.1

dtb-exynos: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-amd: before 5.14.21-150400.24.119.1

dtb-broadcom: before 5.14.21-150400.24.119.1

dtb-hisilicon: before 5.14.21-150400.24.119.1

dtb-amlogic: before 5.14.21-150400.24.119.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-xilinx: before 5.14.21-150400.24.119.1

dtb-socionext: before 5.14.21-150400.24.119.1

dtb-lg: before 5.14.21-150400.24.119.1

dtb-altera: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-renesas: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-marvell: before 5.14.21-150400.24.119.1

dtb-arm: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-amazon: before 5.14.21-150400.24.119.1

dtb-mediatek: before 5.14.21-150400.24.119.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-apm: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-freescale: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-rockchip: before 5.14.21-150400.24.119.1

dtb-nvidia: before 5.14.21-150400.24.119.1

dtb-aarch64: before 5.14.21-150400.24.119.1

kernel-kvmsmall: before 5.14.21-150400.24.119.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kselftests-kmp-default: before 5.14.21-150400.24.119.1

kernel-default-optional: before 5.14.21-150400.24.119.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-qa: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-base-rebuild: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel: before 5.14.21-150400.24.119.1

kernel-debug-debugsource: before 5.14.21-150400.24.119.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-debug-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug: before 5.14.21-150400.24.119.1

kernel-docs-html: before 5.14.21-150400.24.119.1

kernel-source-vanilla: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.119.1

kernel-zfcpdump: before 5.14.21-150400.24.119.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-extra: before 5.14.21-150400.24.119.1

kernel-docs: before 5.14.21-150400.24.119.1

kernel-source: before 5.14.21-150400.24.119.1

kernel-macros: before 5.14.21-150400.24.119.1

kernel-devel: before 5.14.21-150400.24.119.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.119.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-build: before 5.14.21-150400.24.119.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-devel: before 5.14.21-150400.24.119.1

reiserfs-kmp-default: before 5.14.21-150400.24.119.1

kernel-syms: before 5.14.21-150400.24.119.1

kernel-64kb-debugsource: before 5.14.21-150400.24.119.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel: before 5.14.21-150400.24.119.1

kernel-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default: before 5.14.21-150400.24.119.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

ocfs2-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default: before 5.14.21-150400.24.119.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default-debuginfo: before 1-150400.9.3.1

kernel-default-livepatch: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_26-debugsource: before 1-150400.9.3.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-debugsource: before 5.14.21-150400.24.119.1

kernel-default-base: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-default: before 5.14.21-150400.24.119.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241641-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

58) NULL pointer dereference

EUVDB-ID: #VU90841

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52607

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the pgtable_cache_add() function in arch/powerpc/mm/init-common.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-extra: before 5.14.21-150400.24.119.1

dtb-allwinner: before 5.14.21-150400.24.119.1

kernel-64kb-optional: before 5.14.21-150400.24.119.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.119.1

dtb-sprd: before 5.14.21-150400.24.119.1

dtb-qcom: before 5.14.21-150400.24.119.1

dtb-apple: before 5.14.21-150400.24.119.1

dtb-cavium: before 5.14.21-150400.24.119.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.119.1

dtb-exynos: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-amd: before 5.14.21-150400.24.119.1

dtb-broadcom: before 5.14.21-150400.24.119.1

dtb-hisilicon: before 5.14.21-150400.24.119.1

dtb-amlogic: before 5.14.21-150400.24.119.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-xilinx: before 5.14.21-150400.24.119.1

dtb-socionext: before 5.14.21-150400.24.119.1

dtb-lg: before 5.14.21-150400.24.119.1

dtb-altera: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-renesas: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-marvell: before 5.14.21-150400.24.119.1

dtb-arm: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-amazon: before 5.14.21-150400.24.119.1

dtb-mediatek: before 5.14.21-150400.24.119.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-apm: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-freescale: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-rockchip: before 5.14.21-150400.24.119.1

dtb-nvidia: before 5.14.21-150400.24.119.1

dtb-aarch64: before 5.14.21-150400.24.119.1

kernel-kvmsmall: before 5.14.21-150400.24.119.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kselftests-kmp-default: before 5.14.21-150400.24.119.1

kernel-default-optional: before 5.14.21-150400.24.119.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-qa: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-base-rebuild: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel: before 5.14.21-150400.24.119.1

kernel-debug-debugsource: before 5.14.21-150400.24.119.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-debug-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug: before 5.14.21-150400.24.119.1

kernel-docs-html: before 5.14.21-150400.24.119.1

kernel-source-vanilla: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.119.1

kernel-zfcpdump: before 5.14.21-150400.24.119.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-extra: before 5.14.21-150400.24.119.1

kernel-docs: before 5.14.21-150400.24.119.1

kernel-source: before 5.14.21-150400.24.119.1

kernel-macros: before 5.14.21-150400.24.119.1

kernel-devel: before 5.14.21-150400.24.119.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.119.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-build: before 5.14.21-150400.24.119.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-devel: before 5.14.21-150400.24.119.1

reiserfs-kmp-default: before 5.14.21-150400.24.119.1

kernel-syms: before 5.14.21-150400.24.119.1

kernel-64kb-debugsource: before 5.14.21-150400.24.119.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel: before 5.14.21-150400.24.119.1

kernel-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default: before 5.14.21-150400.24.119.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

ocfs2-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default: before 5.14.21-150400.24.119.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default-debuginfo: before 1-150400.9.3.1

kernel-default-livepatch: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_26-debugsource: before 1-150400.9.3.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-debugsource: before 5.14.21-150400.24.119.1

kernel-default-base: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-default: before 5.14.21-150400.24.119.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241641-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

59) Improper Initialization

EUVDB-ID: #VU91556

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52616

CWE-ID: CWE-665 - Improper Initialization

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper initialization within the mpi_ec_init() function in lib/mpi/ec.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-extra: before 5.14.21-150400.24.119.1

dtb-allwinner: before 5.14.21-150400.24.119.1

kernel-64kb-optional: before 5.14.21-150400.24.119.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.119.1

dtb-sprd: before 5.14.21-150400.24.119.1

dtb-qcom: before 5.14.21-150400.24.119.1

dtb-apple: before 5.14.21-150400.24.119.1

dtb-cavium: before 5.14.21-150400.24.119.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.119.1

dtb-exynos: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-amd: before 5.14.21-150400.24.119.1

dtb-broadcom: before 5.14.21-150400.24.119.1

dtb-hisilicon: before 5.14.21-150400.24.119.1

dtb-amlogic: before 5.14.21-150400.24.119.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-xilinx: before 5.14.21-150400.24.119.1

dtb-socionext: before 5.14.21-150400.24.119.1

dtb-lg: before 5.14.21-150400.24.119.1

dtb-altera: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-renesas: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-marvell: before 5.14.21-150400.24.119.1

dtb-arm: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-amazon: before 5.14.21-150400.24.119.1

dtb-mediatek: before 5.14.21-150400.24.119.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-apm: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-freescale: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-rockchip: before 5.14.21-150400.24.119.1

dtb-nvidia: before 5.14.21-150400.24.119.1

dtb-aarch64: before 5.14.21-150400.24.119.1

kernel-kvmsmall: before 5.14.21-150400.24.119.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kselftests-kmp-default: before 5.14.21-150400.24.119.1

kernel-default-optional: before 5.14.21-150400.24.119.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-qa: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-base-rebuild: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel: before 5.14.21-150400.24.119.1

kernel-debug-debugsource: before 5.14.21-150400.24.119.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-debug-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug: before 5.14.21-150400.24.119.1

kernel-docs-html: before 5.14.21-150400.24.119.1

kernel-source-vanilla: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.119.1

kernel-zfcpdump: before 5.14.21-150400.24.119.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-extra: before 5.14.21-150400.24.119.1

kernel-docs: before 5.14.21-150400.24.119.1

kernel-source: before 5.14.21-150400.24.119.1

kernel-macros: before 5.14.21-150400.24.119.1

kernel-devel: before 5.14.21-150400.24.119.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.119.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-build: before 5.14.21-150400.24.119.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-devel: before 5.14.21-150400.24.119.1

reiserfs-kmp-default: before 5.14.21-150400.24.119.1

kernel-syms: before 5.14.21-150400.24.119.1

kernel-64kb-debugsource: before 5.14.21-150400.24.119.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel: before 5.14.21-150400.24.119.1

kernel-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default: before 5.14.21-150400.24.119.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

ocfs2-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default: before 5.14.21-150400.24.119.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default-debuginfo: before 1-150400.9.3.1

kernel-default-livepatch: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_26-debugsource: before 1-150400.9.3.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-debugsource: before 5.14.21-150400.24.119.1

kernel-default-base: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-default: before 5.14.21-150400.24.119.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241641-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

60) Stack-based buffer overflow

EUVDB-ID: #VU87901

Risk: Low

CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52628

CWE-ID: CWE-121 - Stack-based buffer overflow

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error within the nft_exthdr_sctp_eval(), nft_exthdr_tcp_eval(), and nft_exthdr_ipv6_eval() functions. A local user can pass specially crafted data to the system, trigger a stack-based buffer overflow and execute arbitrary code with elevated privileges.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-extra: before 5.14.21-150400.24.119.1

dtb-allwinner: before 5.14.21-150400.24.119.1

kernel-64kb-optional: before 5.14.21-150400.24.119.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.119.1

dtb-sprd: before 5.14.21-150400.24.119.1

dtb-qcom: before 5.14.21-150400.24.119.1

dtb-apple: before 5.14.21-150400.24.119.1

dtb-cavium: before 5.14.21-150400.24.119.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.119.1

dtb-exynos: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-amd: before 5.14.21-150400.24.119.1

dtb-broadcom: before 5.14.21-150400.24.119.1

dtb-hisilicon: before 5.14.21-150400.24.119.1

dtb-amlogic: before 5.14.21-150400.24.119.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-xilinx: before 5.14.21-150400.24.119.1

dtb-socionext: before 5.14.21-150400.24.119.1

dtb-lg: before 5.14.21-150400.24.119.1

dtb-altera: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-renesas: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-marvell: before 5.14.21-150400.24.119.1

dtb-arm: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-amazon: before 5.14.21-150400.24.119.1

dtb-mediatek: before 5.14.21-150400.24.119.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-apm: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-freescale: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-rockchip: before 5.14.21-150400.24.119.1

dtb-nvidia: before 5.14.21-150400.24.119.1

dtb-aarch64: before 5.14.21-150400.24.119.1

kernel-kvmsmall: before 5.14.21-150400.24.119.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kselftests-kmp-default: before 5.14.21-150400.24.119.1

kernel-default-optional: before 5.14.21-150400.24.119.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-qa: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-base-rebuild: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel: before 5.14.21-150400.24.119.1

kernel-debug-debugsource: before 5.14.21-150400.24.119.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-debug-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug: before 5.14.21-150400.24.119.1

kernel-docs-html: before 5.14.21-150400.24.119.1

kernel-source-vanilla: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.119.1

kernel-zfcpdump: before 5.14.21-150400.24.119.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-extra: before 5.14.21-150400.24.119.1

kernel-docs: before 5.14.21-150400.24.119.1

kernel-source: before 5.14.21-150400.24.119.1

kernel-macros: before 5.14.21-150400.24.119.1

kernel-devel: before 5.14.21-150400.24.119.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.119.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-build: before 5.14.21-150400.24.119.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-devel: before 5.14.21-150400.24.119.1

reiserfs-kmp-default: before 5.14.21-150400.24.119.1

kernel-syms: before 5.14.21-150400.24.119.1

kernel-64kb-debugsource: before 5.14.21-150400.24.119.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel: before 5.14.21-150400.24.119.1

kernel-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default: before 5.14.21-150400.24.119.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

ocfs2-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default: before 5.14.21-150400.24.119.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default-debuginfo: before 1-150400.9.3.1

kernel-default-livepatch: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_26-debugsource: before 1-150400.9.3.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-debugsource: before 5.14.21-150400.24.119.1

kernel-default-base: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-default: before 5.14.21-150400.24.119.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241641-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

