SUSE update for the Linux Kernel



| Updated: 2024-08-05
Risk Critical
Patch available YES
Number of vulnerabilities 249
CVE-ID CVE-2021-4439
CVE-2021-47089
CVE-2021-47432
CVE-2021-47515
CVE-2021-47534
CVE-2021-47538
CVE-2021-47539
CVE-2021-47555
CVE-2021-47566
CVE-2021-47571
CVE-2021-47572
CVE-2021-47576
CVE-2021-47577
CVE-2021-47578
CVE-2021-47580
CVE-2021-47582
CVE-2021-47583
CVE-2021-47584
CVE-2021-47585
CVE-2021-47586
CVE-2021-47587
CVE-2021-47589
CVE-2021-47592
CVE-2021-47595
CVE-2021-47596
CVE-2021-47597
CVE-2021-47600
CVE-2021-47601
CVE-2021-47602
CVE-2021-47603
CVE-2021-47604
CVE-2021-47605
CVE-2021-47607
CVE-2021-47608
CVE-2021-47609
CVE-2021-47610
CVE-2021-47611
CVE-2021-47612
CVE-2021-47614
CVE-2021-47615
CVE-2021-47616
CVE-2021-47617
CVE-2021-47618
CVE-2021-47619
CVE-2021-47620
CVE-2022-48711
CVE-2022-48712
CVE-2022-48713
CVE-2022-48714
CVE-2022-48715
CVE-2022-48716
CVE-2022-48717
CVE-2022-48718
CVE-2022-48720
CVE-2022-48721
CVE-2022-48722
CVE-2022-48723
CVE-2022-48724
CVE-2022-48725
CVE-2022-48726
CVE-2022-48727
CVE-2022-48728
CVE-2022-48729
CVE-2022-48730
CVE-2022-48732
CVE-2022-48733
CVE-2022-48734
CVE-2022-48735
CVE-2022-48736
CVE-2022-48737
CVE-2022-48738
CVE-2022-48739
CVE-2022-48740
CVE-2022-48743
CVE-2022-48744
CVE-2022-48745
CVE-2022-48746
CVE-2022-48747
CVE-2022-48748
CVE-2022-48749
CVE-2022-48751
CVE-2022-48752
CVE-2022-48753
CVE-2022-48754
CVE-2022-48755
CVE-2022-48756
CVE-2022-48758
CVE-2022-48759
CVE-2022-48760
CVE-2022-48761
CVE-2022-48763
CVE-2022-48765
CVE-2022-48766
CVE-2022-48767
CVE-2022-48768
CVE-2022-48769
CVE-2022-48770
CVE-2022-48771
CVE-2022-48772
CVE-2023-24023
CVE-2023-52622
CVE-2023-52658
CVE-2023-52667
CVE-2023-52670
CVE-2023-52672
CVE-2023-52675
CVE-2023-52735
CVE-2023-52737
CVE-2023-52752
CVE-2023-52766
CVE-2023-52784
CVE-2023-52787
CVE-2023-52800
CVE-2023-52835
CVE-2023-52837
CVE-2023-52843
CVE-2023-52845
CVE-2023-52846
CVE-2023-52869
CVE-2023-52881
CVE-2023-52882
CVE-2023-52884
CVE-2024-26625
CVE-2024-26644
CVE-2024-26720
CVE-2024-26842
CVE-2024-26845
CVE-2024-26923
CVE-2024-26973
CVE-2024-27432
CVE-2024-33619
CVE-2024-35247
CVE-2024-35789
CVE-2024-35790
CVE-2024-35807
CVE-2024-35814
CVE-2024-35835
CVE-2024-35848
CVE-2024-35857
CVE-2024-35861
CVE-2024-35862
CVE-2024-35864
CVE-2024-35869
CVE-2024-35878
CVE-2024-35884
CVE-2024-35886
CVE-2024-35896
CVE-2024-35898
CVE-2024-35900
CVE-2024-35905
CVE-2024-35925
CVE-2024-35950
CVE-2024-35956
CVE-2024-35958
CVE-2024-35960
CVE-2024-35962
CVE-2024-35997
CVE-2024-36005
CVE-2024-36008
CVE-2024-36017
CVE-2024-36020
CVE-2024-36021
CVE-2024-36025
CVE-2024-36477
CVE-2024-36478
CVE-2024-36479
CVE-2024-36890
CVE-2024-36894
CVE-2024-36899
CVE-2024-36900
CVE-2024-36904
CVE-2024-36915
CVE-2024-36916
CVE-2024-36917
CVE-2024-36919
CVE-2024-36934
CVE-2024-36937
CVE-2024-36940
CVE-2024-36945
CVE-2024-36949
CVE-2024-36960
CVE-2024-36964
CVE-2024-36965
CVE-2024-36967
CVE-2024-36969
CVE-2024-36971
CVE-2024-36975
CVE-2024-36978
CVE-2024-37021
CVE-2024-37078
CVE-2024-37354
CVE-2024-38381
CVE-2024-38388
CVE-2024-38390
CVE-2024-38540
CVE-2024-38541
CVE-2024-38544
CVE-2024-38545
CVE-2024-38546
CVE-2024-38547
CVE-2024-38548
CVE-2024-38549
CVE-2024-38550
CVE-2024-38552
CVE-2024-38553
CVE-2024-38555
CVE-2024-38556
CVE-2024-38557
CVE-2024-38559
CVE-2024-38560
CVE-2024-38564
CVE-2024-38565
CVE-2024-38567
CVE-2024-38568
CVE-2024-38571
CVE-2024-38573
CVE-2024-38578
CVE-2024-38579
CVE-2024-38580
CVE-2024-38581
CVE-2024-38582
CVE-2024-38583
CVE-2024-38587
CVE-2024-38590
CVE-2024-38591
CVE-2024-38594
CVE-2024-38597
CVE-2024-38599
CVE-2024-38600
CVE-2024-38601
CVE-2024-38603
CVE-2024-38605
CVE-2024-38608
CVE-2024-38616
CVE-2024-38618
CVE-2024-38619
CVE-2024-38621
CVE-2024-38627
CVE-2024-38630
CVE-2024-38633
CVE-2024-38634
CVE-2024-38635
CVE-2024-38659
CVE-2024-38661
CVE-2024-38780
CVE-2024-39301
CVE-2024-39468
CVE-2024-39469
CVE-2024-39471
CWE-ID CWE-125
CWE-401
CWE-190
CWE-476
CWE-200
CWE-119
CWE-416
CWE-399
CWE-908
CWE-369
CWE-667
CWE-20
CWE-835
CWE-388
CWE-193
CWE-191
CWE-362
CWE-347
CWE-415
CWE-451
CWE-366
CWE-682
CWE-665
CWE-269
CWE-264
Exploitation vector Network
Public exploit Public exploit code for vulnerability #100 is available.
Vulnerability #186 is being exploited in the wild.
Vulnerable software
 SUSE Linux Enterprise Micro
Operating systems & Components / Operating system

SUSE Real Time Module
Operating systems & Components / Operating system

SUSE Linux Enterprise Live Patching
Operating systems & Components / Operating system

SUSE Linux Enterprise Server for SAP Applications 15
Operating systems & Components / Operating system

SUSE Linux Enterprise Server 15
Operating systems & Components / Operating system

SUSE Linux Enterprise Real Time 15
Operating systems & Components / Operating system

SUSE Linux Enterprise High Performance Computing 15
Operating systems & Components / Operating system

openSUSE Leap
Operating systems & Components / Operating system

kernel-rt_debug
Operating systems & Components / Operating system package or component

kernel-rt
Operating systems & Components / Operating system package or component

gfs2-kmp-rt
Operating systems & Components / Operating system package or component

cluster-md-kmp-rt-debuginfo
Operating systems & Components / Operating system package or component

kernel-rt-devel
Operating systems & Components / Operating system package or component

kernel-rt-extra
Operating systems & Components / Operating system package or component

kernel-rt-livepatch-devel
Operating systems & Components / Operating system package or component

kernel-rt_debug-debuginfo
Operating systems & Components / Operating system package or component

ocfs2-kmp-rt
Operating systems & Components / Operating system package or component

kernel-rt_debug-livepatch-devel
Operating systems & Components / Operating system package or component

kernel-rt_debug-debugsource
Operating systems & Components / Operating system package or component

kernel-rt-debugsource
Operating systems & Components / Operating system package or component

kernel-rt-vdso-debuginfo
Operating systems & Components / Operating system package or component

kernel-rt-vdso
Operating systems & Components / Operating system package or component

kernel-rt-extra-debuginfo
Operating systems & Components / Operating system package or component

gfs2-kmp-rt-debuginfo
Operating systems & Components / Operating system package or component

kernel-rt-livepatch
Operating systems & Components / Operating system package or component

kselftests-kmp-rt
Operating systems & Components / Operating system package or component

ocfs2-kmp-rt-debuginfo
Operating systems & Components / Operating system package or component

kernel-rt_debug-devel
Operating systems & Components / Operating system package or component