61) Use-after-free

EUVDB-ID: #VU91599

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-6270

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the aoecmd_cfg_pkts() function in the ATA over Ethernet (AoE) driver. A local user can trigger a use-after-free error and escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-extra: before 5.14.21-150400.24.119.1

dtb-allwinner: before 5.14.21-150400.24.119.1

kernel-64kb-optional: before 5.14.21-150400.24.119.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.119.1

dtb-sprd: before 5.14.21-150400.24.119.1

dtb-qcom: before 5.14.21-150400.24.119.1

dtb-apple: before 5.14.21-150400.24.119.1

dtb-cavium: before 5.14.21-150400.24.119.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.119.1

dtb-exynos: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-amd: before 5.14.21-150400.24.119.1

dtb-broadcom: before 5.14.21-150400.24.119.1

dtb-hisilicon: before 5.14.21-150400.24.119.1

dtb-amlogic: before 5.14.21-150400.24.119.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-xilinx: before 5.14.21-150400.24.119.1

dtb-socionext: before 5.14.21-150400.24.119.1

dtb-lg: before 5.14.21-150400.24.119.1

dtb-altera: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-renesas: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-marvell: before 5.14.21-150400.24.119.1

dtb-arm: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-amazon: before 5.14.21-150400.24.119.1

dtb-mediatek: before 5.14.21-150400.24.119.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-apm: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-freescale: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-rockchip: before 5.14.21-150400.24.119.1

dtb-nvidia: before 5.14.21-150400.24.119.1

dtb-aarch64: before 5.14.21-150400.24.119.1

kernel-kvmsmall: before 5.14.21-150400.24.119.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kselftests-kmp-default: before 5.14.21-150400.24.119.1

kernel-default-optional: before 5.14.21-150400.24.119.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-qa: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-base-rebuild: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel: before 5.14.21-150400.24.119.1

kernel-debug-debugsource: before 5.14.21-150400.24.119.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-debug-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug: before 5.14.21-150400.24.119.1

kernel-docs-html: before 5.14.21-150400.24.119.1

kernel-source-vanilla: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.119.1

kernel-zfcpdump: before 5.14.21-150400.24.119.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-extra: before 5.14.21-150400.24.119.1

kernel-docs: before 5.14.21-150400.24.119.1

kernel-source: before 5.14.21-150400.24.119.1

kernel-macros: before 5.14.21-150400.24.119.1

kernel-devel: before 5.14.21-150400.24.119.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.119.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-build: before 5.14.21-150400.24.119.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-devel: before 5.14.21-150400.24.119.1

reiserfs-kmp-default: before 5.14.21-150400.24.119.1

kernel-syms: before 5.14.21-150400.24.119.1

kernel-64kb-debugsource: before 5.14.21-150400.24.119.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel: before 5.14.21-150400.24.119.1

kernel-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default: before 5.14.21-150400.24.119.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

ocfs2-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default: before 5.14.21-150400.24.119.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default-debuginfo: before 1-150400.9.3.1

kernel-default-livepatch: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_26-debugsource: before 1-150400.9.3.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-debugsource: before 5.14.21-150400.24.119.1

kernel-default-base: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-default: before 5.14.21-150400.24.119.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241641-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

62) NULL pointer dereference

EUVDB-ID: #VU85422

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-7042

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error within the ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() function in drivers/net/wireless/ath/ath10k/wmi-tlv.c. A local user can pass specially crafted data to the driver and perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-extra: before 5.14.21-150400.24.119.1

dtb-allwinner: before 5.14.21-150400.24.119.1

kernel-64kb-optional: before 5.14.21-150400.24.119.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.119.1

dtb-sprd: before 5.14.21-150400.24.119.1

dtb-qcom: before 5.14.21-150400.24.119.1

dtb-apple: before 5.14.21-150400.24.119.1

dtb-cavium: before 5.14.21-150400.24.119.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.119.1

dtb-exynos: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-amd: before 5.14.21-150400.24.119.1

dtb-broadcom: before 5.14.21-150400.24.119.1

dtb-hisilicon: before 5.14.21-150400.24.119.1

dtb-amlogic: before 5.14.21-150400.24.119.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-xilinx: before 5.14.21-150400.24.119.1

dtb-socionext: before 5.14.21-150400.24.119.1

dtb-lg: before 5.14.21-150400.24.119.1

dtb-altera: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-renesas: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-marvell: before 5.14.21-150400.24.119.1

dtb-arm: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-amazon: before 5.14.21-150400.24.119.1

dtb-mediatek: before 5.14.21-150400.24.119.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-apm: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-freescale: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-rockchip: before 5.14.21-150400.24.119.1

dtb-nvidia: before 5.14.21-150400.24.119.1

dtb-aarch64: before 5.14.21-150400.24.119.1

kernel-kvmsmall: before 5.14.21-150400.24.119.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kselftests-kmp-default: before 5.14.21-150400.24.119.1

kernel-default-optional: before 5.14.21-150400.24.119.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-qa: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-base-rebuild: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel: before 5.14.21-150400.24.119.1

kernel-debug-debugsource: before 5.14.21-150400.24.119.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-debug-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug: before 5.14.21-150400.24.119.1

kernel-docs-html: before 5.14.21-150400.24.119.1

kernel-source-vanilla: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.119.1

kernel-zfcpdump: before 5.14.21-150400.24.119.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-extra: before 5.14.21-150400.24.119.1

kernel-docs: before 5.14.21-150400.24.119.1

kernel-source: before 5.14.21-150400.24.119.1

kernel-macros: before 5.14.21-150400.24.119.1

kernel-devel: before 5.14.21-150400.24.119.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.119.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-build: before 5.14.21-150400.24.119.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-devel: before 5.14.21-150400.24.119.1

reiserfs-kmp-default: before 5.14.21-150400.24.119.1

kernel-syms: before 5.14.21-150400.24.119.1

kernel-64kb-debugsource: before 5.14.21-150400.24.119.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel: before 5.14.21-150400.24.119.1

kernel-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default: before 5.14.21-150400.24.119.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

ocfs2-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default: before 5.14.21-150400.24.119.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default-debuginfo: before 1-150400.9.3.1

kernel-default-livepatch: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_26-debugsource: before 1-150400.9.3.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-debugsource: before 5.14.21-150400.24.119.1

kernel-default-base: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-default: before 5.14.21-150400.24.119.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241641-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

63) Memory leak

EUVDB-ID: #VU86248

Risk: Low

CVSSv3.1: 3.9 [CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-7192

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform DoS attack on the target system.

The vulnerability exists due memory leak within the ctnetlink_create_conntrack() function in net/netfilter/nf_conntrack_netlink.c. A local user with CAP_NET_ADMIN privileges can perform denial of service attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-extra: before 5.14.21-150400.24.119.1

dtb-allwinner: before 5.14.21-150400.24.119.1

kernel-64kb-optional: before 5.14.21-150400.24.119.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.119.1

dtb-sprd: before 5.14.21-150400.24.119.1

dtb-qcom: before 5.14.21-150400.24.119.1

dtb-apple: before 5.14.21-150400.24.119.1

dtb-cavium: before 5.14.21-150400.24.119.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.119.1

dtb-exynos: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-amd: before 5.14.21-150400.24.119.1

dtb-broadcom: before 5.14.21-150400.24.119.1

dtb-hisilicon: before 5.14.21-150400.24.119.1

dtb-amlogic: before 5.14.21-150400.24.119.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-xilinx: before 5.14.21-150400.24.119.1

dtb-socionext: before 5.14.21-150400.24.119.1

dtb-lg: before 5.14.21-150400.24.119.1

dtb-altera: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-renesas: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-marvell: before 5.14.21-150400.24.119.1

dtb-arm: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-amazon: before 5.14.21-150400.24.119.1

dtb-mediatek: before 5.14.21-150400.24.119.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-apm: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-freescale: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-rockchip: before 5.14.21-150400.24.119.1

dtb-nvidia: before 5.14.21-150400.24.119.1

dtb-aarch64: before 5.14.21-150400.24.119.1

kernel-kvmsmall: before 5.14.21-150400.24.119.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kselftests-kmp-default: before 5.14.21-150400.24.119.1

kernel-default-optional: before 5.14.21-150400.24.119.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-qa: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-base-rebuild: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel: before 5.14.21-150400.24.119.1

kernel-debug-debugsource: before 5.14.21-150400.24.119.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-debug-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug: before 5.14.21-150400.24.119.1

kernel-docs-html: before 5.14.21-150400.24.119.1

kernel-source-vanilla: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.119.1

kernel-zfcpdump: before 5.14.21-150400.24.119.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-extra: before 5.14.21-150400.24.119.1

kernel-docs: before 5.14.21-150400.24.119.1

kernel-source: before 5.14.21-150400.24.119.1

kernel-macros: before 5.14.21-150400.24.119.1

kernel-devel: before 5.14.21-150400.24.119.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.119.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-build: before 5.14.21-150400.24.119.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-devel: before 5.14.21-150400.24.119.1

reiserfs-kmp-default: before 5.14.21-150400.24.119.1

kernel-syms: before 5.14.21-150400.24.119.1

kernel-64kb-debugsource: before 5.14.21-150400.24.119.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel: before 5.14.21-150400.24.119.1

kernel-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default: before 5.14.21-150400.24.119.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

ocfs2-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default: before 5.14.21-150400.24.119.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default-debuginfo: before 1-150400.9.3.1

kernel-default-livepatch: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_26-debugsource: before 1-150400.9.3.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-debugsource: before 5.14.21-150400.24.119.1

kernel-default-base: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-default: before 5.14.21-150400.24.119.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241641-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

64) NULL pointer dereference

EUVDB-ID: #VU89389

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-0841

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error within the hugetlbfs_fill_super() function in the Linux kernel hugetlbfs (HugeTLB pages) functionality. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-extra: before 5.14.21-150400.24.119.1

dtb-allwinner: before 5.14.21-150400.24.119.1

kernel-64kb-optional: before 5.14.21-150400.24.119.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.119.1

dtb-sprd: before 5.14.21-150400.24.119.1

dtb-qcom: before 5.14.21-150400.24.119.1

dtb-apple: before 5.14.21-150400.24.119.1

dtb-cavium: before 5.14.21-150400.24.119.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.119.1

dtb-exynos: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-amd: before 5.14.21-150400.24.119.1

dtb-broadcom: before 5.14.21-150400.24.119.1

dtb-hisilicon: before 5.14.21-150400.24.119.1

dtb-amlogic: before 5.14.21-150400.24.119.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-xilinx: before 5.14.21-150400.24.119.1

dtb-socionext: before 5.14.21-150400.24.119.1

dtb-lg: before 5.14.21-150400.24.119.1

dtb-altera: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-renesas: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-marvell: before 5.14.21-150400.24.119.1

dtb-arm: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-amazon: before 5.14.21-150400.24.119.1

dtb-mediatek: before 5.14.21-150400.24.119.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-apm: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-freescale: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-rockchip: before 5.14.21-150400.24.119.1

dtb-nvidia: before 5.14.21-150400.24.119.1

dtb-aarch64: before 5.14.21-150400.24.119.1

kernel-kvmsmall: before 5.14.21-150400.24.119.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kselftests-kmp-default: before 5.14.21-150400.24.119.1

kernel-default-optional: before 5.14.21-150400.24.119.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-qa: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-base-rebuild: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel: before 5.14.21-150400.24.119.1

kernel-debug-debugsource: before 5.14.21-150400.24.119.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-debug-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug: before 5.14.21-150400.24.119.1

kernel-docs-html: before 5.14.21-150400.24.119.1

kernel-source-vanilla: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.119.1

kernel-zfcpdump: before 5.14.21-150400.24.119.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-extra: before 5.14.21-150400.24.119.1

kernel-docs: before 5.14.21-150400.24.119.1

kernel-source: before 5.14.21-150400.24.119.1

kernel-macros: before 5.14.21-150400.24.119.1

kernel-devel: before 5.14.21-150400.24.119.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.119.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-build: before 5.14.21-150400.24.119.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-devel: before 5.14.21-150400.24.119.1

reiserfs-kmp-default: before 5.14.21-150400.24.119.1

kernel-syms: before 5.14.21-150400.24.119.1

kernel-64kb-debugsource: before 5.14.21-150400.24.119.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel: before 5.14.21-150400.24.119.1

kernel-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default: before 5.14.21-150400.24.119.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

ocfs2-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default: before 5.14.21-150400.24.119.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default-debuginfo: before 1-150400.9.3.1

kernel-default-livepatch: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_26-debugsource: before 1-150400.9.3.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-debugsource: before 5.14.21-150400.24.119.1

kernel-default-base: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-default: before 5.14.21-150400.24.119.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241641-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

65) NULL pointer dereference

EUVDB-ID: #VU87192

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-22099

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error within the rfcomm_check_security() function in /net/bluetooth/rfcomm/core.c. A local user can pass specially crafted data to the application and perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-extra: before 5.14.21-150400.24.119.1

dtb-allwinner: before 5.14.21-150400.24.119.1

kernel-64kb-optional: before 5.14.21-150400.24.119.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.119.1

dtb-sprd: before 5.14.21-150400.24.119.1

dtb-qcom: before 5.14.21-150400.24.119.1

dtb-apple: before 5.14.21-150400.24.119.1

dtb-cavium: before 5.14.21-150400.24.119.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.119.1

dtb-exynos: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-amd: before 5.14.21-150400.24.119.1

dtb-broadcom: before 5.14.21-150400.24.119.1

dtb-hisilicon: before 5.14.21-150400.24.119.1

dtb-amlogic: before 5.14.21-150400.24.119.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-xilinx: before 5.14.21-150400.24.119.1

dtb-socionext: before 5.14.21-150400.24.119.1

dtb-lg: before 5.14.21-150400.24.119.1

dtb-altera: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-renesas: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-marvell: before 5.14.21-150400.24.119.1

dtb-arm: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-amazon: before 5.14.21-150400.24.119.1

dtb-mediatek: before 5.14.21-150400.24.119.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-apm: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-freescale: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-rockchip: before 5.14.21-150400.24.119.1

dtb-nvidia: before 5.14.21-150400.24.119.1

dtb-aarch64: before 5.14.21-150400.24.119.1

kernel-kvmsmall: before 5.14.21-150400.24.119.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kselftests-kmp-default: before 5.14.21-150400.24.119.1

kernel-default-optional: before 5.14.21-150400.24.119.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-qa: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-base-rebuild: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel: before 5.14.21-150400.24.119.1

kernel-debug-debugsource: before 5.14.21-150400.24.119.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-debug-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug: before 5.14.21-150400.24.119.1

kernel-docs-html: before 5.14.21-150400.24.119.1

kernel-source-vanilla: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.119.1

kernel-zfcpdump: before 5.14.21-150400.24.119.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-extra: before 5.14.21-150400.24.119.1

kernel-docs: before 5.14.21-150400.24.119.1

kernel-source: before 5.14.21-150400.24.119.1

kernel-macros: before 5.14.21-150400.24.119.1

kernel-devel: before 5.14.21-150400.24.119.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.119.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-build: before 5.14.21-150400.24.119.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-devel: before 5.14.21-150400.24.119.1

reiserfs-kmp-default: before 5.14.21-150400.24.119.1

kernel-syms: before 5.14.21-150400.24.119.1

kernel-64kb-debugsource: before 5.14.21-150400.24.119.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel: before 5.14.21-150400.24.119.1

kernel-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default: before 5.14.21-150400.24.119.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

ocfs2-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default: before 5.14.21-150400.24.119.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default-debuginfo: before 1-150400.9.3.1

kernel-default-livepatch: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_26-debugsource: before 1-150400.9.3.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-debugsource: before 5.14.21-150400.24.119.1

kernel-default-base: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-default: before 5.14.21-150400.24.119.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241641-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

66) Integer overflow

EUVDB-ID: #VU88102

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-23307

CWE-ID: CWE-190 - Integer overflow

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to integer overflow in raid5_cache_count() function. A local user can trigger an integer overflow and execute arbitrary code with elevated privileges.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-extra: before 5.14.21-150400.24.119.1

dtb-allwinner: before 5.14.21-150400.24.119.1

kernel-64kb-optional: before 5.14.21-150400.24.119.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.119.1

dtb-sprd: before 5.14.21-150400.24.119.1

dtb-qcom: before 5.14.21-150400.24.119.1

dtb-apple: before 5.14.21-150400.24.119.1

dtb-cavium: before 5.14.21-150400.24.119.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.119.1

dtb-exynos: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-amd: before 5.14.21-150400.24.119.1

dtb-broadcom: before 5.14.21-150400.24.119.1

dtb-hisilicon: before 5.14.21-150400.24.119.1

dtb-amlogic: before 5.14.21-150400.24.119.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-xilinx: before 5.14.21-150400.24.119.1

dtb-socionext: before 5.14.21-150400.24.119.1

dtb-lg: before 5.14.21-150400.24.119.1

dtb-altera: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-renesas: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-marvell: before 5.14.21-150400.24.119.1

dtb-arm: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-amazon: before 5.14.21-150400.24.119.1

dtb-mediatek: before 5.14.21-150400.24.119.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-apm: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-freescale: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-rockchip: before 5.14.21-150400.24.119.1

dtb-nvidia: before 5.14.21-150400.24.119.1

dtb-aarch64: before 5.14.21-150400.24.119.1

kernel-kvmsmall: before 5.14.21-150400.24.119.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kselftests-kmp-default: before 5.14.21-150400.24.119.1

kernel-default-optional: before 5.14.21-150400.24.119.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-qa: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-base-rebuild: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel: before 5.14.21-150400.24.119.1

kernel-debug-debugsource: before 5.14.21-150400.24.119.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-debug-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug: before 5.14.21-150400.24.119.1

kernel-docs-html: before 5.14.21-150400.24.119.1

kernel-source-vanilla: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.119.1

kernel-zfcpdump: before 5.14.21-150400.24.119.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-extra: before 5.14.21-150400.24.119.1

kernel-docs: before 5.14.21-150400.24.119.1

kernel-source: before 5.14.21-150400.24.119.1

kernel-macros: before 5.14.21-150400.24.119.1

kernel-devel: before 5.14.21-150400.24.119.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.119.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-build: before 5.14.21-150400.24.119.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-devel: before 5.14.21-150400.24.119.1

reiserfs-kmp-default: before 5.14.21-150400.24.119.1

kernel-syms: before 5.14.21-150400.24.119.1

kernel-64kb-debugsource: before 5.14.21-150400.24.119.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel: before 5.14.21-150400.24.119.1

kernel-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default: before 5.14.21-150400.24.119.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

ocfs2-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default: before 5.14.21-150400.24.119.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default-debuginfo: before 1-150400.9.3.1

kernel-default-livepatch: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_26-debugsource: before 1-150400.9.3.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-debugsource: before 5.14.21-150400.24.119.1

kernel-default-base: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-default: before 5.14.21-150400.24.119.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241641-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

67) Use-after-free

EUVDB-ID: #VU91600

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-23848

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a use-after-free error within the cec_queue_msg_fh, related to drivers/media/cec/core/cec-adap.c and drivers/media/cec/core/cec-api.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-extra: before 5.14.21-150400.24.119.1

dtb-allwinner: before 5.14.21-150400.24.119.1

kernel-64kb-optional: before 5.14.21-150400.24.119.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.119.1

dtb-sprd: before 5.14.21-150400.24.119.1

dtb-qcom: before 5.14.21-150400.24.119.1

dtb-apple: before 5.14.21-150400.24.119.1

dtb-cavium: before 5.14.21-150400.24.119.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.119.1

dtb-exynos: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-amd: before 5.14.21-150400.24.119.1

dtb-broadcom: before 5.14.21-150400.24.119.1

dtb-hisilicon: before 5.14.21-150400.24.119.1

dtb-amlogic: before 5.14.21-150400.24.119.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-xilinx: before 5.14.21-150400.24.119.1

dtb-socionext: before 5.14.21-150400.24.119.1

dtb-lg: before 5.14.21-150400.24.119.1

dtb-altera: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-renesas: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-marvell: before 5.14.21-150400.24.119.1

dtb-arm: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-amazon: before 5.14.21-150400.24.119.1

dtb-mediatek: before 5.14.21-150400.24.119.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-apm: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-freescale: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-rockchip: before 5.14.21-150400.24.119.1

dtb-nvidia: before 5.14.21-150400.24.119.1

dtb-aarch64: before 5.14.21-150400.24.119.1

kernel-kvmsmall: before 5.14.21-150400.24.119.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kselftests-kmp-default: before 5.14.21-150400.24.119.1

kernel-default-optional: before 5.14.21-150400.24.119.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-qa: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-base-rebuild: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel: before 5.14.21-150400.24.119.1

kernel-debug-debugsource: before 5.14.21-150400.24.119.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-debug-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug: before 5.14.21-150400.24.119.1

kernel-docs-html: before 5.14.21-150400.24.119.1

kernel-source-vanilla: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.119.1

kernel-zfcpdump: before 5.14.21-150400.24.119.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-extra: before 5.14.21-150400.24.119.1

kernel-docs: before 5.14.21-150400.24.119.1

kernel-source: before 5.14.21-150400.24.119.1

kernel-macros: before 5.14.21-150400.24.119.1

kernel-devel: before 5.14.21-150400.24.119.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.119.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-build: before 5.14.21-150400.24.119.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-devel: before 5.14.21-150400.24.119.1

reiserfs-kmp-default: before 5.14.21-150400.24.119.1

kernel-syms: before 5.14.21-150400.24.119.1

kernel-64kb-debugsource: before 5.14.21-150400.24.119.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel: before 5.14.21-150400.24.119.1

kernel-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default: before 5.14.21-150400.24.119.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

ocfs2-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default: before 5.14.21-150400.24.119.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default-debuginfo: before 1-150400.9.3.1

kernel-default-livepatch: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_26-debugsource: before 1-150400.9.3.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-debugsource: before 5.14.21-150400.24.119.1

kernel-default-base: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-default: before 5.14.21-150400.24.119.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241641-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

68) Reachable Assertion

EUVDB-ID: #VU87594

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-23850

CWE-ID: CWE-617 - Reachable Assertion

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a reachable assertion within the btrfs_get_root_ref() function in fs/btrfs/disk-io.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-extra: before 5.14.21-150400.24.119.1

dtb-allwinner: before 5.14.21-150400.24.119.1

kernel-64kb-optional: before 5.14.21-150400.24.119.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.119.1

dtb-sprd: before 5.14.21-150400.24.119.1

dtb-qcom: before 5.14.21-150400.24.119.1

dtb-apple: before 5.14.21-150400.24.119.1

dtb-cavium: before 5.14.21-150400.24.119.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.119.1

dtb-exynos: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-amd: before 5.14.21-150400.24.119.1

dtb-broadcom: before 5.14.21-150400.24.119.1

dtb-hisilicon: before 5.14.21-150400.24.119.1

dtb-amlogic: before 5.14.21-150400.24.119.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-xilinx: before 5.14.21-150400.24.119.1

dtb-socionext: before 5.14.21-150400.24.119.1

dtb-lg: before 5.14.21-150400.24.119.1

dtb-altera: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-renesas: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-marvell: before 5.14.21-150400.24.119.1

dtb-arm: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-amazon: before 5.14.21-150400.24.119.1

dtb-mediatek: before 5.14.21-150400.24.119.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-apm: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-freescale: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-rockchip: before 5.14.21-150400.24.119.1

dtb-nvidia: before 5.14.21-150400.24.119.1

dtb-aarch64: before 5.14.21-150400.24.119.1

kernel-kvmsmall: before 5.14.21-150400.24.119.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kselftests-kmp-default: before 5.14.21-150400.24.119.1

kernel-default-optional: before 5.14.21-150400.24.119.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-qa: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-base-rebuild: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel: before 5.14.21-150400.24.119.1

kernel-debug-debugsource: before 5.14.21-150400.24.119.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-debug-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug: before 5.14.21-150400.24.119.1

kernel-docs-html: before 5.14.21-150400.24.119.1

kernel-source-vanilla: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.119.1

kernel-zfcpdump: before 5.14.21-150400.24.119.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-extra: before 5.14.21-150400.24.119.1

kernel-docs: before 5.14.21-150400.24.119.1

kernel-source: before 5.14.21-150400.24.119.1

kernel-macros: before 5.14.21-150400.24.119.1

kernel-devel: before 5.14.21-150400.24.119.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.119.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-build: before 5.14.21-150400.24.119.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-devel: before 5.14.21-150400.24.119.1

reiserfs-kmp-default: before 5.14.21-150400.24.119.1

kernel-syms: before 5.14.21-150400.24.119.1

kernel-64kb-debugsource: before 5.14.21-150400.24.119.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel: before 5.14.21-150400.24.119.1

kernel-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default: before 5.14.21-150400.24.119.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

ocfs2-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default: before 5.14.21-150400.24.119.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default-debuginfo: before 1-150400.9.3.1

kernel-default-livepatch: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_26-debugsource: before 1-150400.9.3.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-debugsource: before 5.14.21-150400.24.119.1

kernel-default-base: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-default: before 5.14.21-150400.24.119.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241641-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

69) Code Injection

EUVDB-ID: #VU89087

Risk: Low

CVSSv3.1: 4 [CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-25742

CWE-ID: CWE-94 - Improper Control of Generation of Code ('Code Injection')

Exploit availability: No

Description

The vulnerability allows a malicious hypervisor to escalate privileges on the system.

The vulnerability exists due to improper input validation when handling interrupts. A malicious hypervisor can inject interrupt 0x80, which is used by Linux for legacy 32-bit system calls, and arbitrarily change the value stored in EAX while a SEV VM is running.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-extra: before 5.14.21-150400.24.119.1

dtb-allwinner: before 5.14.21-150400.24.119.1

kernel-64kb-optional: before 5.14.21-150400.24.119.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.119.1

dtb-sprd: before 5.14.21-150400.24.119.1

dtb-qcom: before 5.14.21-150400.24.119.1

dtb-apple: before 5.14.21-150400.24.119.1

dtb-cavium: before 5.14.21-150400.24.119.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.119.1

dtb-exynos: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-amd: before 5.14.21-150400.24.119.1

dtb-broadcom: before 5.14.21-150400.24.119.1

dtb-hisilicon: before 5.14.21-150400.24.119.1

dtb-amlogic: before 5.14.21-150400.24.119.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-xilinx: before 5.14.21-150400.24.119.1

dtb-socionext: before 5.14.21-150400.24.119.1

dtb-lg: before 5.14.21-150400.24.119.1

dtb-altera: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-renesas: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-marvell: before 5.14.21-150400.24.119.1

dtb-arm: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-amazon: before 5.14.21-150400.24.119.1

dtb-mediatek: before 5.14.21-150400.24.119.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-apm: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-freescale: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-rockchip: before 5.14.21-150400.24.119.1

dtb-nvidia: before 5.14.21-150400.24.119.1

dtb-aarch64: before 5.14.21-150400.24.119.1

kernel-kvmsmall: before 5.14.21-150400.24.119.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kselftests-kmp-default: before 5.14.21-150400.24.119.1

kernel-default-optional: before 5.14.21-150400.24.119.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-qa: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-base-rebuild: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel: before 5.14.21-150400.24.119.1

kernel-debug-debugsource: before 5.14.21-150400.24.119.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-debug-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug: before 5.14.21-150400.24.119.1

kernel-docs-html: before 5.14.21-150400.24.119.1

kernel-source-vanilla: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.119.1

kernel-zfcpdump: before 5.14.21-150400.24.119.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-extra: before 5.14.21-150400.24.119.1

kernel-docs: before 5.14.21-150400.24.119.1

kernel-source: before 5.14.21-150400.24.119.1

kernel-macros: before 5.14.21-150400.24.119.1

kernel-devel: before 5.14.21-150400.24.119.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.119.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-build: before 5.14.21-150400.24.119.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-devel: before 5.14.21-150400.24.119.1

reiserfs-kmp-default: before 5.14.21-150400.24.119.1

kernel-syms: before 5.14.21-150400.24.119.1

kernel-64kb-debugsource: before 5.14.21-150400.24.119.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel: before 5.14.21-150400.24.119.1

kernel-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default: before 5.14.21-150400.24.119.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

ocfs2-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default: before 5.14.21-150400.24.119.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default-debuginfo: before 1-150400.9.3.1

kernel-default-livepatch: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_26-debugsource: before 1-150400.9.3.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-debugsource: before 5.14.21-150400.24.119.1

kernel-default-base: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-default: before 5.14.21-150400.24.119.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241641-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