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource
Operating systems & Components / Operating system package or component

kernel-rt_debug-vdso-debuginfo
Operating systems & Components / Operating system package or component

reiserfs-kmp-rt
Operating systems & Components / Operating system package or component

kernel-rt-optional
Operating systems & Components / Operating system package or component

kernel-rt-debuginfo
Operating systems & Components / Operating system package or component

kernel-rt-optional-debuginfo
Operating systems & Components / Operating system package or component

dlm-kmp-rt
Operating systems & Components / Operating system package or component

dlm-kmp-rt-debuginfo
Operating systems & Components / Operating system package or component

kernel-syms-rt
Operating systems & Components / Operating system package or component

kernel-rt_debug-vdso
Operating systems & Components / Operating system package or component

kernel-rt-devel-debuginfo
Operating systems & Components / Operating system package or component

kernel-rt_debug-devel-debuginfo
Operating systems & Components / Operating system package or component

cluster-md-kmp-rt
Operating systems & Components / Operating system package or component

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo
Operating systems & Components / Operating system package or component

reiserfs-kmp-rt-debuginfo
Operating systems & Components / Operating system package or component

kselftests-kmp-rt-debuginfo
Operating systems & Components / Operating system package or component

kernel-livepatch-5_14_21-150500_13_61-rt
Operating systems & Components / Operating system package or component

kernel-source-rt
Operating systems & Components / Operating system package or component

kernel-devel-rt
Operating systems & Components / Operating system package or component

Vendor SUSE

Security Bulletin

This security bulletin contains information about 249 vulnerabilities.

1) Out-of-bounds read

EUVDB-ID: #VU92900

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-4439

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the detach_capi_ctr() function in drivers/isdn/capi/kcapi.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Memory leak

EUVDB-ID: #VU90020

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47089

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the kfence_debugfs_init() function in mm/kfence/core.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Integer overflow

EUVDB-ID: #VU91179

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47432

CWE-ID: CWE-190 - Integer overflow

Exploit availability: No

Description

The vulnerability allows a local user to execute arbitrary code.

The vulnerability exists due to integer overflow within the __genradix_iter_peek() function in lib/generic-radix-tree.c. A local user can execute arbitrary code.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) NULL pointer dereference

EUVDB-ID: #VU90391

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47515

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the seg6_do_srh_encap() function in net/ipv6/seg6_iptunnel.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Memory leak

EUVDB-ID: #VU91617

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47534

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the vc4_atomic_commit_tail() function in drivers/gpu/drm/vc4/vc4_kms.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Information disclosure

EUVDB-ID: #VU91325

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47538

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to information disclosure within the rxrpc_create_peer(), rxrpc_lookup_peer(), __rxrpc_put_peer() and rxrpc_put_peer_locked() functions in net/rxrpc/peer_object.c. A local user can gain access to sensitive information.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Information disclosure

EUVDB-ID: #VU91328

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47539

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to information disclosure within the rxrpc_get_bundle() and rxrpc_look_up_bundle() functions in net/rxrpc/conn_client.c. A local user can gain access to sensitive information.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) Memory leak

EUVDB-ID: #VU91616

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47555

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the vlan_dev_init() function in net/8021q/vlan_dev.c, within the register_vlan_dev() function in net/8021q/vlan.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

9) Buffer overflow

EUVDB-ID: #VU93289

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47566

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to memory corruption within the read_from_oldmem() function in fs/proc/vmcore.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

10) Use-after-free

EUVDB-ID: #VU91051

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47571

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the _rtl92e_pci_disconnect() function in drivers/staging/rtl8192e/rtl8192e/rtl_core.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

11) NULL pointer dereference

EUVDB-ID: #VU90402

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47572

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the nh_create_ipv6() function in net/ipv4/nexthop.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

12) Use-after-free

EUVDB-ID: #VU92299

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47576

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the resp_mode_select() function in drivers/scsi/scsi_debug.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

13) Resource management error

EUVDB-ID: #VU93265

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47577

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the io_acct_cancel_pending_work(), io_queue_worker_create(), io_wq_exit_start() and io_wq_exit_workers() functions in fs/io-wq.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

14) NULL pointer dereference

EUVDB-ID: #VU92340

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47578

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the resp_verify() and resp_report_zones() functions in drivers/scsi/scsi_debug.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

15) Out-of-bounds read

EUVDB-ID: #VU92318

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47580

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the p_fill_from_dev_buffer(), resp_inquiry(), resp_requests(), resp_mode_sense(), resp_ie_l_pg(), resp_log_sense() and resp_report_zones() functions in drivers/scsi/scsi_debug.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

16) Resource management error

EUVDB-ID: #VU93277

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47582

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the usbdev_release(), do_proc_control() and do_proc_bulk() functions in drivers/usb/core/devio.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

17) Use of uninitialized resource

EUVDB-ID: #VU92933

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47583

CWE-ID: CWE-908 - Use of Uninitialized Resource

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to use of uninitialized resource within the mxl111sf_init() and mxl111sf_get_stream_config_dvbt() functions in drivers/media/usb/dvb-usb-v2/mxl111sf.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

18) Division by zero

EUVDB-ID: #VU92379

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47584

CWE-ID: CWE-369 - Divide By Zero

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a division by zero error within the ioc_timer_fn() function in block/blk-iocost.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

19) Memory leak

EUVDB-ID: #VU92290

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47585

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the fs/btrfs/tree-log.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

20) Out-of-bounds read

EUVDB-ID: #VU92315

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47586

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the rk_gmac_setup() function in drivers/net/ethernet/stmicro/stmmac/dwmac-rk.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

21) Improper locking

EUVDB-ID: #VU92353

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47587

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the tdma_port_write_desc_addr() and bcm_sysport_open() functions in drivers/net/ethernet/broadcom/bcmsysport.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

22) Use-after-free

EUVDB-ID: #VU92300

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47589

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the igbvf_probe() function in drivers/net/ethernet/intel/igbvf/netdev.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

23) NULL pointer dereference

EUVDB-ID: #VU92334

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47592

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the tc_setup_cls_u32(), tc_init(), tc_del_flow() and tc_add_vlan_flow() functions in drivers/net/ethernet/stmicro/stmmac/stmmac_tc.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

24) Buffer overflow

EUVDB-ID: #VU93133

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47595

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the ets_qdisc_change() function in net/sched/sch_ets.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

25) Use-after-free

EUVDB-ID: #VU92301

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47596

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the hclgevf_send_mbx_msg() function in drivers/net/ethernet/hisilicon/hns3/hns3vf/hclgevf_mbx.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

26) Use of uninitialized resource

EUVDB-ID: #VU92934

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47597

CWE-ID: CWE-908 - Use of Uninitialized Resource

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to use of uninitialized resource within the inet_sk_diag_fill() function in net/ipv4/inet_diag.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

27) Use-after-free

EUVDB-ID: #VU92303

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47600

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the rebalance_children() function in drivers/md/persistent-data/dm-btree-remove.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

28) NULL pointer dereference

EUVDB-ID: #VU92337

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47601

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the copy_ta_binary() function in drivers/tee/amdtee/core.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

29) Use of uninitialized resource

EUVDB-ID: #VU92372

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47602

CWE-ID: CWE-908 - Use of Uninitialized Resource

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to use of uninitialized resource within the ieee80211_sta_tx_wmm_ac_notify() function in net/mac80211/mlme.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

30) Improper locking

EUVDB-ID: #VU92355

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47603

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the kauditd_send_queue() and audit_net_init() functions in kernel/audit.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