70) Improper locking

EUVDB-ID: #VU93770

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-26601

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the ext4_mb_generate_buddy() and mb_free_blocks() functions in fs/ext4/mballoc.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-extra: before 5.14.21-150400.24.119.1

dtb-allwinner: before 5.14.21-150400.24.119.1

kernel-64kb-optional: before 5.14.21-150400.24.119.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.119.1

dtb-sprd: before 5.14.21-150400.24.119.1

dtb-qcom: before 5.14.21-150400.24.119.1

dtb-apple: before 5.14.21-150400.24.119.1

dtb-cavium: before 5.14.21-150400.24.119.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.119.1

dtb-exynos: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-amd: before 5.14.21-150400.24.119.1

dtb-broadcom: before 5.14.21-150400.24.119.1

dtb-hisilicon: before 5.14.21-150400.24.119.1

dtb-amlogic: before 5.14.21-150400.24.119.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-xilinx: before 5.14.21-150400.24.119.1

dtb-socionext: before 5.14.21-150400.24.119.1

dtb-lg: before 5.14.21-150400.24.119.1

dtb-altera: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-renesas: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-marvell: before 5.14.21-150400.24.119.1

dtb-arm: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-amazon: before 5.14.21-150400.24.119.1

dtb-mediatek: before 5.14.21-150400.24.119.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-apm: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-freescale: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-rockchip: before 5.14.21-150400.24.119.1

dtb-nvidia: before 5.14.21-150400.24.119.1

dtb-aarch64: before 5.14.21-150400.24.119.1

kernel-kvmsmall: before 5.14.21-150400.24.119.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kselftests-kmp-default: before 5.14.21-150400.24.119.1

kernel-default-optional: before 5.14.21-150400.24.119.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-qa: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-base-rebuild: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel: before 5.14.21-150400.24.119.1

kernel-debug-debugsource: before 5.14.21-150400.24.119.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-debug-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug: before 5.14.21-150400.24.119.1

kernel-docs-html: before 5.14.21-150400.24.119.1

kernel-source-vanilla: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.119.1

kernel-zfcpdump: before 5.14.21-150400.24.119.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-extra: before 5.14.21-150400.24.119.1

kernel-docs: before 5.14.21-150400.24.119.1

kernel-source: before 5.14.21-150400.24.119.1

kernel-macros: before 5.14.21-150400.24.119.1

kernel-devel: before 5.14.21-150400.24.119.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.119.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-build: before 5.14.21-150400.24.119.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-devel: before 5.14.21-150400.24.119.1

reiserfs-kmp-default: before 5.14.21-150400.24.119.1

kernel-syms: before 5.14.21-150400.24.119.1

kernel-64kb-debugsource: before 5.14.21-150400.24.119.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel: before 5.14.21-150400.24.119.1

kernel-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default: before 5.14.21-150400.24.119.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

ocfs2-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default: before 5.14.21-150400.24.119.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default-debuginfo: before 1-150400.9.3.1

kernel-default-livepatch: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_26-debugsource: before 1-150400.9.3.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-debugsource: before 5.14.21-150400.24.119.1

kernel-default-base: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-default: before 5.14.21-150400.24.119.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241641-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

71) Buffer overflow

EUVDB-ID: #VU89679

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-26610

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error within the iwl_dbg_tlv_override_trig_node() function in drivers/net/wireless/intel/iwlwifi/iwl-dbg-tlv.c. A local user can trigger memory corruption and execute arbitrary code with elevated privileges.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-extra: before 5.14.21-150400.24.119.1

dtb-allwinner: before 5.14.21-150400.24.119.1

kernel-64kb-optional: before 5.14.21-150400.24.119.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.119.1

dtb-sprd: before 5.14.21-150400.24.119.1

dtb-qcom: before 5.14.21-150400.24.119.1

dtb-apple: before 5.14.21-150400.24.119.1

dtb-cavium: before 5.14.21-150400.24.119.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.119.1

dtb-exynos: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-amd: before 5.14.21-150400.24.119.1

dtb-broadcom: before 5.14.21-150400.24.119.1

dtb-hisilicon: before 5.14.21-150400.24.119.1

dtb-amlogic: before 5.14.21-150400.24.119.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-xilinx: before 5.14.21-150400.24.119.1

dtb-socionext: before 5.14.21-150400.24.119.1

dtb-lg: before 5.14.21-150400.24.119.1

dtb-altera: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-renesas: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-marvell: before 5.14.21-150400.24.119.1

dtb-arm: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-amazon: before 5.14.21-150400.24.119.1

dtb-mediatek: before 5.14.21-150400.24.119.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-apm: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-freescale: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-rockchip: before 5.14.21-150400.24.119.1

dtb-nvidia: before 5.14.21-150400.24.119.1

dtb-aarch64: before 5.14.21-150400.24.119.1

kernel-kvmsmall: before 5.14.21-150400.24.119.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kselftests-kmp-default: before 5.14.21-150400.24.119.1

kernel-default-optional: before 5.14.21-150400.24.119.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-qa: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-base-rebuild: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel: before 5.14.21-150400.24.119.1

kernel-debug-debugsource: before 5.14.21-150400.24.119.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-debug-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug: before 5.14.21-150400.24.119.1

kernel-docs-html: before 5.14.21-150400.24.119.1

kernel-source-vanilla: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.119.1

kernel-zfcpdump: before 5.14.21-150400.24.119.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-extra: before 5.14.21-150400.24.119.1

kernel-docs: before 5.14.21-150400.24.119.1

kernel-source: before 5.14.21-150400.24.119.1

kernel-macros: before 5.14.21-150400.24.119.1

kernel-devel: before 5.14.21-150400.24.119.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.119.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-build: before 5.14.21-150400.24.119.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-devel: before 5.14.21-150400.24.119.1

reiserfs-kmp-default: before 5.14.21-150400.24.119.1

kernel-syms: before 5.14.21-150400.24.119.1

kernel-64kb-debugsource: before 5.14.21-150400.24.119.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel: before 5.14.21-150400.24.119.1

kernel-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default: before 5.14.21-150400.24.119.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

ocfs2-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default: before 5.14.21-150400.24.119.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default-debuginfo: before 1-150400.9.3.1

kernel-default-livepatch: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_26-debugsource: before 1-150400.9.3.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-debugsource: before 5.14.21-150400.24.119.1

kernel-default-base: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-default: before 5.14.21-150400.24.119.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241641-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

72) Resource management error

EUVDB-ID: #VU91320

Risk: Medium

CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-26614

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to improper management of internal resources within the reqsk_queue_alloc() function in net/core/request_sock.c. A remote attacker can send specially crafted ACK packets to the system and perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-extra: before 5.14.21-150400.24.119.1

dtb-allwinner: before 5.14.21-150400.24.119.1

kernel-64kb-optional: before 5.14.21-150400.24.119.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.119.1

dtb-sprd: before 5.14.21-150400.24.119.1

dtb-qcom: before 5.14.21-150400.24.119.1

dtb-apple: before 5.14.21-150400.24.119.1

dtb-cavium: before 5.14.21-150400.24.119.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.119.1

dtb-exynos: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-amd: before 5.14.21-150400.24.119.1

dtb-broadcom: before 5.14.21-150400.24.119.1

dtb-hisilicon: before 5.14.21-150400.24.119.1

dtb-amlogic: before 5.14.21-150400.24.119.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-xilinx: before 5.14.21-150400.24.119.1

dtb-socionext: before 5.14.21-150400.24.119.1

dtb-lg: before 5.14.21-150400.24.119.1

dtb-altera: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-renesas: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-marvell: before 5.14.21-150400.24.119.1

dtb-arm: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-amazon: before 5.14.21-150400.24.119.1

dtb-mediatek: before 5.14.21-150400.24.119.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-apm: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-freescale: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-rockchip: before 5.14.21-150400.24.119.1

dtb-nvidia: before 5.14.21-150400.24.119.1

dtb-aarch64: before 5.14.21-150400.24.119.1

kernel-kvmsmall: before 5.14.21-150400.24.119.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kselftests-kmp-default: before 5.14.21-150400.24.119.1

kernel-default-optional: before 5.14.21-150400.24.119.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-qa: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-base-rebuild: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel: before 5.14.21-150400.24.119.1

kernel-debug-debugsource: before 5.14.21-150400.24.119.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-debug-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug: before 5.14.21-150400.24.119.1

kernel-docs-html: before 5.14.21-150400.24.119.1

kernel-source-vanilla: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.119.1

kernel-zfcpdump: before 5.14.21-150400.24.119.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-extra: before 5.14.21-150400.24.119.1

kernel-docs: before 5.14.21-150400.24.119.1

kernel-source: before 5.14.21-150400.24.119.1

kernel-macros: before 5.14.21-150400.24.119.1

kernel-devel: before 5.14.21-150400.24.119.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.119.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-build: before 5.14.21-150400.24.119.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-devel: before 5.14.21-150400.24.119.1

reiserfs-kmp-default: before 5.14.21-150400.24.119.1

kernel-syms: before 5.14.21-150400.24.119.1

kernel-64kb-debugsource: before 5.14.21-150400.24.119.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel: before 5.14.21-150400.24.119.1

kernel-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default: before 5.14.21-150400.24.119.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

ocfs2-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default: before 5.14.21-150400.24.119.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default-debuginfo: before 1-150400.9.3.1

kernel-default-livepatch: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_26-debugsource: before 1-150400.9.3.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-debugsource: before 5.14.21-150400.24.119.1

kernel-default-base: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-default: before 5.14.21-150400.24.119.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241641-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

73) Improper access control

EUVDB-ID: #VU88150

Risk: Low

CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-26642

CWE-ID: CWE-284 - Improper Access Control

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper access restrictions within the nf_tables_newset() function in net/netfilter/nf_tables_api.c. A local user can set arbitrary timeouts, which can result in a denial of service condition.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-extra: before 5.14.21-150400.24.119.1

dtb-allwinner: before 5.14.21-150400.24.119.1

kernel-64kb-optional: before 5.14.21-150400.24.119.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.119.1

dtb-sprd: before 5.14.21-150400.24.119.1

dtb-qcom: before 5.14.21-150400.24.119.1

dtb-apple: before 5.14.21-150400.24.119.1

dtb-cavium: before 5.14.21-150400.24.119.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.119.1

dtb-exynos: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-amd: before 5.14.21-150400.24.119.1

dtb-broadcom: before 5.14.21-150400.24.119.1

dtb-hisilicon: before 5.14.21-150400.24.119.1

dtb-amlogic: before 5.14.21-150400.24.119.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-xilinx: before 5.14.21-150400.24.119.1

dtb-socionext: before 5.14.21-150400.24.119.1

dtb-lg: before 5.14.21-150400.24.119.1

dtb-altera: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-renesas: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-marvell: before 5.14.21-150400.24.119.1

dtb-arm: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-amazon: before 5.14.21-150400.24.119.1

dtb-mediatek: before 5.14.21-150400.24.119.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-apm: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-freescale: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-rockchip: before 5.14.21-150400.24.119.1

dtb-nvidia: before 5.14.21-150400.24.119.1

dtb-aarch64: before 5.14.21-150400.24.119.1

kernel-kvmsmall: before 5.14.21-150400.24.119.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kselftests-kmp-default: before 5.14.21-150400.24.119.1

kernel-default-optional: before 5.14.21-150400.24.119.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-qa: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-base-rebuild: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel: before 5.14.21-150400.24.119.1

kernel-debug-debugsource: before 5.14.21-150400.24.119.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-debug-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug: before 5.14.21-150400.24.119.1

kernel-docs-html: before 5.14.21-150400.24.119.1

kernel-source-vanilla: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.119.1

kernel-zfcpdump: before 5.14.21-150400.24.119.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-extra: before 5.14.21-150400.24.119.1

kernel-docs: before 5.14.21-150400.24.119.1

kernel-source: before 5.14.21-150400.24.119.1

kernel-macros: before 5.14.21-150400.24.119.1

kernel-devel: before 5.14.21-150400.24.119.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.119.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-build: before 5.14.21-150400.24.119.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-devel: before 5.14.21-150400.24.119.1

reiserfs-kmp-default: before 5.14.21-150400.24.119.1

kernel-syms: before 5.14.21-150400.24.119.1

kernel-64kb-debugsource: before 5.14.21-150400.24.119.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel: before 5.14.21-150400.24.119.1

kernel-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default: before 5.14.21-150400.24.119.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

ocfs2-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default: before 5.14.21-150400.24.119.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default-debuginfo: before 1-150400.9.3.1

kernel-default-livepatch: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_26-debugsource: before 1-150400.9.3.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-debugsource: before 5.14.21-150400.24.119.1

kernel-default-base: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-default: before 5.14.21-150400.24.119.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241641-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

74) Improper locking

EUVDB-ID: #VU92043

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-26687

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the shutdown_pirq() and __unbind_from_irq() functions in drivers/xen/events/events_base.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-extra: before 5.14.21-150400.24.119.1

dtb-allwinner: before 5.14.21-150400.24.119.1

kernel-64kb-optional: before 5.14.21-150400.24.119.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.119.1

dtb-sprd: before 5.14.21-150400.24.119.1

dtb-qcom: before 5.14.21-150400.24.119.1

dtb-apple: before 5.14.21-150400.24.119.1

dtb-cavium: before 5.14.21-150400.24.119.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.119.1

dtb-exynos: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-amd: before 5.14.21-150400.24.119.1

dtb-broadcom: before 5.14.21-150400.24.119.1

dtb-hisilicon: before 5.14.21-150400.24.119.1

dtb-amlogic: before 5.14.21-150400.24.119.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-xilinx: before 5.14.21-150400.24.119.1

dtb-socionext: before 5.14.21-150400.24.119.1

dtb-lg: before 5.14.21-150400.24.119.1

dtb-altera: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-renesas: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-marvell: before 5.14.21-150400.24.119.1

dtb-arm: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-amazon: before 5.14.21-150400.24.119.1

dtb-mediatek: before 5.14.21-150400.24.119.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-apm: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-freescale: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-rockchip: before 5.14.21-150400.24.119.1

dtb-nvidia: before 5.14.21-150400.24.119.1

dtb-aarch64: before 5.14.21-150400.24.119.1

kernel-kvmsmall: before 5.14.21-150400.24.119.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kselftests-kmp-default: before 5.14.21-150400.24.119.1

kernel-default-optional: before 5.14.21-150400.24.119.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-qa: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-base-rebuild: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel: before 5.14.21-150400.24.119.1

kernel-debug-debugsource: before 5.14.21-150400.24.119.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-debug-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug: before 5.14.21-150400.24.119.1

kernel-docs-html: before 5.14.21-150400.24.119.1

kernel-source-vanilla: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.119.1

kernel-zfcpdump: before 5.14.21-150400.24.119.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-extra: before 5.14.21-150400.24.119.1

kernel-docs: before 5.14.21-150400.24.119.1

kernel-source: before 5.14.21-150400.24.119.1

kernel-macros: before 5.14.21-150400.24.119.1

kernel-devel: before 5.14.21-150400.24.119.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.119.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-build: before 5.14.21-150400.24.119.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-devel: before 5.14.21-150400.24.119.1

reiserfs-kmp-default: before 5.14.21-150400.24.119.1

kernel-syms: before 5.14.21-150400.24.119.1

kernel-64kb-debugsource: before 5.14.21-150400.24.119.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel: before 5.14.21-150400.24.119.1

kernel-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default: before 5.14.21-150400.24.119.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

ocfs2-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default: before 5.14.21-150400.24.119.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default-debuginfo: before 1-150400.9.3.1

kernel-default-livepatch: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_26-debugsource: before 1-150400.9.3.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-debugsource: before 5.14.21-150400.24.119.1

kernel-default-base: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-default: before 5.14.21-150400.24.119.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241641-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

75) NULL pointer dereference

EUVDB-ID: #VU90603

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-26688

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the hugetlbfs_parse_param() function in fs/hugetlbfs/inode.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-extra: before 5.14.21-150400.24.119.1

dtb-allwinner: before 5.14.21-150400.24.119.1

kernel-64kb-optional: before 5.14.21-150400.24.119.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.119.1

dtb-sprd: before 5.14.21-150400.24.119.1

dtb-qcom: before 5.14.21-150400.24.119.1

dtb-apple: before 5.14.21-150400.24.119.1

dtb-cavium: before 5.14.21-150400.24.119.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.119.1

dtb-exynos: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-amd: before 5.14.21-150400.24.119.1

dtb-broadcom: before 5.14.21-150400.24.119.1

dtb-hisilicon: before 5.14.21-150400.24.119.1

dtb-amlogic: before 5.14.21-150400.24.119.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-xilinx: before 5.14.21-150400.24.119.1

dtb-socionext: before 5.14.21-150400.24.119.1

dtb-lg: before 5.14.21-150400.24.119.1

dtb-altera: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-renesas: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-marvell: before 5.14.21-150400.24.119.1

dtb-arm: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-amazon: before 5.14.21-150400.24.119.1

dtb-mediatek: before 5.14.21-150400.24.119.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-apm: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-freescale: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-rockchip: before 5.14.21-150400.24.119.1

dtb-nvidia: before 5.14.21-150400.24.119.1

dtb-aarch64: before 5.14.21-150400.24.119.1

kernel-kvmsmall: before 5.14.21-150400.24.119.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kselftests-kmp-default: before 5.14.21-150400.24.119.1

kernel-default-optional: before 5.14.21-150400.24.119.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-qa: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-base-rebuild: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel: before 5.14.21-150400.24.119.1

kernel-debug-debugsource: before 5.14.21-150400.24.119.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-debug-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug: before 5.14.21-150400.24.119.1

kernel-docs-html: before 5.14.21-150400.24.119.1

kernel-source-vanilla: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.119.1

kernel-zfcpdump: before 5.14.21-150400.24.119.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-extra: before 5.14.21-150400.24.119.1

kernel-docs: before 5.14.21-150400.24.119.1

kernel-source: before 5.14.21-150400.24.119.1

kernel-macros: before 5.14.21-150400.24.119.1

kernel-devel: before 5.14.21-150400.24.119.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.119.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-build: before 5.14.21-150400.24.119.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-devel: before 5.14.21-150400.24.119.1

reiserfs-kmp-default: before 5.14.21-150400.24.119.1

kernel-syms: before 5.14.21-150400.24.119.1

kernel-64kb-debugsource: before 5.14.21-150400.24.119.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel: before 5.14.21-150400.24.119.1

kernel-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default: before 5.14.21-150400.24.119.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

ocfs2-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default: before 5.14.21-150400.24.119.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default-debuginfo: before 1-150400.9.3.1

kernel-default-livepatch: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_26-debugsource: before 1-150400.9.3.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-debugsource: before 5.14.21-150400.24.119.1

kernel-default-base: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-default: before 5.14.21-150400.24.119.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241641-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

76) Use-after-free

EUVDB-ID: #VU90220

Risk: Low

CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-26689

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the __prep_cap() and __send_cap() functions in fs/ceph/caps.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-extra: before 5.14.21-150400.24.119.1

dtb-allwinner: before 5.14.21-150400.24.119.1

kernel-64kb-optional: before 5.14.21-150400.24.119.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.119.1

dtb-sprd: before 5.14.21-150400.24.119.1

dtb-qcom: before 5.14.21-150400.24.119.1

dtb-apple: before 5.14.21-150400.24.119.1

dtb-cavium: before 5.14.21-150400.24.119.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.119.1

dtb-exynos: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-amd: before 5.14.21-150400.24.119.1

dtb-broadcom: before 5.14.21-150400.24.119.1

dtb-hisilicon: before 5.14.21-150400.24.119.1

dtb-amlogic: before 5.14.21-150400.24.119.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-xilinx: before 5.14.21-150400.24.119.1

dtb-socionext: before 5.14.21-150400.24.119.1

dtb-lg: before 5.14.21-150400.24.119.1

dtb-altera: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-renesas: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-marvell: before 5.14.21-150400.24.119.1

dtb-arm: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-amazon: before 5.14.21-150400.24.119.1

dtb-mediatek: before 5.14.21-150400.24.119.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-apm: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-freescale: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-rockchip: before 5.14.21-150400.24.119.1

dtb-nvidia: before 5.14.21-150400.24.119.1

dtb-aarch64: before 5.14.21-150400.24.119.1

kernel-kvmsmall: before 5.14.21-150400.24.119.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kselftests-kmp-default: before 5.14.21-150400.24.119.1

kernel-default-optional: before 5.14.21-150400.24.119.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-qa: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-base-rebuild: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel: before 5.14.21-150400.24.119.1

kernel-debug-debugsource: before 5.14.21-150400.24.119.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-debug-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug: before 5.14.21-150400.24.119.1

kernel-docs-html: before 5.14.21-150400.24.119.1

kernel-source-vanilla: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.119.1

kernel-zfcpdump: before 5.14.21-150400.24.119.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-extra: before 5.14.21-150400.24.119.1

kernel-docs: before 5.14.21-150400.24.119.1

kernel-source: before 5.14.21-150400.24.119.1

kernel-macros: before 5.14.21-150400.24.119.1

kernel-devel: before 5.14.21-150400.24.119.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.119.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-build: before 5.14.21-150400.24.119.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-devel: before 5.14.21-150400.24.119.1

reiserfs-kmp-default: before 5.14.21-150400.24.119.1

kernel-syms: before 5.14.21-150400.24.119.1

kernel-64kb-debugsource: before 5.14.21-150400.24.119.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel: before 5.14.21-150400.24.119.1

kernel-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default: before 5.14.21-150400.24.119.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

ocfs2-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default: before 5.14.21-150400.24.119.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default-debuginfo: before 1-150400.9.3.1

kernel-default-livepatch: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_26-debugsource: before 1-150400.9.3.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-debugsource: before 5.14.21-150400.24.119.1

kernel-default-base: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-default: before 5.14.21-150400.24.119.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241641-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

77) Double free

EUVDB-ID: #VU90929

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-26704

CWE-ID: CWE-415 - Double Free

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a double free error within the ext4_move_extents() function in fs/ext4/move_extent.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-extra: before 5.14.21-150400.24.119.1

dtb-allwinner: before 5.14.21-150400.24.119.1

kernel-64kb-optional: before 5.14.21-150400.24.119.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.119.1

dtb-sprd: before 5.14.21-150400.24.119.1

dtb-qcom: before 5.14.21-150400.24.119.1

dtb-apple: before 5.14.21-150400.24.119.1

dtb-cavium: before 5.14.21-150400.24.119.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.119.1

dtb-exynos: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-amd: before 5.14.21-150400.24.119.1

dtb-broadcom: before 5.14.21-150400.24.119.1

dtb-hisilicon: before 5.14.21-150400.24.119.1

dtb-amlogic: before 5.14.21-150400.24.119.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-xilinx: before 5.14.21-150400.24.119.1

dtb-socionext: before 5.14.21-150400.24.119.1

dtb-lg: before 5.14.21-150400.24.119.1

dtb-altera: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-renesas: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-marvell: before 5.14.21-150400.24.119.1

dtb-arm: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-amazon: before 5.14.21-150400.24.119.1

dtb-mediatek: before 5.14.21-150400.24.119.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-apm: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-freescale: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-rockchip: before 5.14.21-150400.24.119.1

dtb-nvidia: before 5.14.21-150400.24.119.1

dtb-aarch64: before 5.14.21-150400.24.119.1

kernel-kvmsmall: before 5.14.21-150400.24.119.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kselftests-kmp-default: before 5.14.21-150400.24.119.1

kernel-default-optional: before 5.14.21-150400.24.119.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-qa: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-base-rebuild: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel: before 5.14.21-150400.24.119.1

kernel-debug-debugsource: before 5.14.21-150400.24.119.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-debug-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug: before 5.14.21-150400.24.119.1

kernel-docs-html: before 5.14.21-150400.24.119.1

kernel-source-vanilla: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.119.1

kernel-zfcpdump: before 5.14.21-150400.24.119.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-extra: before 5.14.21-150400.24.119.1

kernel-docs: before 5.14.21-150400.24.119.1

kernel-source: before 5.14.21-150400.24.119.1

kernel-macros: before 5.14.21-150400.24.119.1

kernel-devel: before 5.14.21-150400.24.119.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.119.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-build: before 5.14.21-150400.24.119.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-devel: before 5.14.21-150400.24.119.1

reiserfs-kmp-default: before 5.14.21-150400.24.119.1

kernel-syms: before 5.14.21-150400.24.119.1

kernel-64kb-debugsource: before 5.14.21-150400.24.119.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel: before 5.14.21-150400.24.119.1

kernel-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default: before 5.14.21-150400.24.119.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

ocfs2-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default: before 5.14.21-150400.24.119.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default-debuginfo: before 1-150400.9.3.1

kernel-default-livepatch: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_26-debugsource: before 1-150400.9.3.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-debugsource: before 5.14.21-150400.24.119.1

kernel-default-base: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-default: before 5.14.21-150400.24.119.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241641-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