31) Out-of-bounds read

EUVDB-ID: #VU92316

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47604

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the vduse_vdpa_get_config() function in drivers/vdpa/vdpa_user/vduse_dev.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

32) Out-of-bounds read

EUVDB-ID: #VU92317

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47605

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the vduse_dev_ioctl() function in drivers/vdpa/vdpa_user/vduse_dev.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

33) Memory leak

EUVDB-ID: #VU92291

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47607

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the check_atomic() function in kernel/bpf/verifier.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

34) Memory leak

EUVDB-ID: #VU92292

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47608

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the check_atomic() function in kernel/bpf/verifier.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

35) Buffer overflow

EUVDB-ID: #VU93303

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47609

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to memory corruption within the scpi_pm_domain_probe() function in drivers/firmware/scpi_pm_domain.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

36) NULL pointer dereference

EUVDB-ID: #VU92338

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47610

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the msm_ioctl_gem_submit() function in drivers/gpu/drm/msm/msm_gem_submit.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

37) Input validation error

EUVDB-ID: #VU93309

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47611

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the ieee802_11_parse_elems_crc() function in net/mac80211/util.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

38) NULL pointer dereference

EUVDB-ID: #VU92339

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47612

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the nfc_genl_dump_devices_done() function in net/nfc/netlink.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

39) Use-after-free

EUVDB-ID: #VU92993

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47614

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the add_pble_prm() function in drivers/infiniband/hw/irdma/pble.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

40) Improper locking

EUVDB-ID: #VU92357

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47615

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the mlx5_ib_dereg_mr(), mlx5_ib_alloc_pi_mr() and __mlx5_ib_alloc_mr() functions in drivers/infiniband/hw/mlx5/mr.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

41) Use-after-free

EUVDB-ID: #VU92304

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47616

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the rxe_qp_from_init() function in drivers/infiniband/sw/rxe/rxe_qp.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

42) Infinite loop

EUVDB-ID: #VU92929

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47617

CWE-ID: CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to infinite loop within the pciehp_ist() function in drivers/pci/hotplug/pciehp_hpc.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

43) NULL pointer dereference

EUVDB-ID: #VU92918

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47618

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the obj-$() function in arch/arm/probes/kprobes/Makefile. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

44) NULL pointer dereference

EUVDB-ID: #VU92919

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47619

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the i40e_get_lump() function in drivers/net/ethernet/intel/i40e/i40e_main.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

45) Out-of-bounds read

EUVDB-ID: #VU92905

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47620

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the hci_le_adv_report_evt() function in net/bluetooth/hci_event.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

46) Input validation error

EUVDB-ID: #VU92925

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48711

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the tipc_mon_rcv() function in net/tipc/monitor.c, within the tipc_link_proto_rcv() function in net/tipc/link.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

47) Improper error handling

EUVDB-ID: #VU92926

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48712

CWE-ID: CWE-388 - Error Handling

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the ext4_fc_record_modified_inode(), ext4_fc_replay_inode(), ext4_fc_replay_add_range(), ext4_ext_replay_shrink_inode() and ext4_fc_replay_del_range() functions in fs/ext4/fast_commit.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

48) NULL pointer dereference

EUVDB-ID: #VU92920

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48713

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the pt_handle_status() function in arch/x86/events/intel/pt.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

49) Out-of-bounds read

EUVDB-ID: #VU92906

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48714

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the bpf_ringbuf_area_alloc() function in kernel/bpf/ringbuf.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

50) Resource management error

EUVDB-ID: #VU93180

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48715

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the bnx2fc_l2_rcv_thread() and bnx2fc_recv_frame() functions in drivers/scsi/bnx2fc/bnx2fc_fcoe.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

51) Buffer overflow

EUVDB-ID: #VU93249

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48716

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the wcd938x_sdw_connect_port(), wcd938x_set_compander(), wcd938x_get_swr_port() and wcd938x_set_swr_port() functions in sound/soc/codecs/wcd938x.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

52) Out-of-bounds read

EUVDB-ID: #VU92907

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48717

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the speaker_gain_control_put() function in sound/soc/codecs/max9759.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

53) NULL pointer dereference

EUVDB-ID: #VU92921

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48718

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the mxsfb_crtc_atomic_enable() function in drivers/gpu/drm/mxsfb/mxsfb_kms.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

54) Memory leak

EUVDB-ID: #VU92891

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48720

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the macsec_common_dellink() and macsec_dellink() functions in drivers/net/macsec.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

55) Improper locking

EUVDB-ID: #VU92924

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48721

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the smc_stat_fallback(), smc_switch_to_fallback() and smc_clcsock_data_ready() functions in net/smc/af_smc.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

56) Memory leak

EUVDB-ID: #VU92892

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48722

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the ca8210_async_xmit_complete() function in drivers/net/ieee802154/ca8210.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

57) Memory leak

EUVDB-ID: #VU92893

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48723

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the uniphier_spi_probe() function in drivers/spi/spi-uniphier.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

58) Memory leak

EUVDB-ID: #VU92880

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48724

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the intel_setup_irq_remapping() function in drivers/iommu/intel_irq_remapping.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

59) Memory leak

EUVDB-ID: #VU92881

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48725

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the siw_create_qp() function in drivers/infiniband/sw/siw/siw_verbs.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

60) Use-after-free

EUVDB-ID: #VU92894

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48726

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the ucma_alloc_ctx(), ucma_cleanup_multicast(), ucma_process_join(), mutex_unlock() and ucma_leave_multicast() functions in drivers/infiniband/core/ucma.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

61) Improper error handling

EUVDB-ID: #VU92939

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48727

CWE-ID: CWE-388 - Error Handling

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the arch/arm64/kvm/hyp/include/hyp/switch.h. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

62) NULL pointer dereference

EUVDB-ID: #VU92908

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48728

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the hfi1_ipoib_netdev_dtor() and hfi1_ipoib_setup_rn() functions in drivers/infiniband/hw/hfi1/ipoib_main.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

63) Resource management error

EUVDB-ID: #VU92958

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48729

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the hfi1_ipoib_txreq_init() function in drivers/infiniband/hw/hfi1/ipoib_tx.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

64) Memory leak

EUVDB-ID: #VU92882

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48730

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the dma_heap_ioctl() function in drivers/dma-buf/dma-heap.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

65) Off-by-one

EUVDB-ID: #VU92927

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48732

CWE-ID: CWE-193 - Off-by-one Error

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an off-by-one error within the nvbios_addr() function in drivers/gpu/drm/nouveau/nvkm/subdev/bios/base.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

66) Use-after-free

EUVDB-ID: #VU92895

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48733

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the btrfs_wait_delalloc_flush() and btrfs_commit_transaction() functions in fs/btrfs/transaction.c, within the create_snapshot() function in fs/btrfs/ioctl.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

67) Improper locking

EUVDB-ID: #VU92922

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48734

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the btrfs_quota_disable() and qgroup_rescan_init() functions in fs/btrfs/qgroup.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

68) Use-after-free

EUVDB-ID: #VU92896

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48735

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the snd_hda_gen_spec_free() and create_mute_led_cdev() functions in sound/pci/hda/hda_generic.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

69) Out-of-bounds read

EUVDB-ID: #VU92901

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48736

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the snd_soc_put_xr_sx() function in sound/soc/soc-ops.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

70) Out-of-bounds read

EUVDB-ID: #VU92902

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48737

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the snd_soc_put_volsw_sx() function in sound/soc/soc-ops.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

71) Out-of-bounds read

EUVDB-ID: #VU92903

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48738

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the snd_soc_put_volsw() function in sound/soc/soc-ops.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

72) Out-of-bounds read

EUVDB-ID: #VU92904

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48739

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the include/uapi/sound/asound.h, sound/soc/codecs/hdmi-codec.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

73) NULL pointer dereference

EUVDB-ID: #VU92909

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48740

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the cond_list_destroy() and cond_read_list() functions in security/selinux/ss/conditional.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

74) Integer underflow

EUVDB-ID: #VU92928

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48743

CWE-ID: CWE-191 - Integer underflow

Exploit availability: No

Description

The vulnerability allows a local user to execute arbitrary code.

The vulnerability exists due to integer underflow within the xgbe_rx_buf2_len() function in drivers/net/ethernet/amd/xgbe/xgbe-drv.c. A local user can execute arbitrary code.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

75) Buffer overflow

EUVDB-ID: #VU92950

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48744

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to memory corruption within the mlx5e_xmit_xdp_frame() function in drivers/net/ethernet/mellanox/mlx5/core/en/xdp.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

76) Race condition

EUVDB-ID: #VU92930

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48745

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a race condition within the mlx5_stop_sync_reset_poll() function in drivers/net/ethernet/mellanox/mlx5/core/fw_reset.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

77) NULL pointer dereference

EUVDB-ID: #VU92911

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48746

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the mlx5e_rep_bond_unslave(), mlx5e_rep_changelowerstate_event(), mlx5e_rep_changeupper_event() and mlx5e_rep_esw_bond_netevent() functions in drivers/net/ethernet/mellanox/mlx5/core/en/rep/bond.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

78) Use of uninitialized resource

EUVDB-ID: #VU92932

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48747

CWE-ID: CWE-908 - Use of Uninitialized Resource

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to use of uninitialized resource within the bio_truncate() function in block/bio.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

79) Memory leak

EUVDB-ID: #VU92884

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48748

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the __allowed_ingress() function in net/bridge/br_vlan.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

80) NULL pointer dereference

EUVDB-ID: #VU92912

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48749

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the dpu_setup_dspp_pcc() function in drivers/gpu/drm/msm/disp/dpu1/dpu_hw_dspp.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

81) NULL pointer dereference

EUVDB-ID: #VU92914

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48751

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the smc_stat_fallback(), smc_switch_to_fallback(), smc_listen_decline(), smc_listen_work(), smc_sendmsg(), smc_setsockopt() and smc_getsockopt() functions in net/smc/af_smc.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

82) Resource management error

EUVDB-ID: #VU92959

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48752

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the power_pmu_disable() function in arch/powerpc/perf/core-book3s.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

83) Memory leak

EUVDB-ID: #VU92885

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48753

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the disk_register_independent_access_ranges() function in block/blk-ia-ranges.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

84) Use-after-free

EUVDB-ID: #VU92898

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48754

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the phy_detach() function in drivers/net/phy/phy_device.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

85) Resource management error

EUVDB-ID: #VU92978

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48755

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the EMIT() function in arch/powerpc/net/bpf_jit_comp64.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

86) NULL pointer dereference

EUVDB-ID: #VU92915

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48756

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the msm_dsi_phy_driver_unregister() function in drivers/gpu/drm/msm/dsi/phy/dsi_phy.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

87) Resource management error

EUVDB-ID: #VU92960

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48758

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the bnx2fc_bind_pcidev(), bnx2fc_indicate_netevent(), bnx2fc_vport_destroy(), bnx2fc_if_create(), __bnx2fc_destroy(), bnx2fc_destroy_work() and bnx2fc_ulp_exit() functions in drivers/scsi/bnx2fc/bnx2fc_fcoe.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

88) Race condition

EUVDB-ID: #VU92931

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48759

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a race condition within the rpmsg_ctrldev_release_device(), rpmsg_chrdev_probe() and rpmsg_chrdev_remove() functions in drivers/rpmsg/rpmsg_char.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

89) Buffer overflow

EUVDB-ID: #VU92976

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48760

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the usb_kill_urb() and usb_poison_urb() functions in drivers/usb/core/urb.c, within the __usb_hcd_giveback_urb() function in drivers/usb/core/hcd.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

90) Resource management error

EUVDB-ID: #VU92979

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48761

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the xhci_plat_suspend() function in drivers/usb/host/xhci-plat.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

91) Memory leak

EUVDB-ID: #VU92887

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48763

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the kvm_vcpu_ioctl_x86_set_vcpu_events() function in arch/x86/kvm/x86.c, within the nested_vmx_hardware_setup() function in arch/x86/kvm/vmx/nested.c, within the svm_set_efer() function in arch/x86/kvm/svm/svm.c, within the svm_free_nested() and svm_set_nested_state() functions in arch/x86/kvm/svm/nested.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

92) Resource management error

EUVDB-ID: #VU93276

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48765

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the kvm_apic_set_state() function in arch/x86/kvm/lapic.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

93) Resource management error

EUVDB-ID: #VU93290

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48766

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the dcn301_fpu_init_soc_bounding_box() function in drivers/gpu/drm/amd/display/dc/dml/dcn301/dcn301_fpu.c, within the set_wm_ranges() function in drivers/gpu/drm/amd/display/dc/dcn301/dcn301_resource.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

94) Memory leak

EUVDB-ID: #VU92889

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48767

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the restore_deleg_ino() function in fs/ceph/file.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

95) Memory leak

EUVDB-ID: #VU92890

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48768

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the trace_action_create() function in kernel/trace/trace_events_hist.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

96) Buffer overflow

EUVDB-ID: #VU93248

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48769

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the efi_systab_report_header() function in drivers/firmware/efi/efi.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

97) Resource management error

EUVDB-ID: #VU92980

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48770

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the BPF_CALL_4() function in kernel/bpf/stackmap.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

98) Use-after-free

EUVDB-ID: #VU92899

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48771

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the vmw_kms_helper_buffer_finish() function in drivers/gpu/drm/vmwgfx/vmwgfx_kms.c, within the vmw_fence_event_ioctl() function in drivers/gpu/drm/vmwgfx/vmwgfx_fence.c, within the vmw_execbuf_fence_commands(), vmw_execbuf_copy_fence_user() and vmw_execbuf_process() functions in drivers/gpu/drm/vmwgfx/vmwgfx_execbuf.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

99) NULL pointer dereference

EUVDB-ID: #VU93327

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48772

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the lgdt3306a_probe() function in drivers/media/dvb-frontends/lgdt3306a.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

100) Improper Verification of Cryptographic Signature

EUVDB-ID: #VU83116

Risk: Medium

CVSSv4.0: [CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:P/U:Green]

CVE-ID: CVE-2023-24023

CWE-ID: CWE-347 - Improper Verification of Cryptographic Signature

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a MitM attack.

The vulnerability exists due to improper verification of cryptographic signature in bluetooth implementation. A remote attacker with physical proximity to the system can perform MitM attack and potentially compromise the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

101) Buffer overflow

EUVDB-ID: #VU93471

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52622

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to memory corruption within the alloc_flex_gd() and ext4_setup_next_flex_gd() functions in fs/ext4/resize.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

102) Input validation error

EUVDB-ID: #VU93683

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52658

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the esw_inline_mode_to_devlink() and mlx5_devlink_eswitch_mode_set() functions in drivers/net/ethernet/mellanox/mlx5/core/eswitch_offloads.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

103) Double free

EUVDB-ID: #VU90922

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52667

CWE-ID: CWE-415 - Double Free

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a double free error within the fs_any_create_groups() function in drivers/net/ethernet/mellanox/mlx5/core/en/fs_tt_redirect.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

104) Memory leak

EUVDB-ID: #VU89988

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52670

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the virtio_rpmsg_release_device() function in drivers/rpmsg/virtio_rpmsg_bus.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

105) Improper locking

EUVDB-ID: #VU92024

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52672

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the pipe_resize_ring() and pipe_set_size() functions in fs/pipe.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

106) NULL pointer dereference

EUVDB-ID: #VU90547

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52675

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the update_events_in_group() function in arch/powerpc/perf/imc-pmu.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

107) Memory leak

EUVDB-ID: #VU91621

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52735

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the sock_map_unhash(), sock_map_destroy() and sock_map_close() functions in net/core/sock_map.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

108) Improper locking

EUVDB-ID: #VU90740

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52737

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the extent_fiemap() and unlock_extent() functions in fs/btrfs/extent_io.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

109) Use-after-free

EUVDB-ID: #VU90068

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52752

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the seq_printf() and spin_unlock() functions in fs/smb/client/cifs_debug.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

110) Out-of-bounds read

EUVDB-ID: #VU91086

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52766

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the hci_dma_irq_handler() function in drivers/i3c/master/mipi-i3c-hci/dma.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

111) Improper error handling

EUVDB-ID: #VU93650

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52784

CWE-ID: CWE-388 - Error Handling

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the bond_setup_by_slave() function in drivers/net/bonding/bond_main.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