78) Reachable assertion

EUVDB-ID: #VU90911

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-26727

CWE-ID: CWE-617 - Reachable Assertion

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to reachable assertion within the btrfs_get_root_ref() function in fs/btrfs/disk-io.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-extra: before 5.14.21-150400.24.119.1

dtb-allwinner: before 5.14.21-150400.24.119.1

kernel-64kb-optional: before 5.14.21-150400.24.119.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.119.1

dtb-sprd: before 5.14.21-150400.24.119.1

dtb-qcom: before 5.14.21-150400.24.119.1

dtb-apple: before 5.14.21-150400.24.119.1

dtb-cavium: before 5.14.21-150400.24.119.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.119.1

dtb-exynos: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-amd: before 5.14.21-150400.24.119.1

dtb-broadcom: before 5.14.21-150400.24.119.1

dtb-hisilicon: before 5.14.21-150400.24.119.1

dtb-amlogic: before 5.14.21-150400.24.119.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-xilinx: before 5.14.21-150400.24.119.1

dtb-socionext: before 5.14.21-150400.24.119.1

dtb-lg: before 5.14.21-150400.24.119.1

dtb-altera: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-renesas: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-marvell: before 5.14.21-150400.24.119.1

dtb-arm: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-amazon: before 5.14.21-150400.24.119.1

dtb-mediatek: before 5.14.21-150400.24.119.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-apm: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-freescale: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-rockchip: before 5.14.21-150400.24.119.1

dtb-nvidia: before 5.14.21-150400.24.119.1

dtb-aarch64: before 5.14.21-150400.24.119.1

kernel-kvmsmall: before 5.14.21-150400.24.119.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kselftests-kmp-default: before 5.14.21-150400.24.119.1

kernel-default-optional: before 5.14.21-150400.24.119.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-qa: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-base-rebuild: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel: before 5.14.21-150400.24.119.1

kernel-debug-debugsource: before 5.14.21-150400.24.119.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-debug-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug: before 5.14.21-150400.24.119.1

kernel-docs-html: before 5.14.21-150400.24.119.1

kernel-source-vanilla: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.119.1

kernel-zfcpdump: before 5.14.21-150400.24.119.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-extra: before 5.14.21-150400.24.119.1

kernel-docs: before 5.14.21-150400.24.119.1

kernel-source: before 5.14.21-150400.24.119.1

kernel-macros: before 5.14.21-150400.24.119.1

kernel-devel: before 5.14.21-150400.24.119.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.119.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-build: before 5.14.21-150400.24.119.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-devel: before 5.14.21-150400.24.119.1

reiserfs-kmp-default: before 5.14.21-150400.24.119.1

kernel-syms: before 5.14.21-150400.24.119.1

kernel-64kb-debugsource: before 5.14.21-150400.24.119.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel: before 5.14.21-150400.24.119.1

kernel-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default: before 5.14.21-150400.24.119.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

ocfs2-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default: before 5.14.21-150400.24.119.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default-debuginfo: before 1-150400.9.3.1

kernel-default-livepatch: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_26-debugsource: before 1-150400.9.3.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-debugsource: before 5.14.21-150400.24.119.1

kernel-default-base: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-default: before 5.14.21-150400.24.119.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241641-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

79) Buffer overflow

EUVDB-ID: #VU92952

Risk: Low

CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-26733

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to memory corruption within the arp_req_get() function in net/ipv4/arp.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-extra: before 5.14.21-150400.24.119.1

dtb-allwinner: before 5.14.21-150400.24.119.1

kernel-64kb-optional: before 5.14.21-150400.24.119.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.119.1

dtb-sprd: before 5.14.21-150400.24.119.1

dtb-qcom: before 5.14.21-150400.24.119.1

dtb-apple: before 5.14.21-150400.24.119.1

dtb-cavium: before 5.14.21-150400.24.119.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.119.1

dtb-exynos: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-amd: before 5.14.21-150400.24.119.1

dtb-broadcom: before 5.14.21-150400.24.119.1

dtb-hisilicon: before 5.14.21-150400.24.119.1

dtb-amlogic: before 5.14.21-150400.24.119.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-xilinx: before 5.14.21-150400.24.119.1

dtb-socionext: before 5.14.21-150400.24.119.1

dtb-lg: before 5.14.21-150400.24.119.1

dtb-altera: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-renesas: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-marvell: before 5.14.21-150400.24.119.1

dtb-arm: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-amazon: before 5.14.21-150400.24.119.1

dtb-mediatek: before 5.14.21-150400.24.119.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-apm: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-freescale: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-rockchip: before 5.14.21-150400.24.119.1

dtb-nvidia: before 5.14.21-150400.24.119.1

dtb-aarch64: before 5.14.21-150400.24.119.1

kernel-kvmsmall: before 5.14.21-150400.24.119.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kselftests-kmp-default: before 5.14.21-150400.24.119.1

kernel-default-optional: before 5.14.21-150400.24.119.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-qa: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-base-rebuild: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel: before 5.14.21-150400.24.119.1

kernel-debug-debugsource: before 5.14.21-150400.24.119.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-debug-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug: before 5.14.21-150400.24.119.1

kernel-docs-html: before 5.14.21-150400.24.119.1

kernel-source-vanilla: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.119.1

kernel-zfcpdump: before 5.14.21-150400.24.119.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-extra: before 5.14.21-150400.24.119.1

kernel-docs: before 5.14.21-150400.24.119.1

kernel-source: before 5.14.21-150400.24.119.1

kernel-macros: before 5.14.21-150400.24.119.1

kernel-devel: before 5.14.21-150400.24.119.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.119.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-build: before 5.14.21-150400.24.119.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-devel: before 5.14.21-150400.24.119.1

reiserfs-kmp-default: before 5.14.21-150400.24.119.1

kernel-syms: before 5.14.21-150400.24.119.1

kernel-64kb-debugsource: before 5.14.21-150400.24.119.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel: before 5.14.21-150400.24.119.1

kernel-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default: before 5.14.21-150400.24.119.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

ocfs2-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default: before 5.14.21-150400.24.119.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default-debuginfo: before 1-150400.9.3.1

kernel-default-livepatch: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_26-debugsource: before 1-150400.9.3.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-debugsource: before 5.14.21-150400.24.119.1

kernel-default-base: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-default: before 5.14.21-150400.24.119.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241641-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

80) Use-after-free

EUVDB-ID: #VU90214

Risk: Low

CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-26739

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the tcf_mirred_to_dev() function in net/sched/act_mirred.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-extra: before 5.14.21-150400.24.119.1

dtb-allwinner: before 5.14.21-150400.24.119.1

kernel-64kb-optional: before 5.14.21-150400.24.119.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.119.1

dtb-sprd: before 5.14.21-150400.24.119.1

dtb-qcom: before 5.14.21-150400.24.119.1

dtb-apple: before 5.14.21-150400.24.119.1

dtb-cavium: before 5.14.21-150400.24.119.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.119.1

dtb-exynos: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-amd: before 5.14.21-150400.24.119.1

dtb-broadcom: before 5.14.21-150400.24.119.1

dtb-hisilicon: before 5.14.21-150400.24.119.1

dtb-amlogic: before 5.14.21-150400.24.119.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-xilinx: before 5.14.21-150400.24.119.1

dtb-socionext: before 5.14.21-150400.24.119.1

dtb-lg: before 5.14.21-150400.24.119.1

dtb-altera: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-renesas: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-marvell: before 5.14.21-150400.24.119.1

dtb-arm: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-amazon: before 5.14.21-150400.24.119.1

dtb-mediatek: before 5.14.21-150400.24.119.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-apm: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-freescale: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-rockchip: before 5.14.21-150400.24.119.1

dtb-nvidia: before 5.14.21-150400.24.119.1

dtb-aarch64: before 5.14.21-150400.24.119.1

kernel-kvmsmall: before 5.14.21-150400.24.119.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kselftests-kmp-default: before 5.14.21-150400.24.119.1

kernel-default-optional: before 5.14.21-150400.24.119.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-qa: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-base-rebuild: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel: before 5.14.21-150400.24.119.1

kernel-debug-debugsource: before 5.14.21-150400.24.119.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-debug-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug: before 5.14.21-150400.24.119.1

kernel-docs-html: before 5.14.21-150400.24.119.1

kernel-source-vanilla: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.119.1

kernel-zfcpdump: before 5.14.21-150400.24.119.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-extra: before 5.14.21-150400.24.119.1

kernel-docs: before 5.14.21-150400.24.119.1

kernel-source: before 5.14.21-150400.24.119.1

kernel-macros: before 5.14.21-150400.24.119.1

kernel-devel: before 5.14.21-150400.24.119.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.119.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-build: before 5.14.21-150400.24.119.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-devel: before 5.14.21-150400.24.119.1

reiserfs-kmp-default: before 5.14.21-150400.24.119.1

kernel-syms: before 5.14.21-150400.24.119.1

kernel-64kb-debugsource: before 5.14.21-150400.24.119.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel: before 5.14.21-150400.24.119.1

kernel-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default: before 5.14.21-150400.24.119.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

ocfs2-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default: before 5.14.21-150400.24.119.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default-debuginfo: before 1-150400.9.3.1

kernel-default-livepatch: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_26-debugsource: before 1-150400.9.3.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-debugsource: before 5.14.21-150400.24.119.1

kernel-default-base: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-default: before 5.14.21-150400.24.119.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241641-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

81) Resource management error

EUVDB-ID: #VU93844

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-26764

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the kiocb_set_cancel_fn() and aio_prep_rw() functions in fs/aio.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-extra: before 5.14.21-150400.24.119.1

dtb-allwinner: before 5.14.21-150400.24.119.1

kernel-64kb-optional: before 5.14.21-150400.24.119.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.119.1

dtb-sprd: before 5.14.21-150400.24.119.1

dtb-qcom: before 5.14.21-150400.24.119.1

dtb-apple: before 5.14.21-150400.24.119.1

dtb-cavium: before 5.14.21-150400.24.119.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.119.1

dtb-exynos: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-amd: before 5.14.21-150400.24.119.1

dtb-broadcom: before 5.14.21-150400.24.119.1

dtb-hisilicon: before 5.14.21-150400.24.119.1

dtb-amlogic: before 5.14.21-150400.24.119.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-xilinx: before 5.14.21-150400.24.119.1

dtb-socionext: before 5.14.21-150400.24.119.1

dtb-lg: before 5.14.21-150400.24.119.1

dtb-altera: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-renesas: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-marvell: before 5.14.21-150400.24.119.1

dtb-arm: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-amazon: before 5.14.21-150400.24.119.1

dtb-mediatek: before 5.14.21-150400.24.119.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-apm: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-freescale: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-rockchip: before 5.14.21-150400.24.119.1

dtb-nvidia: before 5.14.21-150400.24.119.1

dtb-aarch64: before 5.14.21-150400.24.119.1

kernel-kvmsmall: before 5.14.21-150400.24.119.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kselftests-kmp-default: before 5.14.21-150400.24.119.1

kernel-default-optional: before 5.14.21-150400.24.119.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-qa: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-base-rebuild: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel: before 5.14.21-150400.24.119.1

kernel-debug-debugsource: before 5.14.21-150400.24.119.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-debug-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug: before 5.14.21-150400.24.119.1

kernel-docs-html: before 5.14.21-150400.24.119.1

kernel-source-vanilla: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.119.1

kernel-zfcpdump: before 5.14.21-150400.24.119.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-extra: before 5.14.21-150400.24.119.1

kernel-docs: before 5.14.21-150400.24.119.1

kernel-source: before 5.14.21-150400.24.119.1

kernel-macros: before 5.14.21-150400.24.119.1

kernel-devel: before 5.14.21-150400.24.119.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.119.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-build: before 5.14.21-150400.24.119.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-devel: before 5.14.21-150400.24.119.1

reiserfs-kmp-default: before 5.14.21-150400.24.119.1

kernel-syms: before 5.14.21-150400.24.119.1

kernel-64kb-debugsource: before 5.14.21-150400.24.119.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel: before 5.14.21-150400.24.119.1

kernel-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default: before 5.14.21-150400.24.119.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

ocfs2-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default: before 5.14.21-150400.24.119.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default-debuginfo: before 1-150400.9.3.1

kernel-default-livepatch: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_26-debugsource: before 1-150400.9.3.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-debugsource: before 5.14.21-150400.24.119.1

kernel-default-base: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-default: before 5.14.21-150400.24.119.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241641-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