112) Resource management error

EUVDB-ID: #VU92966

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52787

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the blk_mq_get_new_requests(), blk_mq_get_cached_request() and blk_mq_submit_bio() functions in block/blk-mq.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

113) Use-after-free

EUVDB-ID: #VU90071

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52800

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the ath11k_htt_pktlog() function in drivers/net/wireless/ath/ath11k/dp_rx.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

114) Out-of-bounds read

EUVDB-ID: #VU91084

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52835

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the rb_alloc_aux() function in kernel/events/ring_buffer.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

115) Use-after-free

EUVDB-ID: #VU90080

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52837

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the nbd_dev_remove(), nbd_release() and IS_ENABLED() functions in drivers/block/nbd.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

116) Use of uninitialized resource

EUVDB-ID: #VU90868

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52843

CWE-ID: CWE-908 - Use of Uninitialized Resource

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to use of uninitialized resource within the llc_station_ac_send_test_r() function in net/llc/llc_station.c, within the llc_sap_action_send_test_r() function in net/llc/llc_s_ac.c, within the llc_fixup_skb() function in net/llc/llc_input.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

117) Use of uninitialized resource

EUVDB-ID: #VU90867

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52845

CWE-ID: CWE-908 - Use of Uninitialized Resource

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to use of uninitialized resource within the net/tipc/netlink.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

118) Use-after-free

EUVDB-ID: #VU91055

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52846

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the prp_create_tagged_frame() function in net/hsr/hsr_forward.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

119) NULL pointer dereference

EUVDB-ID: #VU90423

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52869

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the pstore_register() function in fs/pstore/platform.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

120) Spoofing attack

EUVDB-ID: #VU89895

Risk: Medium

CVSSv4.0: [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2023-52881

CWE-ID: CWE-451 - User Interface (UI) Misrepresentation of Critical Information (Clickjacking, spoofing)

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform spoofing attack.

The vulnerability exists due to an error within the tcp_ack() function in net/ipv4/tcp_input.c, which can result in system accepting ACK responses for bytes that were never sent. A remote attacker can perform spoofing attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

121) Input validation error

EUVDB-ID: #VU93673

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52882

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the sun50i_h6_ccu_probe() function in drivers/clk/sunxi-ng/ccu-sun50i-h6.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

122) Improper locking

EUVDB-ID: #VU93035

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52884

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the cyapa_suspend() and cyapa_resume() functions in drivers/input/mouse/cyapa.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

123) Use-after-free

EUVDB-ID: #VU87344

Risk: Medium

CVSSv4.0: [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2024-26625

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a use-after-free error in net/llc/af_llc.c when handling orphan sockets. A remote attacker can send specially crafted packets to the system and perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

124) Improper locking

EUVDB-ID: #VU91535

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-26644

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the create_snapshot() function in fs/btrfs/ioctl.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

125) Division by zero

EUVDB-ID: #VU91379

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-26720

CWE-ID: CWE-369 - Divide By Zero

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a division by zero error within the wb_dirty_limits() function in mm/page-writeback.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

126) Out-of-bounds read

EUVDB-ID: #VU91097

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-26842

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the ufshcd_cmd_inflight() and ufshcd_clear_cmd() functions in drivers/ufs/core/ufshcd.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

127) Improper locking

EUVDB-ID: #VU93388

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-26845

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the transport_generic_handle_tmr() function in drivers/target/target_core_transport.c, within the transport_lookup_tmr_lun() and rcu_dereference_raw() functions in drivers/target/target_core_device.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

128) Improper locking

EUVDB-ID: #VU92035

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-26923

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to improper locking within the unix_gc() function in net/unix/garbage.c due to garbage collector does not take into account the risk of embryo getting enqueued during the garbage collection. A local user can execute arbitrary code with elevated privileges.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

129) Information disclosure

EUVDB-ID: #VU91360

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-26973

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to information disclosure within the fat_encode_fh_nostale() function in fs/fat/nfs.c. A local user can gain access to sensitive information.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

130) Resource management error

EUVDB-ID: #VU93774

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-27432

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the mtk_ppe_start() and mtk_ppe_stop() functions in drivers/net/ethernet/mediatek/mtk_ppe.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

131) Use of uninitialized resource

EUVDB-ID: #VU93041

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-33619

CWE-ID: CWE-908 - Use of Uninitialized Resource

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to use of uninitialized resource within the efi_free() function in drivers/firmware/efi/libstub/fdt.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

132) NULL pointer dereference

EUVDB-ID: #VU93122

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-35247

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the fpga_region_get(), fpga_region_put(), ATTRIBUTE_GROUPS(), fpga_region_register_full(), ERR_PTR() and EXPORT_SYMBOL_GPL() functions in drivers/fpga/fpga-region.c, within the fpga_region_register_full() function in Documentation/driver-api/fpga/fpga-region.rst. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

133) Use-after-free

EUVDB-ID: #VU90167

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-35789

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the ieee80211_change_station() function in net/mac80211/cfg.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

134) NULL pointer dereference

EUVDB-ID: #VU90554

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-35790

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the hpd_show(), dp_altmode_probe(), dp_altmode_remove() and module_typec_altmode_driver() functions in drivers/usb/typec/altmodes/displayport.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

135) Resource management error

EUVDB-ID: #VU93270

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-35807

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the EXT4_DESC_PER_BLOCK() function in fs/ext4/resize.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

136) Resource management error

EUVDB-ID: #VU91612

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-35814

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to double allocation of slots within the swiotlb_area_find_slots() function in kernel/dma/swiotlb.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

137) Double free

EUVDB-ID: #VU90923

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-35835

CWE-ID: CWE-415 - Double Free

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a double free error within the arfs_create_groups() function in drivers/net/ethernet/mellanox/mlx5/core/en_arfs.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

138) Buffer overflow

EUVDB-ID: #VU91199

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-35848

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to memory corruption within the at24_probe() function in drivers/misc/eeprom/at24.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

139) NULL pointer dereference

EUVDB-ID: #VU91235

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-35857

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the icmp_build_probe() function in net/ipv4/icmp.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

140) Use-after-free

EUVDB-ID: #VU90150

Risk: Medium

CVSSv4.0: [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2024-35861

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a use-after-free error within the cifs_signal_cifsd_for_reconnect() function in fs/smb/client/connect.c. A remote non-authenticated attacker can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

141) Use-after-free

EUVDB-ID: #VU90152

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-35862

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a use-after-free error within the smb2_is_network_name_deleted() function in fs/smb/client/smb2ops.c. A remote non-authenticated attacker can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

142) Use-after-free

EUVDB-ID: #VU90149

Risk: Medium

CVSSv4.0: [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2024-35864

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a use-after-free error within the smb2_is_valid_lease_break() function in fs/smb/client/smb2misc.c. A remote non-authenticated attacker can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

143) Use-after-free

EUVDB-ID: #VU90157

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-35869

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a use-after-free error within the tcon_info_alloc() and tconInfoFree() functions in fs/smb/client/misc.c, within the dfs_cache_remount_fs() function in fs/smb/client/dfs_cache.c, within the get_session(), __dfs_mount_share() and dfs_mount_share() functions in fs/smb/client/dfs.c, within the match_session(), cifs_get_smb_ses(), cifs_mount_put_conns() and cifs_mount() functions in fs/smb/client/connect.c. A remote non-authenticated attacker can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

144) NULL pointer dereference

EUVDB-ID: #VU90508

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-35878

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the of_modalias() function in drivers/of/module.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

145) Buffer overflow

EUVDB-ID: #VU93150

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-35884

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the udp_gro_receive() function in net/ipv4/udp_offload.c, within the __udp_is_mcast_sock() function in net/ipv4/udp.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

146) Infinite loop

EUVDB-ID: #VU91413

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-35886

CWE-ID: CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to infinite loop within the inet6_dump_fib() function in net/ipv6/ip6_fib.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

147) Out-of-bounds read

EUVDB-ID: #VU90309

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-35896

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the do_replace() and compat_do_replace() functions in net/ipv6/netfilter/ip6_tables.c, within the do_replace() and compat_do_replace() functions in net/ipv4/netfilter/ip_tables.c, within the do_replace() and compat_do_replace() functions in net/ipv4/netfilter/arp_tables.c, within the do_replace(), update_counters() and compat_update_counters() functions in net/bridge/netfilter/ebtables.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

148) Race condition within a thread

EUVDB-ID: #VU91427

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-35898

CWE-ID: CWE-366 - Race Condition within a Thread

Exploit availability: No

Description

The vulnerability allows a local user to manipulate data.