82) Off-by-one

EUVDB-ID: #VU89678

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-26766

CWE-ID: CWE-193 - Off-by-one Error

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to an off-by-one error within the _pad_sdma_tx_descs() function in drivers/infiniband/hw/hfi1/sdma.c. A local user can trigger an off-by-one error and execute arbitrary code with elevated privileges.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-extra: before 5.14.21-150400.24.119.1

dtb-allwinner: before 5.14.21-150400.24.119.1

kernel-64kb-optional: before 5.14.21-150400.24.119.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.119.1

dtb-sprd: before 5.14.21-150400.24.119.1

dtb-qcom: before 5.14.21-150400.24.119.1

dtb-apple: before 5.14.21-150400.24.119.1

dtb-cavium: before 5.14.21-150400.24.119.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.119.1

dtb-exynos: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-amd: before 5.14.21-150400.24.119.1

dtb-broadcom: before 5.14.21-150400.24.119.1

dtb-hisilicon: before 5.14.21-150400.24.119.1

dtb-amlogic: before 5.14.21-150400.24.119.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-xilinx: before 5.14.21-150400.24.119.1

dtb-socionext: before 5.14.21-150400.24.119.1

dtb-lg: before 5.14.21-150400.24.119.1

dtb-altera: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-renesas: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-marvell: before 5.14.21-150400.24.119.1

dtb-arm: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-amazon: before 5.14.21-150400.24.119.1

dtb-mediatek: before 5.14.21-150400.24.119.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-apm: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-freescale: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-rockchip: before 5.14.21-150400.24.119.1

dtb-nvidia: before 5.14.21-150400.24.119.1

dtb-aarch64: before 5.14.21-150400.24.119.1

kernel-kvmsmall: before 5.14.21-150400.24.119.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kselftests-kmp-default: before 5.14.21-150400.24.119.1

kernel-default-optional: before 5.14.21-150400.24.119.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-qa: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-base-rebuild: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel: before 5.14.21-150400.24.119.1

kernel-debug-debugsource: before 5.14.21-150400.24.119.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-debug-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug: before 5.14.21-150400.24.119.1

kernel-docs-html: before 5.14.21-150400.24.119.1

kernel-source-vanilla: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.119.1

kernel-zfcpdump: before 5.14.21-150400.24.119.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-extra: before 5.14.21-150400.24.119.1

kernel-docs: before 5.14.21-150400.24.119.1

kernel-source: before 5.14.21-150400.24.119.1

kernel-macros: before 5.14.21-150400.24.119.1

kernel-devel: before 5.14.21-150400.24.119.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.119.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-build: before 5.14.21-150400.24.119.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-devel: before 5.14.21-150400.24.119.1

reiserfs-kmp-default: before 5.14.21-150400.24.119.1

kernel-syms: before 5.14.21-150400.24.119.1

kernel-64kb-debugsource: before 5.14.21-150400.24.119.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel: before 5.14.21-150400.24.119.1

kernel-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default: before 5.14.21-150400.24.119.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

ocfs2-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default: before 5.14.21-150400.24.119.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default-debuginfo: before 1-150400.9.3.1

kernel-default-livepatch: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_26-debugsource: before 1-150400.9.3.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-debugsource: before 5.14.21-150400.24.119.1

kernel-default-base: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-default: before 5.14.21-150400.24.119.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241641-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

83) Improper locking

EUVDB-ID: #VU93787

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-26773

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the ext4_mb_try_best_found() function in fs/ext4/mballoc.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-extra: before 5.14.21-150400.24.119.1

dtb-allwinner: before 5.14.21-150400.24.119.1

kernel-64kb-optional: before 5.14.21-150400.24.119.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.119.1

dtb-sprd: before 5.14.21-150400.24.119.1

dtb-qcom: before 5.14.21-150400.24.119.1

dtb-apple: before 5.14.21-150400.24.119.1

dtb-cavium: before 5.14.21-150400.24.119.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.119.1

dtb-exynos: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-amd: before 5.14.21-150400.24.119.1

dtb-broadcom: before 5.14.21-150400.24.119.1

dtb-hisilicon: before 5.14.21-150400.24.119.1

dtb-amlogic: before 5.14.21-150400.24.119.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-xilinx: before 5.14.21-150400.24.119.1

dtb-socionext: before 5.14.21-150400.24.119.1

dtb-lg: before 5.14.21-150400.24.119.1

dtb-altera: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-renesas: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-marvell: before 5.14.21-150400.24.119.1

dtb-arm: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-amazon: before 5.14.21-150400.24.119.1

dtb-mediatek: before 5.14.21-150400.24.119.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-apm: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-freescale: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-rockchip: before 5.14.21-150400.24.119.1

dtb-nvidia: before 5.14.21-150400.24.119.1

dtb-aarch64: before 5.14.21-150400.24.119.1

kernel-kvmsmall: before 5.14.21-150400.24.119.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kselftests-kmp-default: before 5.14.21-150400.24.119.1

kernel-default-optional: before 5.14.21-150400.24.119.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-qa: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-base-rebuild: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel: before 5.14.21-150400.24.119.1

kernel-debug-debugsource: before 5.14.21-150400.24.119.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-debug-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug: before 5.14.21-150400.24.119.1

kernel-docs-html: before 5.14.21-150400.24.119.1

kernel-source-vanilla: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.119.1

kernel-zfcpdump: before 5.14.21-150400.24.119.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-extra: before 5.14.21-150400.24.119.1

kernel-docs: before 5.14.21-150400.24.119.1

kernel-source: before 5.14.21-150400.24.119.1

kernel-macros: before 5.14.21-150400.24.119.1

kernel-devel: before 5.14.21-150400.24.119.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.119.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-build: before 5.14.21-150400.24.119.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-devel: before 5.14.21-150400.24.119.1

reiserfs-kmp-default: before 5.14.21-150400.24.119.1

kernel-syms: before 5.14.21-150400.24.119.1

kernel-64kb-debugsource: before 5.14.21-150400.24.119.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel: before 5.14.21-150400.24.119.1

kernel-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default: before 5.14.21-150400.24.119.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

ocfs2-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default: before 5.14.21-150400.24.119.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default-debuginfo: before 1-150400.9.3.1

kernel-default-livepatch: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_26-debugsource: before 1-150400.9.3.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-debugsource: before 5.14.21-150400.24.119.1

kernel-default-base: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-default: before 5.14.21-150400.24.119.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241641-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

84) Double free

EUVDB-ID: #VU90897

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-26792

CWE-ID: CWE-415 - Double Free

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a double free error within the create_pending_snapshot() function in fs/btrfs/transaction.c, within the create_subvol() function in fs/btrfs/ioctl.c, within the btrfs_free_fs_info(), btrfs_init_fs_root(), btrfs_put_root() and btrfs_get_fs_root() functions in fs/btrfs/disk-io.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-extra: before 5.14.21-150400.24.119.1

dtb-allwinner: before 5.14.21-150400.24.119.1

kernel-64kb-optional: before 5.14.21-150400.24.119.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.119.1

dtb-sprd: before 5.14.21-150400.24.119.1

dtb-qcom: before 5.14.21-150400.24.119.1

dtb-apple: before 5.14.21-150400.24.119.1

dtb-cavium: before 5.14.21-150400.24.119.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.119.1

dtb-exynos: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-amd: before 5.14.21-150400.24.119.1

dtb-broadcom: before 5.14.21-150400.24.119.1

dtb-hisilicon: before 5.14.21-150400.24.119.1

dtb-amlogic: before 5.14.21-150400.24.119.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-xilinx: before 5.14.21-150400.24.119.1

dtb-socionext: before 5.14.21-150400.24.119.1

dtb-lg: before 5.14.21-150400.24.119.1

dtb-altera: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-renesas: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-marvell: before 5.14.21-150400.24.119.1

dtb-arm: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-amazon: before 5.14.21-150400.24.119.1

dtb-mediatek: before 5.14.21-150400.24.119.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-apm: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-freescale: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-rockchip: before 5.14.21-150400.24.119.1

dtb-nvidia: before 5.14.21-150400.24.119.1

dtb-aarch64: before 5.14.21-150400.24.119.1

kernel-kvmsmall: before 5.14.21-150400.24.119.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kselftests-kmp-default: before 5.14.21-150400.24.119.1

kernel-default-optional: before 5.14.21-150400.24.119.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-qa: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-base-rebuild: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel: before 5.14.21-150400.24.119.1

kernel-debug-debugsource: before 5.14.21-150400.24.119.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-debug-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug: before 5.14.21-150400.24.119.1

kernel-docs-html: before 5.14.21-150400.24.119.1

kernel-source-vanilla: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.119.1

kernel-zfcpdump: before 5.14.21-150400.24.119.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-extra: before 5.14.21-150400.24.119.1

kernel-docs: before 5.14.21-150400.24.119.1

kernel-source: before 5.14.21-150400.24.119.1

kernel-macros: before 5.14.21-150400.24.119.1

kernel-devel: before 5.14.21-150400.24.119.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.119.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-build: before 5.14.21-150400.24.119.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-devel: before 5.14.21-150400.24.119.1

reiserfs-kmp-default: before 5.14.21-150400.24.119.1

kernel-syms: before 5.14.21-150400.24.119.1

kernel-64kb-debugsource: before 5.14.21-150400.24.119.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel: before 5.14.21-150400.24.119.1

kernel-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default: before 5.14.21-150400.24.119.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

ocfs2-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default: before 5.14.21-150400.24.119.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default-debuginfo: before 1-150400.9.3.1

kernel-default-livepatch: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_26-debugsource: before 1-150400.9.3.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-debugsource: before 5.14.21-150400.24.119.1

kernel-default-base: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-default: before 5.14.21-150400.24.119.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241641-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

85) Memory leak

EUVDB-ID: #VU91650

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-26816

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the print_absolute_relocs() function in arch/x86/tools/relocs.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-extra: before 5.14.21-150400.24.119.1

dtb-allwinner: before 5.14.21-150400.24.119.1

kernel-64kb-optional: before 5.14.21-150400.24.119.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.119.1

dtb-sprd: before 5.14.21-150400.24.119.1

dtb-qcom: before 5.14.21-150400.24.119.1

dtb-apple: before 5.14.21-150400.24.119.1

dtb-cavium: before 5.14.21-150400.24.119.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.119.1

dtb-exynos: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-amd: before 5.14.21-150400.24.119.1

dtb-broadcom: before 5.14.21-150400.24.119.1

dtb-hisilicon: before 5.14.21-150400.24.119.1

dtb-amlogic: before 5.14.21-150400.24.119.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-xilinx: before 5.14.21-150400.24.119.1

dtb-socionext: before 5.14.21-150400.24.119.1

dtb-lg: before 5.14.21-150400.24.119.1

dtb-altera: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-renesas: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-marvell: before 5.14.21-150400.24.119.1

dtb-arm: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-amazon: before 5.14.21-150400.24.119.1

dtb-mediatek: before 5.14.21-150400.24.119.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-apm: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-freescale: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-rockchip: before 5.14.21-150400.24.119.1

dtb-nvidia: before 5.14.21-150400.24.119.1

dtb-aarch64: before 5.14.21-150400.24.119.1

kernel-kvmsmall: before 5.14.21-150400.24.119.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kselftests-kmp-default: before 5.14.21-150400.24.119.1

kernel-default-optional: before 5.14.21-150400.24.119.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-qa: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-base-rebuild: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel: before 5.14.21-150400.24.119.1

kernel-debug-debugsource: before 5.14.21-150400.24.119.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-debug-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug: before 5.14.21-150400.24.119.1

kernel-docs-html: before 5.14.21-150400.24.119.1

kernel-source-vanilla: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.119.1

kernel-zfcpdump: before 5.14.21-150400.24.119.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-extra: before 5.14.21-150400.24.119.1

kernel-docs: before 5.14.21-150400.24.119.1

kernel-source: before 5.14.21-150400.24.119.1

kernel-macros: before 5.14.21-150400.24.119.1

kernel-devel: before 5.14.21-150400.24.119.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.119.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-build: before 5.14.21-150400.24.119.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-devel: before 5.14.21-150400.24.119.1

reiserfs-kmp-default: before 5.14.21-150400.24.119.1

kernel-syms: before 5.14.21-150400.24.119.1

kernel-64kb-debugsource: before 5.14.21-150400.24.119.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel: before 5.14.21-150400.24.119.1

kernel-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default: before 5.14.21-150400.24.119.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

ocfs2-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default: before 5.14.21-150400.24.119.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default-debuginfo: before 1-150400.9.3.1

kernel-default-livepatch: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_26-debugsource: before 1-150400.9.3.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-debugsource: before 5.14.21-150400.24.119.1

kernel-default-base: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-default: before 5.14.21-150400.24.119.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241641-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