The vulnerability exists due to a data race within the nf_tables_flowtable_parse_hook() and nft_flowtable_type_get() functions in net/netfilter/nf_tables_api.c. A local user can manipulate data.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

149) Incorrect calculation

EUVDB-ID: #VU93613

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-35900

CWE-ID: CWE-682 - Incorrect Calculation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to incorrect calculation within the nf_tables_addchain() function in net/netfilter/nf_tables_api.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

150) Out-of-bounds read

EUVDB-ID: #VU90307

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-35905

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the check_stack_access_within_bounds() function in kernel/bpf/verifier.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

151) Division by zero

EUVDB-ID: #VU91373

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-35925

CWE-ID: CWE-369 - Divide By Zero

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a division by zero error within the blk_rq_stat_init() function in block/blk-stat.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

152) Use-after-free

EUVDB-ID: #VU92212

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-35950

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the drm_client_modeset_probe() function in drivers/gpu/drm/drm_client_modeset.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

153) Information disclosure

EUVDB-ID: #VU91343

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-35956

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to information disclosure within the btrfs_subvolume_reserve_metadata() function in fs/btrfs/root-tree.c, within the create_subvol() and create_snapshot() functions in fs/btrfs/ioctl.c, within the btrfs_delete_subvolume() and btrfs_end_transaction() functions in fs/btrfs/inode.c. A local user can gain access to sensitive information.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

154) Resource management error

EUVDB-ID: #VU93255

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-35958

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the ena_unmap_tx_buff() and ena_free_tx_bufs() functions in drivers/net/ethernet/amazon/ena/ena_netdev.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

155) Improper Initialization

EUVDB-ID: #VU93351

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-35960

CWE-ID: CWE-665 - Improper Initialization

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper initialization within the add_rule_fg() function in drivers/net/ethernet/mellanox/mlx5/core/fs_core.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

156) Input validation error

EUVDB-ID: #VU93176

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-35962

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the do_replace() and compat_do_replace() functions in net/ipv6/netfilter/ip6_tables.c, within the do_replace() and compat_do_replace() functions in net/ipv4/netfilter/ip_tables.c, within the do_replace() and compat_do_replace() functions in net/ipv4/netfilter/arp_tables.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

157) Infinite loop

EUVDB-ID: #VU91412

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-35997

CWE-ID: CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to infinite loop within the __i2c_hid_command() and i2c_hid_irq() functions in drivers/hid/i2c-hid/i2c-hid-core.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

158) Resource management error

EUVDB-ID: #VU93190

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-36005

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the nft_netdev_event() function in net/netfilter/nft_chain_filter.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

159) NULL pointer dereference

EUVDB-ID: #VU92068

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-36008

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the ip_route_use_hint() function in net/ipv4/route.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

160) Out-of-bounds read

EUVDB-ID: #VU93081

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-36017

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the do_setvfinfo() function in net/core/rtnetlink.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

161) Use of uninitialized resource

EUVDB-ID: #VU91675

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-36020

CWE-ID: CWE-908 - Use of Uninitialized Resource

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to use of uninitialized resource within the i40e_reset_all_vfs() function in drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

162) Improper Initialization

EUVDB-ID: #VU91548

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-36021

CWE-ID: CWE-665 - Improper Initialization

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper initialization within the hclge_init_ae_dev() and hclge_comm_cmd_uninit() functions in drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_main.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

163) Off-by-one

EUVDB-ID: #VU91172

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-36025

CWE-ID: CWE-193 - Off-by-one Error

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an off-by-one error within the qla_edif_app_getstats() function in drivers/scsi/qla2xxx/qla_edif.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

164) Out-of-bounds read

EUVDB-ID: #VU93022

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-36477

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the tpm_tis_spi_write_bytes() function in drivers/char/tpm/tpm_tis_spi_main.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

165) NULL pointer dereference

EUVDB-ID: #VU93029

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-36478

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the nullb_update_nr_hw_queues(), nullb_device_power_store(), null_add_dev() and null_create_dev() functions in drivers/block/null_blk/main.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

166) NULL pointer dereference

EUVDB-ID: #VU93123

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-36479

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the fpga_bridge_disable(), of_fpga_bridge_get(), fpga_bridge_dev_match(), fpga_bridge_get(), fpga_bridge_put(), ATTRIBUTE_GROUPS(), fpga_bridge_register() and ERR_PTR() functions in drivers/fpga/fpga-bridge.c, within the fpga_bridge_register() function in Documentation/driver-api/fpga/fpga-bridge.rst. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

167) Resource management error

EUVDB-ID: #VU93391

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-36890

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the include/linux/slab.h. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

168) Improper locking

EUVDB-ID: #VU90735

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-36894

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the ffs_user_copy_worker() and ffs_epfile_async_io_complete() functions in drivers/usb/gadget/function/f_fs.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

169) Use-after-free

EUVDB-ID: #VU90048

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-36899

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the gpio_chrdev_release() function in drivers/gpio/gpiolib-cdev.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

170) Improper Initialization

EUVDB-ID: #VU91547

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-36900

CWE-ID: CWE-665 - Improper Initialization

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper initialization within the hclgevf_init_hdev() and hclge_comm_cmd_uninit() functions in drivers/net/ethernet/hisilicon/hns3/hns3vf/hclgevf_main.c, within the hclge_init_ae_dev() and pci_free_irq_vectors() functions in drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_main.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

171) Use-after-free

EUVDB-ID: #VU90047

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-36904

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the tcp_twsk_unique() function in net/ipv4/tcp_ipv4.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

172) Out-of-bounds read

EUVDB-ID: #VU90268

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-36915

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the nfc_llcp_setsockopt() function in net/nfc/llcp_sock.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

173) Out-of-bounds read

EUVDB-ID: #VU90273

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-36916

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the iocg_kick_delay() function in block/blk-iocost.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

174) Buffer overflow

EUVDB-ID: #VU92094

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-36917

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to memory corruption within the blk_ioctl_discard() function in block/ioctl.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

175) Improper locking

EUVDB-ID: #VU92010

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-36919

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the bnx2fc_free_session_resc() function in drivers/scsi/bnx2fc/bnx2fc_tgt.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

176) Out-of-bounds read

EUVDB-ID: #VU90266

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-36934

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the bnad_debugfs_write_regrd() and bnad_debugfs_write_regwr() functions in drivers/net/ethernet/brocade/bna/bnad_debugfs.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

177) NULL pointer dereference

EUVDB-ID: #VU90529

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-36937

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the __xdp_do_redirect_frame(), EXPORT_SYMBOL_GPL(), xdp_do_generic_redirect_map() and xdp_do_generic_redirect() functions in net/core/filter.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

178) Double Free

EUVDB-ID: #VU90885

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-36940

CWE-ID: CWE-415 - Double Free

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a double free error within the pinctrl_enable() function in drivers/pinctrl/core.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

179) Information disclosure

EUVDB-ID: #VU91322

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-36945

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to information disclosure within the smc_ib_find_route() function in net/smc/smc_ib.c. A local user can gain access to sensitive information.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

180) Improper locking

EUVDB-ID: #VU93436

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-36949

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the kgd2kfd_suspend() and kgd2kfd_resume() functions in drivers/gpu/drm/amd/amdkfd/kfd_device.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

181) Out-of-bounds read

EUVDB-ID: #VU90819

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-36960

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the vmw_event_fence_action_create() function in drivers/gpu/drm/vmwgfx/vmwgfx_fence.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

182) Improper privilege management

EUVDB-ID: #VU93734

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-36964

CWE-ID: CWE-269 - Improper Privilege Management

Exploit availability: No

Description

The vulnerability allows a local user to read and manipulate data.

The vulnerability exists due to improperly imposed permissions within the p9mode2perm() function in fs/9p/vfs_inode.c. A local user can read and manipulate data.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

183) Buffer overflow

EUVDB-ID: #VU93307

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-36965

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to memory corruption within the scp_elf_read_ipi_buf_addr() and scp_ipi_init() functions in drivers/remoteproc/mtk_scp.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

184) Memory leak

EUVDB-ID: #VU91561

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-36967

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the tpm2_key_encode() function in security/keys/trusted-keys/trusted_tpm2.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

185) Division by zero

EUVDB-ID: #VU91563

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-36969

CWE-ID: CWE-369 - Divide By Zero

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a division by zero error within the setup_dsc_config() function in drivers/gpu/drm/amd/display/dc/dsc/dc_dsc.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

186) Use-after-free

EUVDB-ID: #VU91597

Risk: Critical

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Red]

CVE-ID: CVE-2024-36971

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the system.

The vulnerability exists due to a use-after-free error within the xfrm_link_failure() function in net/xfrm/xfrm_policy.c, within the dst_entry ip6_dst_check() and ip6_dst_check() functions in net/ipv6/route.c, within the dst_entry ipv4_dst_check() and ip_do_redirect() functions in net/ipv4/route.c. A remote attacker can send specially crafted packets to the system and execute arbitrary code.

Note, the vulnerability is being actively exploited in the wild.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

Yes. This vulnerability is being exploited in the wild.

187) Race condition

EUVDB-ID: #VU93374

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-36975

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a race condition within the tpm2_key_encode() function in security/keys/trusted-keys/trusted_tpm2.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

188) Out-of-bounds read

EUVDB-ID: #VU92332

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-36978

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the multiq_tune() function in net/sched/sch_multiq.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

189) NULL pointer dereference

EUVDB-ID: #VU93124

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-37021

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the ATTRIBUTE_GROUPS(), fpga_mgr_dev_match(), EXPORT_SYMBOL_GPL(), fpga_mgr_unlock(), fpga_mgr_register_full(), ERR_PTR(), fpga_mgr_register(), devm_fpga_mgr_unregister(), devm_fpga_mgr_register_full() and devm_fpga_mgr_register() functions in drivers/fpga/fpga-mgr.c, within the fpga_mgr_register() and fpga_mgr_register_full() functions in Documentation/driver-api/fpga/fpga-mgr.rst. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

190) Improper locking

EUVDB-ID: #VU93342

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-37078

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the nilfs_segctor_prepare_write() function in fs/nilfs2/segment.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

191) Race condition

EUVDB-ID: #VU93373

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-37354

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a race condition within the btrfs_log_prealloc_extents() function in fs/btrfs/tree-log.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

192) Use of uninitialized resource

EUVDB-ID: #VU93042

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-38381

CWE-ID: CWE-908 - Use of Uninitialized Resource

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to use of uninitialized resource within the nci_core_ntf_packet() and nci_rx_work() functions in net/nfc/nci/core.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

193) Memory leak

EUVDB-ID: #VU93018

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-38388

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the wmfw_convert_flags(), hda_cs_dsp_add_kcontrol(), hda_cs_dsp_control_add() and hda_cs_dsp_control_remove() functions in sound/pci/hda/hda_cs_dsp_ctl.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

194) NULL pointer dereference

EUVDB-ID: #VU93031

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-38390

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the a6xx_gpu_init() function in drivers/gpu/drm/msm/adreno/a6xx_gpu.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

195) Out-of-bounds read

EUVDB-ID: #VU92331

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-38540

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the bnxt_qplib_create_qp() function in drivers/infiniband/hw/bnxt_re/qplib_fp.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

196) Buffer overflow

EUVDB-ID: #VU92376

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-38541

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to memory corruption within the of_modalias() function in drivers/of/module.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

197) Buffer overflow

EUVDB-ID: #VU93344

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-38544

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the rxe_comp_queue_pkt() function in drivers/infiniband/sw/rxe/rxe_comp.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

198) Use-after-free

EUVDB-ID: #VU92306

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-38545

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the alloc_cqc(), free_cqc() and hns_roce_cq_event() functions in drivers/infiniband/hw/hns/hns_roce_cq.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

199) NULL pointer dereference

EUVDB-ID: #VU92351

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-38546

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the vc4_hdmi_audio_init() function in drivers/gpu/drm/vc4/vc4_hdmi.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

200) NULL pointer dereference

EUVDB-ID: #VU92350

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-38547

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the load_video_binaries() function in drivers/staging/media/atomisp/pci/sh_css.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

201) NULL pointer dereference

EUVDB-ID: #VU92349

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-38548

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the cdns_mhdp_atomic_enable() function in drivers/gpu/drm/bridge/cadence/cdns-mhdp8546-core.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

202) Resource management error

EUVDB-ID: #VU93390

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-38549

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the mtk_drm_gem_init() function in drivers/gpu/drm/mediatek/mtk_drm_gem.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

203) NULL pointer dereference

EUVDB-ID: #VU92348

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-38550

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the kirkwood_dma_hw_params() function in sound/soc/kirkwood/kirkwood-dma.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

204) Out-of-bounds read

EUVDB-ID: #VU92330

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-38552

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the cm_helper_translate_curve_to_hw_format() function in drivers/gpu/drm/amd/display/dc/dcn10/dcn10_cm_common.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

205) Improper locking

EUVDB-ID: #VU92369

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-38553

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the fec_set_mac_address() function in drivers/net/ethernet/freescale/fec_main.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

206) Use-after-free

EUVDB-ID: #VU92307

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-38555

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the cmd_comp_notifier() function in drivers/net/ethernet/mellanox/mlx5/core/cmd.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

207) Out-of-bounds read

EUVDB-ID: #VU92329

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-38556

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the cmd_work_handler(), wait_func() and mlx5_cmd_invoke() functions in drivers/net/ethernet/mellanox/mlx5/core/cmd.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

208) Improper locking

EUVDB-ID: #VU92368

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-38557

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the enable_mpesw() and mlx5_lag_add_devices() functions in drivers/net/ethernet/mellanox/mlx5/core/lag/mpesw.c, within the mlx5_disable_lag() and mlx5_do_bond() functions in drivers/net/ethernet/mellanox/mlx5/core/lag/lag.c, within the esw_offloads_cleanup(), mlx5_esw_offloads_rep_load(), esw_destroy_offloads_acl_tables() and mlx5_eswitch_reload_reps() functions in drivers/net/ethernet/mellanox/mlx5/core/eswitch_offloads.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

209) Out-of-bounds read

EUVDB-ID: #VU92328

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-38559

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the qedf_dbg_debug_cmd_write() function in drivers/scsi/qedf/qedf_debugfs.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

210) Out-of-bounds read

EUVDB-ID: #VU92327

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-38560

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the bfad_debugfs_write_regrd() and bfad_debugfs_write_regwr() functions in drivers/scsi/bfa/bfad_debugfs.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

211) Permissions, Privileges, and Access Controls

EUVDB-ID: #VU93849

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-38564

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a local user to bypass certain security restrictions.

The vulnerability exists due to improper checks within with bpf_prog_attach_check_attach_type() function in kernel/bpf/syscall.c. A local user can bypass certain security restrictions.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

212) Resource management error

EUVDB-ID: #VU93836

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-38565

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the ar5523_probe() function in drivers/net/wireless/ath/ar5523/ar5523.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

213) Input validation error

EUVDB-ID: #VU92370

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-38567

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the carl9170_usb_probe() function in drivers/net/wireless/ath/carl9170/usb.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

214) Out-of-bounds read

EUVDB-ID: #VU92325

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-38568

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the hns3_pmu_validate_event_group() function in drivers/perf/hisilicon/hns3_pmu.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

215) NULL pointer dereference

EUVDB-ID: #VU92346

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-38571

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the compute_intercept_slope() function in drivers/thermal/qcom/tsens.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

216) NULL pointer dereference

EUVDB-ID: #VU92345

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-38573

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the cppc_cpufreq_get_rate() and hisi_cppc_cpufreq_get_rate() functions in drivers/cpufreq/cppc_cpufreq.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

217) Out-of-bounds read

EUVDB-ID: #VU92322

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-38578

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the write_tag_66_packet() function in fs/ecryptfs/keystore.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

218) Buffer overflow

EUVDB-ID: #VU92953

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-38579

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the spu2_dump_omd() function in drivers/crypto/bcm/spu2.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