86) Use-after-free

EUVDB-ID: #VU90197

Risk: Low

CVSSv3.1: 6.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-26898

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the tx() function in drivers/block/aoe/aoenet.c, within the aoecmd_cfg_pkts() function in drivers/block/aoe/aoecmd.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-extra: before 5.14.21-150400.24.119.1

dtb-allwinner: before 5.14.21-150400.24.119.1

kernel-64kb-optional: before 5.14.21-150400.24.119.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.119.1

dtb-sprd: before 5.14.21-150400.24.119.1

dtb-qcom: before 5.14.21-150400.24.119.1

dtb-apple: before 5.14.21-150400.24.119.1

dtb-cavium: before 5.14.21-150400.24.119.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.119.1

dtb-exynos: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-amd: before 5.14.21-150400.24.119.1

dtb-broadcom: before 5.14.21-150400.24.119.1

dtb-hisilicon: before 5.14.21-150400.24.119.1

dtb-amlogic: before 5.14.21-150400.24.119.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-xilinx: before 5.14.21-150400.24.119.1

dtb-socionext: before 5.14.21-150400.24.119.1

dtb-lg: before 5.14.21-150400.24.119.1

dtb-altera: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-renesas: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-marvell: before 5.14.21-150400.24.119.1

dtb-arm: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-amazon: before 5.14.21-150400.24.119.1

dtb-mediatek: before 5.14.21-150400.24.119.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-apm: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-freescale: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-rockchip: before 5.14.21-150400.24.119.1

dtb-nvidia: before 5.14.21-150400.24.119.1

dtb-aarch64: before 5.14.21-150400.24.119.1

kernel-kvmsmall: before 5.14.21-150400.24.119.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kselftests-kmp-default: before 5.14.21-150400.24.119.1

kernel-default-optional: before 5.14.21-150400.24.119.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-qa: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-base-rebuild: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel: before 5.14.21-150400.24.119.1

kernel-debug-debugsource: before 5.14.21-150400.24.119.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-debug-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug: before 5.14.21-150400.24.119.1

kernel-docs-html: before 5.14.21-150400.24.119.1

kernel-source-vanilla: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.119.1

kernel-zfcpdump: before 5.14.21-150400.24.119.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-extra: before 5.14.21-150400.24.119.1

kernel-docs: before 5.14.21-150400.24.119.1

kernel-source: before 5.14.21-150400.24.119.1

kernel-macros: before 5.14.21-150400.24.119.1

kernel-devel: before 5.14.21-150400.24.119.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.119.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-build: before 5.14.21-150400.24.119.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-devel: before 5.14.21-150400.24.119.1

reiserfs-kmp-default: before 5.14.21-150400.24.119.1

kernel-syms: before 5.14.21-150400.24.119.1

kernel-64kb-debugsource: before 5.14.21-150400.24.119.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel: before 5.14.21-150400.24.119.1

kernel-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default: before 5.14.21-150400.24.119.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

ocfs2-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default: before 5.14.21-150400.24.119.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default-debuginfo: before 1-150400.9.3.1

kernel-default-livepatch: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_26-debugsource: before 1-150400.9.3.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-debugsource: before 5.14.21-150400.24.119.1

kernel-default-base: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-default: before 5.14.21-150400.24.119.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241641-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

87) NULL pointer dereference

EUVDB-ID: #VU92070

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-26903

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the rfcomm_process_rx() function in net/bluetooth/rfcomm/core.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-extra: before 5.14.21-150400.24.119.1

dtb-allwinner: before 5.14.21-150400.24.119.1

kernel-64kb-optional: before 5.14.21-150400.24.119.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.119.1

dtb-sprd: before 5.14.21-150400.24.119.1

dtb-qcom: before 5.14.21-150400.24.119.1

dtb-apple: before 5.14.21-150400.24.119.1

dtb-cavium: before 5.14.21-150400.24.119.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.119.1

dtb-exynos: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-amd: before 5.14.21-150400.24.119.1

dtb-broadcom: before 5.14.21-150400.24.119.1

dtb-hisilicon: before 5.14.21-150400.24.119.1

dtb-amlogic: before 5.14.21-150400.24.119.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-xilinx: before 5.14.21-150400.24.119.1

dtb-socionext: before 5.14.21-150400.24.119.1

dtb-lg: before 5.14.21-150400.24.119.1

dtb-altera: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-renesas: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-marvell: before 5.14.21-150400.24.119.1

dtb-arm: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-amazon: before 5.14.21-150400.24.119.1

dtb-mediatek: before 5.14.21-150400.24.119.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-apm: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-freescale: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-rockchip: before 5.14.21-150400.24.119.1

dtb-nvidia: before 5.14.21-150400.24.119.1

dtb-aarch64: before 5.14.21-150400.24.119.1

kernel-kvmsmall: before 5.14.21-150400.24.119.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kselftests-kmp-default: before 5.14.21-150400.24.119.1

kernel-default-optional: before 5.14.21-150400.24.119.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-qa: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-base-rebuild: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel: before 5.14.21-150400.24.119.1

kernel-debug-debugsource: before 5.14.21-150400.24.119.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-debug-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug: before 5.14.21-150400.24.119.1

kernel-docs-html: before 5.14.21-150400.24.119.1

kernel-source-vanilla: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.119.1

kernel-zfcpdump: before 5.14.21-150400.24.119.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-extra: before 5.14.21-150400.24.119.1

kernel-docs: before 5.14.21-150400.24.119.1

kernel-source: before 5.14.21-150400.24.119.1

kernel-macros: before 5.14.21-150400.24.119.1

kernel-devel: before 5.14.21-150400.24.119.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.119.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-build: before 5.14.21-150400.24.119.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-devel: before 5.14.21-150400.24.119.1

reiserfs-kmp-default: before 5.14.21-150400.24.119.1

kernel-syms: before 5.14.21-150400.24.119.1

kernel-64kb-debugsource: before 5.14.21-150400.24.119.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel: before 5.14.21-150400.24.119.1

kernel-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default: before 5.14.21-150400.24.119.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

ocfs2-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default: before 5.14.21-150400.24.119.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default-debuginfo: before 1-150400.9.3.1

kernel-default-livepatch: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_26-debugsource: before 1-150400.9.3.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-debugsource: before 5.14.21-150400.24.119.1

kernel-default-base: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-default: before 5.14.21-150400.24.119.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241641-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

88) Use-after-free

EUVDB-ID: #VU90178

Risk: Low

CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-27043

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the dvb_register_device() function in drivers/media/dvb-core/dvbdev.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-extra: before 5.14.21-150400.24.119.1

dtb-allwinner: before 5.14.21-150400.24.119.1

kernel-64kb-optional: before 5.14.21-150400.24.119.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.119.1

dtb-sprd: before 5.14.21-150400.24.119.1

dtb-qcom: before 5.14.21-150400.24.119.1

dtb-apple: before 5.14.21-150400.24.119.1

dtb-cavium: before 5.14.21-150400.24.119.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.119.1

dtb-exynos: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-amd: before 5.14.21-150400.24.119.1

dtb-broadcom: before 5.14.21-150400.24.119.1

dtb-hisilicon: before 5.14.21-150400.24.119.1

dtb-amlogic: before 5.14.21-150400.24.119.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-xilinx: before 5.14.21-150400.24.119.1

dtb-socionext: before 5.14.21-150400.24.119.1

dtb-lg: before 5.14.21-150400.24.119.1

dtb-altera: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-renesas: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-marvell: before 5.14.21-150400.24.119.1

dtb-arm: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-amazon: before 5.14.21-150400.24.119.1

dtb-mediatek: before 5.14.21-150400.24.119.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-apm: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-freescale: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-rockchip: before 5.14.21-150400.24.119.1

dtb-nvidia: before 5.14.21-150400.24.119.1

dtb-aarch64: before 5.14.21-150400.24.119.1

kernel-kvmsmall: before 5.14.21-150400.24.119.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kselftests-kmp-default: before 5.14.21-150400.24.119.1

kernel-default-optional: before 5.14.21-150400.24.119.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-qa: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-base-rebuild: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel: before 5.14.21-150400.24.119.1

kernel-debug-debugsource: before 5.14.21-150400.24.119.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-debug-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug: before 5.14.21-150400.24.119.1

kernel-docs-html: before 5.14.21-150400.24.119.1

kernel-source-vanilla: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.119.1

kernel-zfcpdump: before 5.14.21-150400.24.119.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-extra: before 5.14.21-150400.24.119.1

kernel-docs: before 5.14.21-150400.24.119.1

kernel-source: before 5.14.21-150400.24.119.1

kernel-macros: before 5.14.21-150400.24.119.1

kernel-devel: before 5.14.21-150400.24.119.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.119.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-build: before 5.14.21-150400.24.119.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-devel: before 5.14.21-150400.24.119.1

reiserfs-kmp-default: before 5.14.21-150400.24.119.1

kernel-syms: before 5.14.21-150400.24.119.1

kernel-64kb-debugsource: before 5.14.21-150400.24.119.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel: before 5.14.21-150400.24.119.1

kernel-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default: before 5.14.21-150400.24.119.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

ocfs2-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default: before 5.14.21-150400.24.119.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default-debuginfo: before 1-150400.9.3.1

kernel-default-livepatch: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_26-debugsource: before 1-150400.9.3.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-debugsource: before 5.14.21-150400.24.119.1

kernel-default-base: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-default: before 5.14.21-150400.24.119.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241641-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

89) Resource management error

EUVDB-ID: #VU91608

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-27389

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper management of internal resources within the pstore_put_backend_records() function in fs/pstore/inode.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server 15 SP4 LTSS: 15-SP4

SUSE Linux Enterprise High Performance Computing LTSS 15: SP4

SUSE Linux Enterprise High Performance Computing ESPOS 15: SP4

SUSE Linux Enterprise Desktop 15 SP4 LTSS: 15-SP4

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Live Patching: 15-SP4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

cluster-md-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-extra: before 5.14.21-150400.24.119.1

dtb-allwinner: before 5.14.21-150400.24.119.1

kernel-64kb-optional: before 5.14.21-150400.24.119.1

kernel-64kb-optional-debuginfo: before 5.14.21-150400.24.119.1

dtb-sprd: before 5.14.21-150400.24.119.1

dtb-qcom: before 5.14.21-150400.24.119.1

dtb-apple: before 5.14.21-150400.24.119.1

dtb-cavium: before 5.14.21-150400.24.119.1

kernel-64kb-extra-debuginfo: before 5.14.21-150400.24.119.1

dtb-exynos: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-amd: before 5.14.21-150400.24.119.1

dtb-broadcom: before 5.14.21-150400.24.119.1

dtb-hisilicon: before 5.14.21-150400.24.119.1

dtb-amlogic: before 5.14.21-150400.24.119.1

cluster-md-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-xilinx: before 5.14.21-150400.24.119.1

dtb-socionext: before 5.14.21-150400.24.119.1

dtb-lg: before 5.14.21-150400.24.119.1

dtb-altera: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-renesas: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dlm-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-marvell: before 5.14.21-150400.24.119.1

dtb-arm: before 5.14.21-150400.24.119.1

reiserfs-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-amazon: before 5.14.21-150400.24.119.1

dtb-mediatek: before 5.14.21-150400.24.119.1

kernel-64kb-livepatch-devel: before 5.14.21-150400.24.119.1

ocfs2-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-apm: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb-debuginfo: before 5.14.21-150400.24.119.1

dtb-freescale: before 5.14.21-150400.24.119.1

kselftests-kmp-64kb: before 5.14.21-150400.24.119.1

dtb-rockchip: before 5.14.21-150400.24.119.1

dtb-nvidia: before 5.14.21-150400.24.119.1

dtb-aarch64: before 5.14.21-150400.24.119.1

kernel-kvmsmall: before 5.14.21-150400.24.119.1

kselftests-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kselftests-kmp-default: before 5.14.21-150400.24.119.1

kernel-default-optional: before 5.14.21-150400.24.119.1

kernel-default-optional-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-qa: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-base-rebuild: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-kvmsmall-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel: before 5.14.21-150400.24.119.1

kernel-kvmsmall-debugsource: before 5.14.21-150400.24.119.1

kernel-kvmsmall-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug-devel: before 5.14.21-150400.24.119.1

kernel-debug-debugsource: before 5.14.21-150400.24.119.1

kernel-debug-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-debug-debuginfo: before 5.14.21-150400.24.119.1

kernel-debug: before 5.14.21-150400.24.119.1

kernel-docs-html: before 5.14.21-150400.24.119.1

kernel-source-vanilla: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debuginfo: before 5.14.21-150400.24.119.1

kernel-zfcpdump-debugsource: before 5.14.21-150400.24.119.1

kernel-zfcpdump: before 5.14.21-150400.24.119.1

kernel-default-extra-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-extra: before 5.14.21-150400.24.119.1

kernel-docs: before 5.14.21-150400.24.119.1

kernel-source: before 5.14.21-150400.24.119.1

kernel-macros: before 5.14.21-150400.24.119.1

kernel-devel: before 5.14.21-150400.24.119.1

kernel-obs-build-debugsource: before 5.14.21-150400.24.119.1

reiserfs-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-obs-build: before 5.14.21-150400.24.119.1

kernel-default-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-devel: before 5.14.21-150400.24.119.1

reiserfs-kmp-default: before 5.14.21-150400.24.119.1

kernel-syms: before 5.14.21-150400.24.119.1

kernel-64kb-debugsource: before 5.14.21-150400.24.119.1

kernel-64kb-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel-debuginfo: before 5.14.21-150400.24.119.1

kernel-64kb-devel: before 5.14.21-150400.24.119.1

kernel-64kb: before 5.14.21-150400.24.119.1

dlm-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default: before 5.14.21-150400.24.119.1

dlm-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

ocfs2-kmp-default: before 5.14.21-150400.24.119.1

cluster-md-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

gfs2-kmp-default: before 5.14.21-150400.24.119.1

ocfs2-kmp-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default-debuginfo: before 1-150400.9.3.1

kernel-default-livepatch: before 5.14.21-150400.24.119.1

kernel-livepatch-5_14_21-150400_24_119-default: before 1-150400.9.3.1

kernel-livepatch-SLE15-SP4_Update_26-debugsource: before 1-150400.9.3.1

kernel-default-livepatch-devel: before 5.14.21-150400.24.119.1

kernel-default-debuginfo: before 5.14.21-150400.24.119.1

kernel-default-debugsource: before 5.14.21-150400.24.119.1

kernel-default-base: before 5.14.21-150400.24.119.1.150400.24.56.1

kernel-default: before 5.14.21-150400.24.119.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241641-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###