219) Improper locking

EUVDB-ID: #VU92367

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-38580

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the __ep_eventpoll_poll() function in fs/eventpoll.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

220) Use-after-free

EUVDB-ID: #VU92310

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-38581

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the amdgpu_mes_remove_ring() function in drivers/gpu/drm/amd/amdgpu/amdgpu_mes.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

221) Improper locking

EUVDB-ID: #VU92366

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-38582

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the nilfs_segctor_sync(), nilfs_segctor_wakeup(), nilfs_segctor_notify() and nilfs_segctor_destroy() functions in fs/nilfs2/segment.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

222) Use-after-free

EUVDB-ID: #VU92311

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-38583

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the nilfs_segctor_start_timer(), nilfs_construct_dsync_segment(), nilfs_segctor_notify(), nilfs_segctor_thread(), nilfs_segctor_new() and nilfs_segctor_destroy() functions in fs/nilfs2/segment.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

223) Out-of-bounds read

EUVDB-ID: #VU92321

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-38587

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the get_word() function in drivers/staging/speakup/main.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

224) Resource management error

EUVDB-ID: #VU93087

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-38590

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the get_cqe_status() function in drivers/infiniband/hw/hns/hns_roce_hw_v2.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

225) Improper locking

EUVDB-ID: #VU92364

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-38591

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the alloc_srqc() and free_srqc() functions in drivers/infiniband/hw/hns/hns_roce_srq.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

226) Improper locking

EUVDB-ID: #VU92363

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-38594

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the tc_taprio_configure() function in drivers/net/ethernet/stmicro/stmmac/stmmac_tc.c, within the stmmac_adjust_time() function in drivers/net/ethernet/stmicro/stmmac/stmmac_ptp.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

227) Improper locking

EUVDB-ID: #VU92361

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-38597

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the gem_interrupt() and gem_init_one() functions in drivers/net/ethernet/sun/sungem.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

228) Out-of-bounds read

EUVDB-ID: #VU92319

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-38599

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the do_jffs2_setxattr() function in fs/jffs2/xattr.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

229) Improper locking

EUVDB-ID: #VU92360

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-38600

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the snd_card_disconnect() function in sound/core/init.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

230) Infinite loop

EUVDB-ID: #VU93063

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-38601

CWE-ID: CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to infinite loop within the rb_check_list() and ring_buffer_resize() functions in kernel/trace/ring_buffer.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

231) Memory leak

EUVDB-ID: #VU92297

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-38603

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the hns3_pmu_irq_register() function in drivers/perf/hisilicon/hns3_pmu.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

232) NULL pointer dereference

EUVDB-ID: #VU93048

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-38605

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the snd_card_new() function in sound/core/init.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

233) NULL pointer dereference

EUVDB-ID: #VU92341

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-38608

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the mlx5e_resume(), _mlx5e_suspend(), mlx5e_suspend(), _mlx5e_probe() and _mlx5e_remove() functions in drivers/net/ethernet/mellanox/mlx5/core/en_main.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

234) Buffer overflow

EUVDB-ID: #VU93620

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-38616

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the carl9170_tx_release() function in drivers/net/wireless/ath/carl9170/tx.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

235) Input validation error

EUVDB-ID: #VU92371

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-38618

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the snd_timer_start1() function in sound/core/timer.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

236) Use of uninitialized resource

EUVDB-ID: #VU93082

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-38619

CWE-ID: CWE-908 - Use of Uninitialized Resource

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to use of uninitialized resource within the short_pack() and alauda_check_media() functions in drivers/usb/storage/alauda.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

237) Out-of-bounds read

EUVDB-ID: #VU93025

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-38621

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the stk1160_buffer_done() and stk1160_copy_video() functions in drivers/media/usb/stk1160/stk1160-video.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

238) Double free

EUVDB-ID: #VU93040

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-38627

CWE-ID: CWE-415 - Double Free

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a double free error within the stm_register_device() function in drivers/hwtracing/stm/core.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

239) Use-after-free

EUVDB-ID: #VU93021

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-38630

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the cpu5wdt_exit() function in drivers/watchdog/cpu5wdt.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

240) NULL pointer dereference

EUVDB-ID: #VU93032

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-38633

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the max3100_probe() and max3100_remove() functions in drivers/tty/serial/max3100.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

241) Improper locking

EUVDB-ID: #VU93038

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-38634

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the max3100_sr() and max3100_handlerx() functions in drivers/tty/serial/max3100.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

242) Out-of-bounds read

EUVDB-ID: #VU93027

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-38635

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the sdw_cdns_alloc_pdi() function in drivers/soundwire/cadence_master.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

243) Out-of-bounds read

EUVDB-ID: #VU93080

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-38659

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the enic_set_vf_port() function in drivers/net/ethernet/cisco/enic/enic_main.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

244) Improper locking

EUVDB-ID: #VU93333

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-38661

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the hex2bitmap() function in drivers/s390/crypto/ap_bus.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

245) Improper locking

EUVDB-ID: #VU93034

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-38780

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the sync_print_obj() function in drivers/dma-buf/sync_debug.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

246) Use of uninitialized resource

EUVDB-ID: #VU93337

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-39301

CWE-ID: CWE-908 - Use of Uninitialized Resource

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to use of uninitialized resource within the p9_fcall_init() function in net/9p/client.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

247) Improper locking

EUVDB-ID: #VU93335

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-39468

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the smb2_find_smb_tcon() function in fs/smb/client/smb2transport.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

248) Improper error handling

EUVDB-ID: #VU93336

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-39469

CWE-ID: CWE-388 - Error Handling

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the nilfs_empty_dir() function in fs/nilfs2/dir.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

249) Out-of-bounds read

EUVDB-ID: #VU93326

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-39471

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the sdma_v4_0_process_trap_irq() function in drivers/gpu/drm/amd/amdgpu/sdma_v4_0.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package the Linux Kernel to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

SUSE Real Time Module: 15-SP5

SUSE Linux Enterprise Live Patching: 15-SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP5

SUSE Linux Enterprise Server 15: SP5

SUSE Linux Enterprise Real Time 15: SP5

SUSE Linux Enterprise High Performance Computing 15: SP5

openSUSE Leap: 15.5

kernel-rt_debug: before 5.14.21-150500.13.61.1

kernel-rt: before 5.14.21-150500.13.61.1

gfs2-kmp-rt: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-devel: before 5.14.21-150500.13.61.1

kernel-rt-extra: before 5.14.21-150500.13.61.1

kernel-rt-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debuginfo: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-livepatch-devel: before 5.14.21-150500.13.61.1

kernel-rt_debug-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-debugsource: before 5.14.21-150500.13.61.1

kernel-rt-vdso-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-vdso: before 5.14.21-150500.13.61.1

kernel-rt-extra-debuginfo: before 5.14.21-150500.13.61.1

gfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-livepatch: before 5.14.21-150500.13.61.1

kselftests-kmp-rt: before 5.14.21-150500.13.61.1

ocfs2-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel: before 5.14.21-150500.13.61.1

kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource: before 1-150500.11.3.1

kernel-rt_debug-vdso-debuginfo: before 5.14.21-150500.13.61.1

reiserfs-kmp-rt: before 5.14.21-150500.13.61.1

kernel-rt-optional: before 5.14.21-150500.13.61.1

kernel-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt-optional-debuginfo: before 5.14.21-150500.13.61.1

dlm-kmp-rt: before 5.14.21-150500.13.61.1

dlm-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-syms-rt: before 5.14.21-150500.13.61.1

kernel-rt_debug-vdso: before 5.14.21-150500.13.61.1

kernel-rt-devel-debuginfo: before 5.14.21-150500.13.61.1

kernel-rt_debug-devel-debuginfo: before 5.14.21-150500.13.61.1

cluster-md-kmp-rt: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo: before 1-150500.11.3.1

reiserfs-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kselftests-kmp-rt-debuginfo: before 5.14.21-150500.13.61.1

kernel-livepatch-5_14_21-150500_13_61-rt: before 1-150500.11.3.1

kernel-source-rt: before 5.14.21-150500.13.61.1

kernel-devel-rt: before 5.14.21-150500.13.61.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242394-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###